-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
eth: Redeems and refunds can be overwritten and lost without error. #1467
Comments
So the second eth trade makes a transaction with the same nonce as the redeem from the first trade? Well that's a bug and a half. Is that our nonce accounting or go-ethereum's? We use
UTXO coins could have their redeem/refund txns watched, but since there's no chance of the wallet that published those from spending the contract prevout accidentally there's no issue. It's common to have chained swaps from multi-lot orders that have their Nth swap funded by the previous swap's change, which may be unconfirmed still, like you said it's not as easy to cancel/replace like with eth where you just use the same nonce. If a funding utxo txn is never mined, it's either low fee or never propagated. So to address the propagation issue, it could be periodically rebroadcast, but that's the job of the wallet then, not dex wallet controller. Once dcrwallet/bitcoind/btcwallet is handed the transaction to broadcast, they ensure that it is continually rebroadcast until it is mined (or perhaps no longer valid). At least that's the case with current wallet software. Clearly ETH does not attempt that... |
I think this is only true for our |
I think we must be using |
I don't think this path uses |
Right I mean internal to go-ethereum. It has to pick a nonce somehow because we don't set it in |
Yeah, maybe handling the nonce ourselves would work? Probably the tx would get mined eventually if the fee wasn't too too low. But, using the next nonce also means that that tx cannot be mined until the previous. |
I hope we don't have to specify the nonce ourselves, but if that's what ends up happening in Yeah, the parent txns holding up child is a pain, and it's exactly the same thing we face with UTXOs. However if we make sure server doesn't get caught up on the txid but rather that swap state in contract (at least after initial audit), it should be easier to address that with client-initiated replacement swap txns. Yet another can of worms. |
supposedly resolved in ethereum/go-ethereum#15794 (1.8.21) |
I just witnessed this with a tx that was not low fee (I guess, no record of the fee is left), but because the tx was sent close to another. Following is the evidence. Make an initiation:
And later the Redeems (same account/wallet):
And fetching the tx afterwards, after a redemption is not found:
Although So, I guess I'll attempt to add logic to deal with the nonce ourselves? |
I see no other choice. We can't leave it unset when calling the contract methods because the default apparently just reuses nonces. Sorry I haven't had time to look any closer at this. |
Should be resolved as long as submitting the transaction is what makes GetPoolNonce advance and not something asynchronous in the handling of the submitted transaction. Excellent testing and resolution @JoeGruffins |
Ethereum uses an account number plus nonce to prevent double spends. It is perfectly normal for a tx to be replaced by another and disappear before it is mined. In dex, this means that redeems and refunds with a low gas price may be silently replaced by the next transaction.
For example, here I have set a redemption gas cap too low to be mined. The ui will show everything is fine:
Looking at the tx from the harness:
Then, I make another trade with a fee that can be mined:
The new init tx:
And our last redeem:
The funds appear "immature" until you restart the client, and then there is no trace they ever existed. No error or anything.
If you continue to make trades with a gas fee that is too low, you do see everything come to a stop, as the second low fee will use the next nonce and even if you replace the second tx and onward, all tx must be mined in order, so you are in another, slightly different, bad state.
I guess these tx, need to be saved and resent periodically, until they are mined, unless we are sure the fee will always be adequate?
I wonder if all coins could benefit from redeem and refund watching? There are more serious implications with eth, as the nonce must be in sync, but I would expect it's possible for other coins to have unmined and unnoticed txs? i.e. trade is not finished for client until final redeem/refund tx has a certain number of confirmations.
The text was updated successfully, but these errors were encountered: