micropayment channel example with two chapters #4212
Conversation
|
Thanks for the pull request! I Have not yet looked into it in detail, but some remarks that will also help in the review process:
|
|
hey @chriseth, i don't know what is better here, write the full contracts or mark the pieces of code to not be compiled? what do you think about? |
|
i'm going to write the full contracts and use the comments to explain what the code does and it importance |
docs/solidity-by-example.rst
Outdated
| and the sender is sent the rest via a *selfdestruct*. | ||
| You can see the *close* function in the full contract. | ||
|
|
||
| Channel Expriration |
There was a problem hiding this comment.
Thanks, fixing it now!
|
Any update is needed here? |
docs/solidity-by-example.rst
Outdated
| @@ -645,4 +645,499 @@ Safe Remote Purchase | |||
| Micropayment Channel | |||
| ******************** | |||
|
|
|||
| To be written. | |||
| Creating and verifying signatures | |||
There was a problem hiding this comment.
Perhaps it would be good to have 1-2 sentences before the first subsection to explain the individual components of a micropayment channel, i.e. what is the perpose of the various subsections and what are we going to do in the "micropayment channel" section?
docs/solidity-by-example.rst
Outdated
| ================================= | ||
|
|
||
| Signatures are used to authorize transactions, | ||
| and they're a general tool that's available to |
There was a problem hiding this comment.
Could you please change the style to not use contractions (i.e. `they are a general tool that is available...') as in most of the rest of the documentation?
docs/solidity-by-example.rst
Outdated
|
|
||
| Signatures are used to authorize transactions, | ||
| and they're a general tool that's available to | ||
| smart contracts. In this chapter we'll use it to |
There was a problem hiding this comment.
prove (...) that a certain account approved a certain message - isn't that the most general form of the purpose of a signature (and still, the sentence starts with "in this chapter...")?
docs/solidity-by-example.rst
Outdated
| smart contracts. In this chapter we'll use it to | ||
| prove to a smart contract that a certain account | ||
| approved a certain message. We'll build a simple | ||
| smart contract that lets me transmit ether, but |
There was a problem hiding this comment.
Using we and I at the same time might be confusing. Perhaps it would be better to introduce people like Alice and Bob?
docs/solidity-by-example.rst
Outdated
| prove to a smart contract that a certain account | ||
| approved a certain message. We'll build a simple | ||
| smart contract that lets me transmit ether, but | ||
| in a unsual way, instead of calling a function myself |
docs/solidity-by-example.rst
Outdated
| but some of them are incompatible. We'll use the new standard | ||
| way to do that `EIP-762 <https://github.com/ethereum/EIPs/pull/712>`_, | ||
| it provides a number of other security benefits. | ||
| Is recommended to stick with the most standard format of signing, |
There was a problem hiding this comment.
This sentence is a little weird
docs/solidity-by-example.rst
Outdated
| web3.personal.sign(hash, web3.eth.defaultAccount, function () {...}); | ||
|
|
||
|
|
||
| Remind that the prefix includes the length of the message. |
There was a problem hiding this comment.
Which prefix? Also: "Note that..."?
docs/solidity-by-example.rst
Outdated
|
|
||
| 1. The recipient's address | ||
| 2. The amount to be transferred | ||
| 3. An additional data to protects agains replay attacks |
There was a problem hiding this comment.
typo: to protects - agains
docs/solidity-by-example.rst
Outdated
| 2. The amount to be transferred | ||
| 3. An additional data to protects agains replay attacks | ||
|
|
||
| To avoid replay attacks we'll use the same as in Ethereum transactions |
There was a problem hiding this comment.
Did this documentation already explain what a replay attack is at some point?
docs/solidity-by-example.rst
Outdated
| 3. An additional data to protects agains replay attacks | ||
|
|
||
| To avoid replay attacks we'll use the same as in Ethereum transactions | ||
| themselves, a nonce. And our smart contract will check if that nonce is reused. |
There was a problem hiding this comment.
I think you should explain the term "nonce".
docs/solidity-by-example.rst
Outdated
|
|
||
| :: | ||
|
|
||
| pragma solidity ^0.4.20; |
There was a problem hiding this comment.
IMO, it would be great if we make it for latest compiler.
There was a problem hiding this comment.
Updating the code right now!
|
Any update? |
|
Hi @chriseth mind providing an update here? Hope you're doing well 🙂 |
docs/solidity-by-example.rst
Outdated
| bytes32 s; | ||
| uint8 v; | ||
|
|
||
| assembly { |
There was a problem hiding this comment.
I wouldn't mind an explanation here this code is from https://gist.github.com/axic/5b33912c6f61ae6fd96d6c4a47afde6d, but in a real implementation a more tested library should be used, such as openzepplin's fork of this code: https://github.com/OpenZeppelin/openzeppelin-solidity/blob/master/contracts/ECRecovery.sol
There was a problem hiding this comment.
Sorry, I will put the explanation and original/fork links.
There was a problem hiding this comment.
I don't know if I can use the library inside this docs section, then I put a note below the contract.
|
Not sure what went wrong here. Tests are fine locally, so I will force-merge. |
|
This should have been squashed piror to merging 😉 |
| ``claimPayment`` function. | ||
|
|
||
|
|
||
| The full contract |
| function isValidSignature(contractAddress, amount, signature, expectedSigner) { | ||
| var message = prefixed(constructPaymentMessage(contractAddress, amount)); | ||
| var signer = recoverSigner(message, signature); | ||
| return signer.toLowerCase() == |
There was a problem hiding this comment.
I think this should be === as part of latest JS standards, but in this case it sohuldn't matter too much.
fixes #4131