Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ampd): add Stacks handlers with verify logic for contract deployments #728

Open
wants to merge 30 commits into
base: main
Choose a base branch
from

Conversation

raress96
Copy link
Contributor

Description

Besides the normal stacks_verify_msg and stacks_verify_verifier_set handlers, we needed to add custom logic for Stacks in order to support verifying contract deployments

On Stacks, a smart contract can NOT deploy another smart contract, only EOA can deploy contracts. Stacks also doesn't have native assets, each token needs to be a smart contract. For security reasons, the Relayer will need to deploy the code for some ITS specific contracts, and the Axelar Validators will be used to verify the contract code. This code verification is generic, and can be used by any contract on Stacks.

  • because the ITS contract needs to deploy NativeInterchainToken & Token Manager contracts, we need an untrusted 3rd party (eg: the Relayer or any other user account) that deploys the contracts first
  • then we need a way to verify that the deployed contracts are actually correct
  • we use the Axelar Network in order to verify that the deployed contracts have the correct code (on Stacks the code is interpreted and stored on chain), by first deploying reference contract implementations that Axelar Validators support Stacks need to add in their config
  • this flow is only triggered in the case of a cross chain call from Stacks -> Stacks and from a contract to itself
    • in this case, we if in the payload we find a tuple verify-contract with the fields reference-address & contract-address
    • only in this case we run the additional contract verification logic, which takes the code deployed at the reference-address and compares it to the cod at contract-address
    • only in this case, only if the two codes are exactly the same, the message is verified
  • Axelar Network validators ONLY verify that the deployed contract code is correct and hasn't been modified at all. The Stacks ITS contract will further call the contract(s) and check if they have the required data stored (correct name/symbol/decimals, correct operator/minter etc)

feat(ampd): custom ITS logic for Stacks
… contract deployment by any contract on Stacks.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant