NOTE: This implementation saves secrets to disk! It is not
secure.
The storage API allows the caller to atomically record the state
of the protocol. The user can retrieve this recorded state and
re-commence the protocol from that point. The state is recorded
using a hard coded key, causing it to overwrite the previously
recorded state. This limitation means that this recovery
mechanism should not be used in a program that simultaneously
manages the execution of multiple swaps.
An e2e test was added to show how to save, recover and resume
protocol execution. This logic could also be integrated into the
run_until functions to automate saving but was not included at
this stage as protocol execution is currently under development.
Serialisation and deserialisation was implemented on the states
to allow the to be stored using the database. Currently the
secret's are also being stored to disk but should be recovered
from a seed or wallets.
We model the getting of amounts as a network behaviour even though conceptually
it is a protocol. Refine/refactor the code a bit to make this more obvious.
- Use `Amounts` instead of `Messenger`
We only ever connect to a single peer, update peer tracker to reflect this. This
is a single patch because the handling of the two network behaviours is a
intertwined.
- Only track one peer connection
- Track the peer id and the multiaddr of the counterparty
- Emit an event for connection established on Alice's side as well as Bob's side
- Make it the same for Alice and Bob.
- Make it contain a wallet client instead of the `Monero` struct.
Also:
Remove `Container` from inside `Monero` struct. The caller of `new`
can simply ensure that `Container` is not dropped to keep the
container alive.
This makes the `Monero` struct easier to work with, as it just holds
the data necessary to create the different clients created during
`init`, and does not have any lifetime restrictions.
This does introduce the ability of expressing incorrect combinations
of the enums `SwapFailed` and `Reason`, but these are just internal
to this function and it's terser that way.
This does introduce the ability of expressing incorrect combinations
of the enums `SwapFailed` and `Reason`, but these are just internal
to this function and it's terser that way.
This helps distinguish between the case where the refund timelock is
reached before the bitcoin is locked and the case where the refund
timelock is reached after the bitcoin is locked and before Alice sends
over the transfer proof for locking up the monero. In the first case
we can abort without doing anything, but in the second case we must
instruct the caller to refund the bitcoin.
Add a binary crate `swap` that implements two nodes (Alice and Bob). With this
applied we can start up a node for each role and do:
- Bob: Requests current amounts using BTC is input
- Alice: Responds with amounts
- Bob: (mock) get user input to Ok the amounts
... continue with swap (TODO)
By having two modules that declare and use the `harness` module we ran
into a situation where not all parts of the `harness` module were
being used by both of these other test modules. This was producing
annoying warnings.
For now this can be solved by marking the `harness` module declaration
as public. This has no real effect since modules under `/tests` cannot
be depended on elsewhere, but it satisfies the compiler. It does mean
that we will not hear about unused functions, but this change should
be temporary and it's a very minor problem given that it's just test
code.
Instead of checking once to see if Monero's `TxLock` has been
published, the new trait should keep looking until the transaction has
been found.
The new trait also allows the caller to set an expected number of
confirmations on the transaction.
The implementation of the trait is currently part of test code, but it
should be similar to what we will eventually do for an application.