Uniswap on-chain liquidation

[liamzebedee]

This PR uses our deployed Uniswap to implement on-chain liquidation in attemptToLiquidateOnchain. Another breakaway from a monolithic PR, #160, this changeset is simpler and doesn't change any protocol/liquidation logic.

• adds Uniswap exchange stubs
• implements onchain liquidation functionality in attemptToLiquidateOnchain
• tests attemptToLiquidateOnchain
  • using a stub
  • using real Uniswap
• introduces Ganache snapshots to cleanly revert state between unit tests, without additional resetState stub methods

Refs #105

[liamzebedee]

Busy fixing tests

[gakonst]

Wouldn't it be better to call ERC20(_d.TBTCToken).balance(address(this)) instead of getLotSize? It can be the case that the Deposit receives TBTC during its lifetime.

[liamzebedee]

Fuaaa - @mhluongo what's our approach for dirty flows like this?

[liamzebedee]

@mhluongo bump on this protocol design question?

Do we design for unexpected behaviour (burn entire balance) or expected behaviour (ignore random tBTC and deal with protocol constants)?

[gakonst]

Shouldn't this be internal?

[liamzebedee]

Good catch!

[gakonst]

Shouldn't this be internal?

[gakonst]

Same as above, this should probably be the deposit's ERC20 balance instead of getLotSize, in case there's any leftovers (or maybe the lotSize changed somehow)

[gakonst]

Instead of returning bool, it could return how much ETH it sent to Uniswap and/or how much TBTC it got in return

[liamzebedee]

This is @prestwich's code not mine - but I believe the intention is to decide whether it was successful within this block. The naming (attempt) is supposed to signal that we're attempting to instantly liquidate the entire position (as opposed to the ongoing auction flow), and such the binary RV of successful attempt or failure. What do you think, should it be improved?

[pdyraga]

This is our code - we propose it in the PR, we review it, and we accept or reject it. We all need to understand what is it doing 😉

[mhluongo]

Strongly agree with @pdyraga, though I imagine the man himself will take a peek when it's a little later PT

[liamzebedee]

I need to learn not to be more attentive with words haha - I like how this is implemented for now. @gakonst could you elaborate on why returning the amount might be useful?

[liamzebedee]

@gakonst blocking, bump on this

[Shadowfiend]

Let’s not block on this, but capture it in a speculative issue and discuss/implement/close there.

[gakonst]

Given that all these transactions get executed together, the +1 shouldn't be required. Also might be good to add a comment so that a reader can understand the purpose of deadline in the context of uniswap (ie to ensure that the order does not get withheld by miners and submitted later)

[liamzebedee]

Yeah good explanation (frontrunning?).

[gakonst]

Do we want to use Uniswap only when we have enough funds to buy 1.0 TBTC? Can it be desirable that we buy some from Uniswap before slippage starts to become significant, and buy the rest of the TBTC via auction?

[mhluongo]

It's unclear what is a "good" price on Uniswap from our perspective, so this is a little tricky- can you propose pseudocode to make that decision?

[liamzebedee]

Bump @gakonst, would like to hear your answer to this 😄

[liamzebedee]

Bump above @gakonst

[Shadowfiend]

Let’s punt here as well. Either we can capture it as a checkbox on #105, or as a separate issue, but I don’t think it needs to block this PR.

[gakonst]

I find overloading requesterAddress == 0 to act as a flag to signal the burning of the TBTC to be slightly unclear (& potentially dangerous). Might be better to add a shouldLiquidate flag on the Deposit and prohibit requesterAddress from taking 'invalid' values.

[gakonst]

Will any auction related logic be here, or will it be implemented as separate functionality that checks the liduidationInitiated value?

[liamzebedee]

Yeah I believe it's used in auctionValue

[Shadowfiend]

Should we be emitting* some sort of event here to indicate that we are initiating an auction? Doesn’t feel necessary for this PR, but asking while I’m looking at it.

[gakonst]

Are these used anywhere in the test?

[gakonst]

Suggested change

	require(msg.value == ethPrice, "incorrect eth sent");
	require(msg.value == ethPrice, "incorrect eth sent");

[gakonst]

indentation

[nkuba]

@liamzebedee can we update this branch with the latest changes from master?

[pdyraga]

What's happening here?

[liamzebedee]

It's an additional test from the previous iteration of this PR. Turns out I had blended in unit with integration tests, so moving it out into this file where it belongs

[liamzebedee]

@pdyraga @nkuba ready for another pass!

[pdyraga]

Is it the last piece we need or do we expect more Uniswap PRs?

[Shadowfiend]

What is this file? Looks like it stumbled in during a merge…

[liamzebedee]

Oops! Been fiddling with more Git branches than usual today.

[liamzebedee]

Hey @Shadowfiend - was that the entire review?

[Shadowfiend]

No, but don't let that stop you from fixing this issue while I get the time to do the deeper review 😉

Since I'm not fully up on the system design context involving Uniswap here this'll probably take me a touch longer than a normal review. Easiest way to make sure that goes smoothly would be to make sure your PR or referenced issue description clearly lays out the goal, design, etc. Sloan's PRs (e. and g.*) are a solid standard in that department. When I looked through the issue it seemed like a lot of discussion happened but the action plan wasn't clear.

Either way, I'll be circling back Monday with more.

[liamzebedee]

Okay, done my best to do a writeup in the way of Sloan, explaining the context, important touch points and some design tradeoffs. Also touched up the PR description with some more details. Let's get this delivered as smoothly as possible 💯!

[Shadowfiend]

Did a first pass that included everything except the testS. Shooting this out now so you can start having a look at it, but I’ll be continuing to dig in on the testing site as well. Generally looks good, most of the comments are either cosmetic, grammatical, or designated for future work. I also went ahead and called out a couple of things that were presented as blocking that I think we can punt to future work.

[Shadowfiend]

Not sure I understand this commit: 0bceca0

We don’t seem to change redemptionTBTCAmount despite saying we do, and it’s not clear why we switched from lot sizes to the redemption amount* (though it seems like the* obviously right choice). Why was it different before?

[liamzebedee]

We do change it on this line, removing signerFee?

0bceca0#diff-eb5ee13eadec1a8b974e3eba934eb2d7L293

And I don't know why it was different before 🤷‍♂

[Shadowfiend]

Hah, whoops. Thought it was a property rather than a method and thus missed the actual change 🤦‍♂️

Usually a good idea to double-check the whys on stuff like this (and then capture it in the commit)---it's a good opportunity to let the original author also be aware of the update, and make sure there isn't some missed understanding that led to the original implementation. Again, not trying to block this PR/not extra-worried here, but flagging it for the future.

[Shadowfiend]

Let’s not block on this, but capture it in a speculative issue and discuss/implement/close there.

[Shadowfiend]

Not sure if we’ve made a habit of this, but if so it’s time to break it: let’s use full words, not single letters, for our variable names.

[Shadowfiend]

Periods are good on sentences 😉

[Shadowfiend]

Otherwise go*

[Shadowfiend]

Should we be emitting* some sort of event here to indicate that we are initiating an auction? Doesn’t feel necessary for this PR, but asking while I’m looking at it.

[Shadowfiend]

Not for this PR, but it would make a lot of sense and read more naturally for these functions to start with “is“ rather than “in“.

[liamzebedee]

This is referring to being "in" a state of the state machine as described in the whitepaper.

[Shadowfiend]

Yeah, I get that for sure. in<State>State/inState<State> is one common way to express this, is<State> is another (with appropriate naming of the states). in<State> is a not-particularly-clear mishmash of the two, since “in” can just as easily mean “inside of” and there's no additional disambiguation.

It's one of those things that's very easy for someone who's in the code to adapt to, but makes it harder for someone who isn't in the code frequently to grok. The less hard it can be, the better overall, especially if it doesn't make it particularly harder for the day-to-day developers.

[liamzebedee]

Yeah that's a good explanation of it. Notably, I just found we do adopt this pattern in the Deposit codebase, eg. inRedeemableState.

[Shadowfiend]

😬

Obviously I lean hard towards is<State> as a pattern, but I ain't lookin' to die on that hill. Mostly, consistency is key.

And either way, we can handle it in a follow-up.

[Shadowfiend]

It would be useful for these docs to describe the differences between signer abort and fraud liquidation, in particular with regards to who gets any remaining balance and why.

[Shadowfiend]

Commits really need to start including reasoning (not links to reasoning, mind you, but distilled summaries of reasoning for the change).

[liamzebedee]

Good point - am getting better at this

[Shadowfiend]

No worries---we're inconsistent across the team on this front, and I usually call it out when I go to a commit to figure out why a change happened and… Can't 😁

[Shadowfiend]

Redundant with? In general it’s best to capture todos like this one in your personal task list or in an issue, depending on whether you are intending on tackling it yourself in the very near future.

[liamzebedee]

Agreed, will remove.

[Shadowfiend]

Ok, went through tests and left a bunch of additional thoughts.

One big theme: there are comments that aren't adding much over what the code already says. Let's avoid those, as they tend to become outdated and then give mixed signals.

Also on the comment front, if you've got comments on their own line, aim to make them complete, grammatically correct sentences. Only if they're at the end of a line for some very short clarification should they be fragments. This tends to track with longer comments wanting more space and needing more to be more clear in the future.

