The state channel and smart contracts and tokens


#1

We know that smart contracts can be executed in state channel.
But if one close the state channel maliciously, what will happen to the smart contracts in the state channel.
Will the smart contracts still be executed?

Another question :
Is the mainnet launch with the function of creating Tokens based on AE?


#2

The idea is to allow “forced progress”, where a participant can solo-close or slash with a mutually signed state + a valid contract execution step, given the contracts and states available.

So e.g. assuming that Alice and Bob are playing chess, and Bob decides to bail out of the game just before Alice is to play the winning move, Alice can still force the winning move on the chain. Presumably, the contract makes sure that it’s Alice’s turn, etc., barring Bob from forcing an execution step that makes him the winner.

This is work in progress at the moment.


#3

OK!
I got it!
Thank you very much!
Hope everything works fine!


#4

my questions about that topic:

  • smart contracts will be created and maintained within channels right?
    (or can already on mainnet deployed smart contracts be used within channels?)

  • I assume that there is a standardized way to open and close state channels and within those channels both parties can create their own business logic in form of smart contracts. so when closing and re-opening a state-channel and wanting to perform the same business logic as before I would need to again make the smart contract available within the channel, right?

    • probably I do not really understand how this should / would actually work
  • according to my assumption that you use a standardized way to open / close channels it won’t be possible to send specific tokens (created through smart contracts on-chain) into the state channel and run business logic using them or am I false?

  • is there a way to use oracles within state channels? I guess no because oracle providers probably shouldn’t know about any details of the business logic between the two parties, right? whats your opinion about that?


#5

Hey @marc0olo,

Thank you for your question, we’ve forwarded it to our dev team.

Regards,
Albena


#6

Hi @marc0olo,
I will address your questions in their order of being asked.

Yes. We can have both on-chain and off-chain contracts. The later are created and maintained in a channel. Yes, this will be done for mainnet. You can actually try them out in the testnet - with some small details - contracts in channels are already working.

There are quite a few different mechanincs at play here: you can open and close a channel. This includes on-chain transactions. You can also disconnect from the other party and reconnect again once you want to work with it again. This does not require any on-chain transactions.
Main difference is when you start a brand new channel, it is with an empty state - basically just the two participants’ accounts with their balances. If you disconnect and later on reconnect - you continue from the last state you both shared. You can use the different mechanics for different use cases.

As you put the question - no, you will not be able to. Contract’s state is sandboxed and contained in the contract itself.
On the other hand - we are building nativie tokens. Those will be quite different from contract’s state one - you could pay your transaction fees, oracle fees and etc. with them. That is if the miner/oracle operator agrees using those as a valid payment method. You can surely transfer those to a state channel and use them to inside contracts there. This is to be implemented post mainnet.

It should really depend on the use case. Smart contracts in channels can refer to on-chain objects in their logic. That would mean that if an OracleA posts the weather in London every day on-chain, Alice and Bob can use this oracle response in their off-chain state channel contracts. For example - they can bet on what the weather will be like in 5 days according to OracleA.
Having oracles inside channels is not impossible but it will result in much more complex channel’s protocol (esp. in the negative case when Alice wants to use the blockchain as an arbiter) while it will provide dubious benefits. Channel privacy will be impacted, but if you want to use a consesus of oracles (you query 3 oracles and wait for at least 2 of those having the same response) - you want to have them all in your channel. Supposedly you’d have a couple of contracts inside a channel, that will require distinct oracles to be included as well. This impacts both privacy and the amount of data that goes through the network and does not scale well. At the moment we stick to using on-chain oracles.


#7

thanks for answering my questions. just one more question to get more information about the possibilities and limits of state channels and smart contracts within them:

  • in the current implementation it would only make sense to put smart contract logic into state channels that changes the AE/Aeon balance of the involved parties as AE/Aeon is the only asset that can be put into the channel, right?

I just think about how it could be possible to create assets in form of standardized tokens like the ERC-20 on Ethereum and build business logic around them within state channels that could also include changing balance/ownership of a certain asset.

  • As this doesn’t seem to be possible at the moment (correct me if I am wrong!) it would be necessary to build sidechains and possibilities to transfer tokens from/to sidechains, right?

#8

Hi @marc0olo,

It really depends on what you want to do :slight_smile: Now we enter another realm but you could have much more complex smart contracts than just transferring of coins/tokens. You can play chess for example, you have all the infrastructure for that.
Channels by themselves are sort of a side chain. It is just that they are limited to two participants. You can create stuff off-chain, incuding artifacts and tokens. It is just that those will not make it on-chain in that form :slight_smile: yet

Imagine the following example:
Alice and Bob have a channel. Total channel balance is 100 AE. At no point of time more AE can be withdrawn from the channel. This is enforced on-chain. The channel state is the following

  • Alice has 30 AE and 10 myGameToken
  • Bob has 20 AE and 15 myGameToken
  • ExchangeContract1 is a smart contract that is present in the channel’s state. It exchanges AE for myGameToken at some rate (currently 1 AE = 2 myGameToken). It changes AE for myGameToken and vice versa. The contract has a balance of 50 AE
  • Game1, Game2, Game3 are all different contracts that accept only myGameToken as currency.

At any point of time both Alice and Bob can cash out and exchange their myGameToken for AE but yet the fixed rate in the contract might still change.

You can also create some other asset (lovelyGameBooster) that can be sold for myGameToken/earned/gained in some other contract and having this lovelyGameBooster can impact contract calls for Game2 for example. All of this is possible with our current state.

What is not yet possible is to take out your lovelyGameBooster out of the channel and put it in another channel. So no assets transfer neither between channels, nor on-chain.


#9

So again a few question in response to your answer:

  • so you basically say it is possible to change the state of custom tokens (in this case myGameToken) within state-channels right?
    • or is myGameToken a specific token following a standard that can be used in within the core-implementation of state channels?
    • I just wonder how logic on a custom token could be perfomed within state channels if the core implementation doesn’t know about it’s functionalities
  • how are smart contracts within state channels executed?
    • can there only be smart contracts used that are known on the mainchain or how do we get them deployed and create instances of it within channels?
    • who performs the computation? (both parties or only one?)
    • does any smart contract function-call within a state channel need to be signed by both parties or is one party able to call the smart contract (locally?) and get a new (signed) state from the contract directly? if 2nd is possible -> how would the other party know about the new state?

I think I still don’t totally understand how the process in detail looks like. curious about your answer! :slight_smile:


#10

Hi @marc0olo,

Yes :slight_smile: Even though this is not part of the protocol, this could easily be done with the current implementation. The most important thing is that contracts are really cheap, fast and easy to create inside a state channel.
This would take advantange on various different mechanincs mostly contracts calling other contracts. Probably the most trivial implementation would be a contract that keeps the balances of Alice and Bob for various tokens that had been invented inside the channel (closely resembling ERC-20 contract). So in order for Alice to use myGameToken in gameContract1 - she makes a call to balanceHolderContract (the contract that has some myGameTokens that she can use). While calling balanceHolderContract, she provides the address of gameContract1, its function to be called, params and etc. balanceHolderContract moves some myGameTokens in its state from Alice’s balance to gameContract1 or whatever address that make sense in this case.
Probably the most important thing would be to build contracts keeping in mind that at any time both Alice and Bob can resolve all contracts via the solo closing sequence. Or not, actually. Some contracts might be unilaterally unresolvable by purpose (and potentially burn the tokens they hold in a solo close). This really depends on the use case.

Let’s have Alice and Bob. They have a state channel. Alice wants to play tic-tac-toe with Bob. Alice proposes Bob that they both add a certain contract inside the state channel off-chain state.

In our current implementation Alice provides the contract’s code. There is no check if this contract is present on-chain or not. It is up to Alice and Bob what contract they want to use. We will make it possible to drag contracts that are present on-chain to the channel’s off-chain state but this will be post main net. This will be just a shorthand for getting the contract’s code and will not impact the protocol. On-chain contracts have a mechanic for reference counting the on-chain contracts that refer to them but there is no way of doing this for off-chain contracts. It would be nasty if the contract you’re refering on-chain disappears :slight_smile:. Since having contracts off-chain is so cheap - off-chain state will copy those in the channel’s state, so participants are safe if the on-chain contract is closed.
On-chain and off-chain contracts solve different use cases. While on-chain ones are public, it is much more cheaper to use the off-chain ones and you can take advantage of a soft-real time interaction. I’d imagine on-chain and off-chain contracts being radically different.

