chainflip-io · dandanlen · Oct 24, 2024 · Oct 1, 2024 · Oct 2, 2024 · Oct 2, 2024
@@ -168,6 +168,7 @@ pub mod tests {
 		address: ScriptPubkey,
 	) -> DepositChannelDetails<state_chain_runtime::Runtime, BitcoinInstance> {
 		DepositChannelDetails::<_, BitcoinInstance> {
+			owner: AccountId32::new([0xab; 32]),
 			opened_at: 1,
 			expires_at: 10,
 			deposit_channel: DepositChannel {

@@ -61,6 +61,7 @@ mod benchmarks {
 		DepositChannelLookup::<T, I>::insert(
 			&deposit_address,
 			DepositChannelDetails {
+				owner: account("doogle", 0, 0),
 				opened_at: block_number,
 				expires_at: block_number,
 				deposit_channel:
@@ -102,6 +103,7 @@ mod benchmarks {
 			let block_number = TargetChainBlockNumber::<T, I>::benchmark_value();
 			let mut channel =
 				DepositChannelDetails::<T, I> {
+					owner: account("doogle", 0, 0),
 					opened_at: block_number,
 					expires_at: block_number,
 					deposit_channel: DepositChannel::generate_new::<

@@ -32,16 +32,17 @@ use cf_chains::{
 	SwapOrigin, TransferAssetParams,
 };
 use cf_primitives::{
-	Asset, AssetAmount, BasisPoints, Beneficiaries, BoostPoolTier, BroadcastId, ChannelId,
-	DcaParameters, EgressCounter, EgressId, EpochIndex, ForeignChain, PrewitnessedDepositId,
-	SwapRequestId, ThresholdSignatureRequestId, TransactionHash, SWAP_DELAY_BLOCKS,
+	AccountRole, Asset, AssetAmount, BasisPoints, Beneficiaries, BoostPoolTier, BroadcastId,
+	ChannelId, DcaParameters, EgressCounter, EgressId, EpochIndex, ForeignChain,
+	PrewitnessedDepositId, SwapRequestId, ThresholdSignatureRequestId, TransactionHash,
+	SWAP_DELAY_BLOCKS,
 };
 use cf_runtime_utilities::log_or_panic;
 use cf_traits::{
 	impl_pallet_safe_mode, AccountRoleRegistry, AdjustedFeeEstimationApi, AssetConverter,
 	AssetWithholding, BalanceApi, BoostApi, Broadcaster, Chainflip, DepositApi, EgressApi,
 	EpochInfo, FeePayment, FetchesTransfersLimitProvider, GetBlockHeight, IngressEgressFeeApi,
-	IngressSink, IngressSource, NetworkEnvironmentProvider, OnDeposit, PoolApi,
+	IngressSink, IngressSource, LpRegistration, NetworkEnvironmentProvider, OnDeposit, PoolApi,
 	ScheduledEgressDetails, SwapLimitsProvider, SwapRequestHandler, SwapRequestType,
 };
 use frame_support::{
@@ -122,6 +123,15 @@ pub enum DepositIgnoredReason {
 	NotEnoughToPayFees,
 }
 
+/// Holds information about a tainted transaction.
+#[derive(RuntimeDebug, Eq, PartialEq, Clone, Encode, Decode, TypeInfo)]
+pub struct TaintedTransactionDetails<AccountId> {
+	/// The broker that created the tainted transaction.
+	pub broker: AccountId,
+	/// The address we use for refunding.
+	pub refund_address: Option<ForeignChainAddress>,
+}
+
 /// Cross-chain messaging requests.
 #[derive(RuntimeDebug, Eq, PartialEq, Clone, Encode, Decode, TypeInfo, MaxEncodedLen)]
 pub(crate) struct CrossChainMessage<C: Chain> {
@@ -252,14 +262,15 @@ pub mod pallet {
 	#[derive(CloneNoBound, RuntimeDebug, PartialEq, Eq, Encode, Decode, TypeInfo)]
 	#[scale_info(skip_type_params(T, I))]
 	pub struct DepositChannelDetails<T: Config<I>, I: 'static> {
+		/// The owner of the deposit channel.
+		pub owner: T::AccountId,
 		pub deposit_channel: DepositChannel<T::TargetChain>,
 		/// The block number at which the deposit channel was opened, expressed as a block number
 		/// on the external Chain.
 		pub opened_at: TargetChainBlockNumber<T, I>,
 		/// The last block on the target chain that the witnessing will witness it in. If funds are
 		/// sent after this block, they will not be witnessed.
 		pub expires_at: TargetChainBlockNumber<T, I>,
-
 		/// The action to be taken when the DepositChannel is deposited to.
 		pub action: ChannelAction<T::AccountId>,
 		/// The boost fee
@@ -420,6 +431,9 @@ pub mod pallet {
 
 		/// For checking if the CCM message passed in is valid.
 		type CcmValidityChecker: CcmValidityCheck;
+
+		/// For accessing the LP refund address.
+		type LpRefundAddress: LpRegistration<AccountId = Self::AccountId>;
 	}
 
 	/// Lookup table for addresses to corresponding deposit channels.
@@ -524,6 +538,16 @@ pub mod pallet {
 	pub type PrewitnessedDepositIdCounter<T: Config<I>, I: 'static = ()> =
 		StorageValue<_, PrewitnessedDepositId, ValueQuery>;
 
+	/// Stores the details of tainted transactions against the deposit details.
+	#[pallet::storage]
+	pub type TaintedTransactions<T: Config<I>, I: 'static = ()> = StorageMap<
+		_,
+		Twox64Concat,
-		Twox64Concat,
+		Blake2_128Concat,
-		Twox64Concat,
+		Blake2_128Concat,
+		<T::TargetChain as Chain>::DepositDetails,
+		TaintedTransactionDetails<T::AccountId>,
+		OptionQuery,
+	>;
+
 	#[pallet::event]
 	#[pallet::generate_deposit(pub(super) fn deposit_event)]
 	pub enum Event<T: Config<I>, I: 'static = ()> {
@@ -701,6 +725,14 @@ pub mod pallet {
 		InvalidDcaParameters,
 		/// CCM parameters from a contract swap failed validity check.
 		InvalidCcm,
+		/// The deposit channel does not exist.
+		DepositChannelDoesNotExist,
+		/// Unauthorized call
+		Unauthorized,
+		/// The deposit channel has been tainted and is no longer usable.
+		DepositChannelTainted,
+		/// Transaction tainted
+		TransactionTainted,
 	}
 
 	#[pallet::hooks]
@@ -1212,6 +1244,26 @@ pub mod pallet {
 
 			Ok(())
 		}
+
+		#[pallet::call_index(12)]
+		#[pallet::weight(10_000)]
+		pub fn mark_transaction_as_tainted(
+			origin: OriginFor<T>,
+			tx_id: <T::TargetChain as Chain>::DepositDetails,
+		) -> DispatchResult {
+			let account_id = ensure_signed(origin)?;
+			let is_broker =
+				T::AccountRoleRegistry::has_account_role(&account_id, AccountRole::Broker);
+			let is_lp = T::AccountRoleRegistry::has_account_role(
+				&account_id,
+				AccountRole::LiquidityProvider,
+			);
+			ensure!(is_broker || is_lp, Error::<T, I>::Unauthorized);
+			let tainted_transaction =
+				TaintedTransactionDetails { broker: account_id, refund_address: None };
+			TaintedTransactions::<T, I>::insert(tx_id, tainted_transaction);
+			Ok(())
+		}
 	}
 }
 
@@ -1764,6 +1816,38 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
 		Ok(action)
 	}
 
+	/// Checks if the transaction is tainted and returns the refund details if it is.
+	fn check_if_tx_is_tainted(
+		maybe_tainted_transaction: Option<TaintedTransactionDetails<T::AccountId>>,
+		deposit_channel_details: &DepositChannelDetails<T, I>,
+	) -> Result<(), TaintedTransactionDetails<T::AccountId>> {
+		if let Some(tainted_transaction) = maybe_tainted_transaction {
+			if tainted_transaction.broker == deposit_channel_details.owner {
+				let maybe_refund_address = match &deposit_channel_details.action {
+					ChannelAction::Swap { refund_params, .. } => refund_params
+						.as_ref()
+						.map(|refund_params| refund_params.refund_address.clone()),
+					ChannelAction::CcmTransfer { refund_params, .. } => refund_params
+						.as_ref()
+						.map(|refund_params| refund_params.refund_address.clone()),
+					ChannelAction::LiquidityProvision { .. } =>
+						T::LpRefundAddress::get_liquidity_refund_address(
+							&deposit_channel_details.owner,
+							deposit_channel_details.deposit_channel.asset.into(),
+						),
+				};
+				Err(TaintedTransactionDetails {
+					broker: tainted_transaction.broker,
+					refund_address: maybe_refund_address,
+				})
+			} else {
+				Ok(())
+			}
+		} else {
+			Ok(())
+		}
+	}
+
 	/// Completes a single deposit request.
 	#[transactional]
 	fn process_single_deposit(
@@ -1776,8 +1860,21 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
 		let deposit_channel_details = DepositChannelLookup::<T, I>::get(&deposit_address)
 			.ok_or(Error::<T, I>::InvalidDepositAddress)?;
 
+		ensure!(
+			deposit_channel_details.deposit_channel.asset == asset,
+			Error::<T, I>::AssetMismatch
+		);
+
 		let channel_id = deposit_channel_details.deposit_channel.channel_id;
 
+		if let Err(tainted_transaction_details) = Self::check_if_tx_is_tainted(
+			TaintedTransactions::<T, I>::take(&deposit_details),
+			&deposit_channel_details,
+		) {
+			TaintedTransactions::<T, I>::insert(deposit_details, tainted_transaction_details);
+			return Err(Error::<T, I>::TransactionTainted.into())
+		}
+
 		if DepositChannelPool::<T, I>::get(channel_id).is_some() {
 			log_or_panic!(
 				"Deposit channel {} should not be in the recycled address pool if it's active",
@@ -1787,11 +1884,6 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
 			return Err(Error::<T, I>::InvalidDepositAddress.into())
 		}
 
-		ensure!(
-			deposit_channel_details.deposit_channel.asset == asset,
-			Error::<T, I>::AssetMismatch
-		);
-
 		// TODO: only apply this check if the deposit hasn't been boosted
 		// already (in case MinimumDeposit increases after some small deposit
 		// is boosted)?
@@ -2016,6 +2108,7 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
 		DepositChannelLookup::<T, I>::insert(
 			&deposit_address,
 			DepositChannelDetails {
+				owner: requester.clone(),
 				deposit_channel,
 				opened_at: current_height,
 				expires_at: expiry_height,

@@ -16,7 +16,7 @@ use cf_traits::{
 		api_call::{MockBitcoinApiCall, MockBtcEnvironment},
 		asset_converter::MockAssetConverter,
 		asset_withholding::MockAssetWithholding,
-		balance_api::MockBalance,
+		balance_api::{MockBalance, MockLpRegistration},
 		broadcaster::MockBroadcaster,
 		chain_tracking::ChainTracker,
 		fee_payment::MockFeePayment,
@@ -130,6 +130,7 @@ impl pallet_cf_ingress_egress::Config for Test {
 	type SafeMode = MockRuntimeSafeMode;
 	type SwapLimitsProvider = MockSwapLimitsProvider;
 	type CcmValidityChecker = cf_chains::ccm_checker::CcmValidityChecker;
+	type LpRefundAddress = MockLpRegistration;
 }
 
 impl_test_helpers! {

@@ -20,7 +20,7 @@ use cf_traits::{
 		api_call::{MockEthereumApiCall, MockEvmEnvironment},
 		asset_converter::MockAssetConverter,
 		asset_withholding::MockAssetWithholding,
-		balance_api::MockBalance,
+		balance_api::{MockBalance, MockLpRegistration},
 		broadcaster::MockBroadcaster,
 		chain_tracking::ChainTracker,
 		fee_payment::MockFeePayment,
@@ -136,6 +136,7 @@ impl crate::Config for Test {
 	type SafeMode = MockRuntimeSafeMode;
 	type SwapLimitsProvider = MockSwapLimitsProvider;
 	type CcmValidityChecker = cf_chains::ccm_checker::CcmValidityChecker;
+	type LpRefundAddress = MockLpRegistration;
 }
 
 pub const ALICE: <Test as frame_system::Config>::AccountId = 123u64;