[Shadowfiend]

Did this become necessary due to code from elsewhere?

[Shadowfiend]

Given that this file strictly exports a single class, it feels right for the filename to match the class name.

On the other hand, I wonder if we need to encapsulate this in a class, vs passing the instance to the helpers directly. Slightly more typing, but it could also be clearer what you're doing at the call site, and make scenarios where you want to test against different TBTC instances (for example, to group tests for certain behaviors across different TBTC states together) more straightforward.

Don't think we need to move on the class encapsulation in this PR, but I do think we should make sure the filename is aligned properly with the current usage.

[liamzebedee]

make scenarios where you want to test against different TBTC instances (for example, to group tests for certain behaviors across different TBTC states together) more straightforward

Could you elaborate a little bit more on this? I'm trying to imagine a scenario when we would have multiple instances of TBTC that are are testing in unison.

[Shadowfiend]

Reconsidering this, I think my real issue here is that it feels like we're using a class to approximate partial application, which we can do instead with Function.bind. There is nothing relating these helpers other than that they happen to both depend on a tbtcInstance.

To address your question directly though, I think any situation where we might run multiple tests in parallel against the tBTC system that expect different system states could use multiple instances.

[Shadowfiend]

Given this is an async function, this feels like it could just be:

return await web3.currentProvider.send(...)

No? Or if we're want result.result, we can just do:

export ... {
  const result = await web3.currentProvider.send...

  return result.result
}

The await will throw if there's an error in the send call, but that will be wrapped in a failed Promise by the function's async designation.

[liamzebedee]

Ah if it is, then much obliged. 😄 Truffle Web3 has changed over the course of my using it - I'll go ahead and try testing with the newer syntax.

[Shadowfiend]

Just for completeness, async/await isn't Web3 but rather ECMAScript/JavaScript syntax. This particular aspect of async/await isn't immediately obvious, and is complicated further by the fact that a Promise return of an async function behaves the same as a non-Promise return for the caller.

It's great 😒

[liamzebedee]

Wait till you see PromiEventEmitter's - event emitters that are also promises.

[liamzebedee]

I tried it but it appears .send doesn't return a promise. Given that we've pinned Truffle in our config, how about we leave it for now.

[Shadowfiend]

Got it! Yep, I'm down. I won't block this PR, but it would be nice to drop a quick note in the file to indicate that our current version of Truffle doesn't return proper Promise objects and that's why we're jumping through hoops.

[Shadowfiend]

Same note as above about the Promise indirection.

[Shadowfiend]

Most of this comment feels like a restatement of the test description, which I don't love. Not really for this PR, and didn't get introduced here, but wanted to call it out.

[Shadowfiend]

“some ETH”. Also don't forget your 80-character wrap!

[Shadowfiend]

Previous run of what?

[liamzebedee]

From a previous run of Uniswap, supplied with the same liquidity.

Would that extra note be good?

[Shadowfiend]

This feels like we're testing Uniswap's behavior rather than our own, no?

[liamzebedee]

True, we can remove this portion.

[Shadowfiend]

Is this a constant that exists inside Uniswap? Is it exported in some way we can see, or alternatively is there something we can reference that indicates this minimum?

[liamzebedee]

We can reference the exact line of code. The constant wasn't documented anywhere, I discovered it myself through running up against the "revert" brick wall and reading the code.

[liamzebedee]

Here it is - https://github.com/Uniswap/contracts-vyper/blob/master/contracts/uniswap_exchange.vy#L65

Good idea, I'll add it in.

[Shadowfiend]

I discovered it myself through running up against the "revert" brick wall and reading the code.

[Shadowfiend]

… Is there any chance we could work with them to expose this as a constant? Obviously we'd pursue that independent of this PR.

[Shadowfiend]

Don't really need this line.

[Shadowfiend]

Oh, also… Most of my remarks don't need to be handled in this PR, but can go into follow-up work. The key ones I think we should deal with (either by discussing or by making the changes) right now, in addition to remaining bits from the previous review, are:

• File naming tweak.
• async refactor.
• Variable name questions.
• Question regarding liquidation flow tests.
• Attempt to tie external constant to our stuff more clearly.

[liamzebedee]

@Shadowfiend cleaned up, tests passing, ready for another review.

[Shadowfiend]

All righty, let's rock and roll.

[Shadowfiend]

One thing remains here: let's do a final pass through comments and make sure everything that needs follow-up is captured in an issue or a personal todo for the next PR. In particular, we need issues for any remaining protocol questions. @liamzebedee can you take a pass on Monday?

Almost made it to two months, but we finally wrangled it down 😉