Both of them execute the contract call locally. This must be deterministic. Then they compare output and results - they must match. This is how we keep state channels trustless.
If there is any dispute, anyone of the participants can bring the contract and its call on-chain. This is the forcing of progress. Then it is the miners who execute the contract.

State channels updates are 2 phased ones: Alice proposes and update, Bob agrees to it. Agreement is achieved by the update being co-signed.
Each update consists of some change being applied to the channel’s state and the root hash of the new state hash (with the change being applied). If the other party is happy - co-signs the message and returns it back. Then the proposed state is the currently latest one.
It is worth mentioning that at no point the full state is being sent between them - each party persists its own version of the state locally and applies upcoming changes to it. The proof that they both share the same state is the root hash of the MPT produced by all MPTs in the channel off-chain state (we call this state_hash).

You can read the full state channels description here. The various on-chain transactions that are part of the protocol are in ON-CHAIN.md. We provide FSM that connects to other channels clients via a noise protocol. Its messages are described in the OFF-CHAIN.md. It would be really helpful if you want to build a noise protocol client of your own. We also provide a WebSocket client (that uses the FSM and noise) which would probably be the easiest way to use channels. You can read about it here.


#11

thanks again for the detailed answer!

just to be sure that I understood you correctly when talking about usage of custom tokens within state channels another few questions:

  • the amount to deposit and withdraw to/from a state channel is always the native Æternity-token right?
  • myGameToken would be created and thus only exist within the state channel between two parties right?
    • so it would not be possible to change the balance of a custom token that lives in an on-chain contract within a state channel, right?

so the very abstract procedure looks like this:

  1. open channel with initial Æ-balance for each party
  2. create contracts and run business logic that might change the Æ-balance of each party
  3. close channel with final Æ-balance for each party

#12

Hi @marc0olo,

Another set of great questions!

Yes. Each channel has an amount of AE tokens - this is exactly the amount that had been put in the channel via the create transaction and later modified by deposits and withdrawals. At no point more AE tokens can be withdrawn than this total channel amount.

Yes, indeed - to both questions. For this one would need native tokens. Those will be implemented post main net.

Yes, in a very abstract level - yes. That is if by change balance in 2. you mean off-chain balance.
Both parties commit tokens to a channel when it is being opened. This is the total_amount of the channel this can change but under no circumstances can go bellow a certain treshold.

After the channel is opened, both parties can make off-chain and on-chain updates. On-chain ones are transactions - deposit/withdrawal/snapshot/force_progress. Off-chain are off-chain token transfers, contract creation and calls.

At any point they can agree on closing the channel via a mutual close transaction. If they don’t reach an agreement or one of the parties is missing - the other can initiate a solo closing sequence.

To make things even more robust - we have implemnted on on-chain level delegates - third parties that can protect your interest while you’re offline. Currently they can only post a slash but they will be allowed to post a snapshot as well.


#13

thanks again @Dimitar.Ivanov!

you really helped me understanding the concepts better. but again I have a few questions for you:

  • as you mentioned you plan to provide native tokens on Æternity which then can also be deposited, used and withdrawn inside state channels when I understood correctly. do you already have a specification how they will look like and what functionalities they will have implemented?
  • I know that state channels within Æternity at this point of time can only be shared between two parties. do you have ideas and plans to enable an off-chain-network of state channels through hubs or something like that? or is that out of scope?

#14

Hi @marc0olo,

I am happy to help you.

Our main focus for at least the past few months had been the mainnet. We dedicate all our efforts in that direction, polishing evey detail we could in order to make the protocol lighter, faster and more scalable. We are eager to deliver the native tokens but since those are pushed post mainnet, we are not really working on them at the moment. We had discussed them in private talks and we have a general idea what they shall do but I am not aware them being specified anywhere. So once created, native tokens shall be used the exact same way one would AE tokens: not only in channels but also pay miners fees, pay oracle operators and etc. Of course it would be up to miners if they accept this amount of this native currency as a payment method :slight_smile: Same goes with oracle operators, name service registering and etc.
Keep in mind none of this is set in stone and is subject to change.

This is a great question! We are doing this (possibly following Perun’s approach with virtual channels). Since this is to be done post main net, we haven’t dedicated much time to this either. The important thing is that we will implement the infrastructure for this.