Implement on-chain liquidation #105
Comments
|
Use this to make sure a TBTC exchange exists: |
|
Open question - how are we going to handle external dependencies like this locally and on our internal testnet? cc @NicholasDotSol @ngrinkevich @sthompson22 |
|
I think with |
|
ah sorry no that package is something else, having a closer look now ... |
|
so it's just two smart contract interface files that we would import into our contracts, I guess we can wrap it into a npm package |
|
But we won't have Uniswap running on our testnet, so I'm not sure how we'll test on-chain liquidation? It seems like we need to deploy versions or stubs of external contract we plan to rely on |
|
I agree, not sure how we get around deploying dependencies like this locally |
|
There an older issue on deploying uniswap for testing |
|
I would recommend a stub that implements the interface and has configurable behavior. I already wrote a few of these for other contracts for existing tests |
|
@prestwich Don't both share the issue of not very realistic tests? I'm assuming that with a deployed version there is the option of creating TXs to mimic market activity |
|
Definitely the way we work outside |
mhluongo
changed the title
the goal of the tests is to unittest the contract's behavior, not to integration test or e2e test. When it comes to outside interactions, realism is a downside. We need predictability so that we can test each code path I'm not sure what we actually gain by using real code for any outside contract in tests |
👍
We are interested in full integration tests, just not right now (#129) |
makes sense. can work with an interface stub for now for easier testing, and thank you @prestwich :) As a side note for e2e testing: |
|
We're assuming immediate liquidation through the uniswap exchange - is the auction out-of-scope for this issue? |
|
You've got it, the auction is a separate piece of work. If Uniswap doesn't allow full liquidation, revert. We'll replace that case with the in-system auction. |
|
don't revert if uniswap doesn't allow it. I'm pretty sure uniswap has a
pre-flight function, so just return false if uniswap doesn't have liquidity
at the right price
…On Sun, Jun 9, 2019, 13:21 Matt Luongo ***@***.***> wrote:
You've got it, the auction is a separate piece of work. If Uniswap doesn't
allow full liquidation, revert. We'll replace that case with the in-system
auction.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#105?email_source=notifications&email_token=ACNN4MLJBCEYWBR4HPSBSPDPZVQ4DA5CNFSM4HIZOUO2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODXIRNHI#issuecomment-500242077>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ACNN4MMNHJV3WZGBN4VUGT3PZVQ4DANCNFSM4HIZOUOQ>
.
|
|
It's a TODO 🤷♂️ |
|
Uniswap is up-and-running, just did a trade TBTC<->ETH. There's an e2e Truffle test, as well as a whole lot of notes on the fine details of Uniswap (not a lot of docs there mates 😉!). To clarify, do we want to just liquidate the entire lot of TBTC? Just thinking about the invariant and how the price will scale for different size liquidation events. |
|
We want to buy up the full amount of TBTC to be burnt - so we're liquidating as much of the signer bond as is necessary for that to happen |
|
for more context, check out the way `startSignerLiquidation` is implemented
(and `startSignerFraudLiquidation`). They call `attemptToLiquidateOnchain`,
and then take action based on the result. If uniswap has sufficient
liquidity, everything closes out, if not, we start the auction process
happy to walk through this on a call sometime if it's helpful
…On Tue, Jun 11, 2019, 12:40 Matt Luongo ***@***.***> wrote:
We want to buy up the full amount of TBTC to be burnt - so we're
liquidating as much of the signer bond as is necessary for that to happen
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#105?email_source=notifications&email_token=ACNN4MOUDLIPAD2ALHWRTQTPZ75TJA5CNFSM4HIZOUO2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODXOI2JY#issuecomment-500993319>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ACNN4MP4WVL7JJ7KLMLKRP3PZ75TJANCNFSM4HIZOUOQ>
.
|
But we have such beautiful docs!
|
|
@liamzebedee remember that some of the TBTC minted goes back to the |
Actually maybe I spoke to soon here. Our docs say:
What's our approach? |
that section of the docs is describing what to do with excess ETH after liquidating. It's handled in the Whether fraud or abort, if we came from redemption the redeemer has already burnt 1 TBTC. So there should be code that ensures they receive 1 TBTC (or >1 TBTC in some mix of TBTC and ETH). Come to think of it, we should make |
Can't see anything in
Sounds about right. Is this our preferred UX @mhluongo ? We'll need to retry in the dapp (can't remember, who is on this?)
💯 Currently have something like so: uint ethSold = address(this).balance;
uint ONE_TBTC = (10 ** 8);
uint MIN_TBTC_BOUGHT = ONE_TBTC * 500 / 1000;
uint tbtcBought = exchange.getEthToTokenInputPrice(ethSold);
if(tbtcBought < MIN_TBTC_BOUGHT) {
return false; // TODO go to auction
}Defensive programming but we shouldn't always assume the Uniswap pool is the best option for money? |
yeah, I think it got left out of implementation as it hasn't been parameterized at all. @mhluongo did we ever decide whether this should be in ETH or just in governance token?
The more I think about it, the more I think we should return TBTC. Which is to say, as implemented now, the requestor will get either BTC or ETH in the failure case. It might be better if the requestor got either BTC or TBTC back. Getting TBTC back seems better for the vast majority of users |
|
I agree with returning tBTC. Fraud/abort we are striving against, but in the case it does happen, we are feeding this signal back into the TBTC price through having to liquidate and buyback TBTC to refund. Escrowing it would complicate, and since the user is specifically requesting for BTC, why give them ETH. |
|
There's a full test passing for
Haven't implemented the abort flow yet. |
FWIW I'm in the "never burn what you don't need to" design camp- that could be profit for a maintainer, or hell it could go to a dev fee. |
|
Haha definitely, here to build bridges not burn 'em. We're liquidating a bond of |
Is it? If the price falls fast enough it'll be 0% 😃 After buying back TBTC a fixed portion should go to the maintainer. After that, return the rest to the signers. We don't give signers a straightforward way to "maintain their account" so punishing them by yanking excess bond is unreasonable. |
|
Truuee. 🤠 But let's refund the beneficiary first and foremost? Then the requestor/redeemer, then maintainer, then signer if it's not fraud. |
|
Heh sorry, didn't mean to forgot the beneficiary We need to get this piece heavily documented as well- I want to make sure all participants know the failure case behavior. |
|
Remaining estimate: 3 days |
|
@liamzebedee regarding testing, it seems like the higher level testing flows are best managed as a separate issue; how do we feel about testing around on-chain liquidation in particular? Is #265 meant to sufficiently cover that piece? |
Introduction
Liquidation is important to maintain the supply peg of TBTC. We currently have this contained in
DepositLiquidation, where there are two mechanisms: auction and onchain liquidation. The onchain route is currently unimplemented inattemptToLiquidateOnchain, intended for instant liquidation of the signer bonds for TBTC.Uniswap is an on-chain decentralized exchange which provides such 'instant liquidity' (for a price). It uses a constant product invariant as a pricing formula - we can preflight the purchase with this check to see if the ETH can buy enough tokens.
Implementation
This should be a fairly straightforward function calling Uniswap. It will require Uniswap's address and interface. https://docs.uniswap.io/smart-contract-integration/interface - note we have Uniswap deployed in #263.
--
Implementor: @liamzebedee
Feature buddy:
@mhluongo, @gakonst , @nkuba, @pdyraga@ShadowfiendThe text was updated successfully, but these errors were encountered: