第二十二课 无多签硬件钱包,如何实现以太坊通证的多签合约?

1,摘要

【本文目标】
1) 了解目前辉哥调研的多签硬件钱包的现状;
2) 提供一个智能合约多签钱包的实现方案和测试结果;

【前置条件】
1)存在一个已发布的ERC20通证合约,例如本文举例的CLB通证。

2. 需求描述

有一天,老板给辉哥提了一个需求,希望能够实现一个安全的代币支出多签功能,便于基金会治理审核。
汇总而言,产品需求描述如下:
(1)治理委员会由4人组成,一项CLB代币支出需要所有4人同意才可以转账打出;
(2)为了避嫌中心化作恶,治理委员会的退出只能由委员本人账号操作有效;
(3)当治理委员会无法正常运作时,老板有权撤回治理委员会管理的剩余代币。

3. 多签钱包市场调研信息

辉哥首先完成市场上商用硬件钱包的调研工作。
结论:
目前(2018.08.24)世面上暂时没有体验好的多签硬钱包,不过等1个月后比特派硬件钱包更新会支持ETH和ERC20代币的多重签名功能。
具体信息:

  • 目前没有支持ETH和ERC20多签功能的冷钱包。
    市面上有较多钱包支持比特币多签功能的。
    ImToken钱包不支持ETH及ERC20代币的多签管理,但支持离线授权管理。
    国内库神硬件钱包也不支持ETH多签,价格大概在2000元左右。
    国外的Trezor价格大概在800元左右。
    比特派(bitpay)钱包答复9月份会发布一款硬件钱包支持ETH和ERC20多签功能的冷钱包,价位1299元左右。
    商品链接可点击访问。
  • 律师推荐的gnosis多签钱包是英文网页版操作的。gnosis多签钱包合约代码可点击访问。
  • 支持ETH多签合约的PC版钱包还有Mist钱包,PARITY钱包,是英文页面操作。
  • 目前很多基金会直接使用多签合约代码部署后支持在页面进行多签管理。

4. 多签智能合约代码及解析

多签合约核心代码如下:


contract ColorbayMultiSign {

    using SafeMath for uint256;
    
    uint256 public MAX_OWNER_COUNT = 50;

    event Confirmation(address indexed sender, uint256 indexed transactionId);
    event Revocation(address indexed sender, uint256 indexed transactionId);
    event Submission(uint256 indexed transactionId);
    event Execution(uint256 indexed transactionId); 
    event ExecutionSuccess(uint256 indexed transactionId);
    event ExecutionFailure(uint256 indexed transactionId);
    event OwnerAddition(address indexed owner);
    event OwnerRemoval(address indexed owner);
    event RequirementChange(uint256 required);

    mapping (uint256 => Transaction) public transactions;
    mapping (uint256 => mapping(address => bool)) public confirmations;
    mapping (address => bool) public isOwner;
    address[] public owners;
    uint256 public required;
    uint256 public transactionCount;
    address public creator;

    ERC20 public token;

    struct Transaction {
        address destination;
        uint256 value;
        bool executed;
    }

   /*omit some modifier function*/

    /**
     * @dev Contract constructor sets initial owners and required number of confirmations.
     * @param _owners List of initial owners.
     * @param _required Number of required confirmations.
     */
    constructor(address _token, address[] _owners, uint256 _required) public validRequirement(_owners.length, _required)
    {
        token = ERC20(_token);
        require(_owners.length <= 100);
        for (uint256 i=0; i<_owners.length; i++) {  
            require(!isOwner[_owners[i]] && _owners[i] != address(0));             
            isOwner[_owners[i]] = true;
        }
        owners = _owners;
        required = _required;
        creator = msg.sender;
    }

   

    /** 
     * @dev Allows to remove an owner. Transaction has to be sent by wallet.
     * @param owner Address of owner.
     */
    function removeOwner(address owner) public ownerExists(owner)
    {
        /*only owner can delete itself*/
        require(owner == msg.sender);
        
        isOwner[owner] = false;
        for (uint256 i=0; i<owners.length.sub(1); i++) {
            if (owners[i] == owner) {
                owners[i] = owners[owners.length.sub(1)];
                break;
            }
        }            
        owners.length = owners.length.sub(1);
        if (required > owners.length) {
            changeRequirement(owners.length);
        }            
        emit OwnerRemoval(owner);
    }
    
    /** 
     * @dev Withdraw the token remained to the constructor address.
     */
    function withdrawToken() public onlyCreator{
        if( 0 < token.balanceOf(address(this))) {
           token.transfer(creator, token.balanceOf(address(this)));
        }
    }    


    

    /** 
     * @dev Allows to change the number of required confirmations. Transaction has to be sent by wallet.
     * @param _required Number of required confirmations.
     */
    function changeRequirement(uint256 _required) private validRequirement(owners.length, _required)
    {
        required = _required;
        emit RequirementChange(_required);
    }

    /** 
     * @dev Allows an owner to submit and confirm a transaction.
     * @param destination Transaction target address.
     * @param value Transaction ether value.
     * @return Returns transaction ID.
     */
    function submitTransaction(address destination, uint256 value) public returns (uint256 transactionId)
    {
        transactionId = addTransaction(destination, value);
        confirmTransaction(transactionId);
    }

    /** 
     * @dev Allows an owner to confirm a transaction.
     * @param transactionId Transaction ID.
     */
    function confirmTransaction(uint256 transactionId) public ownerExists(msg.sender) transactionExists(transactionId) notConfirmed(transactionId, msg.sender)
    {
        confirmations[transactionId][msg.sender] = true;
        emit Confirmation(msg.sender, transactionId);
        executeTransaction(transactionId);
    }

    /**  
     * @dev Allows an owner to revoke a confirmation for a transaction.
     * @param transactionId Transaction ID.
     */
    function revokeConfirmation(uint256 transactionId) public ownerExists(msg.sender) confirmed(transactionId, msg.sender) notExecuted(transactionId)
    {
        confirmations[transactionId][msg.sender] = false;
        emit Revocation(msg.sender, transactionId);
    }

    /** 
     * @dev Allows anyone to execute a confirmed transaction.
     * @param transactionId Transaction ID.
     */
    function executeTransaction(uint256 transactionId) public notExecuted(transactionId)
    {
        if (isConfirmed(transactionId)) {
            Transaction storage ta = transactions[transactionId];
            ta.executed = true;
            if(token.transfer(ta.destination, ta.value)) {
                emit ExecutionSuccess(transactionId);
            } else {
                emit ExecutionFailure(transactionId);
                ta.executed = false;
            }
        }
    }

    /** 
     * @dev Returns the confirmation status of a transaction.
     * @param transactionId Transaction ID.
     * @return Confirmation status.
     */
    function isConfirmed(uint256 transactionId) public view returns (bool)
    {
        uint256 count = 0;
        for (uint256 i=0; i<owners.length; i++) {
            if (confirmations[transactionId][owners[i]]) {
                count = count.add(1);
            }                
            if (count == required) {
                return true;
            }                
        }
    }

    /** 
     * @dev Adds a new transaction to the transaction mapping, if transaction does not exist yet.
     * @param destination Transaction target address.
     * @param value Transaction ether value.
     * @return Returns transaction ID.
     */
    function addTransaction(address destination, uint256 value) internal notNull(destination) returns (uint256 transactionId)
    {
        transactionId = transactionCount;
        transactions[transactionId] = Transaction({
            destination: destination,
            value: value,
            executed: false
        });
        transactionCount = transactionCount.add(1);
        emit Submission(transactionId);
    }

    /** 
     * Web3 call functions
     * @dev Returns number of confirmations of a transaction.
     * @param transactionId Transaction ID.
     * @return Number of confirmations.
     */
    function getConfirmationCount(uint256 transactionId) public view returns (uint256 count)
    {
        for (uint256 i=0; i<owners.length; i++) {
            if (confirmations[transactionId][owners[i]]) {
                count = count.add(1);
            }
        }            
                
    }

    /** 
     * @dev Returns total number of transactions after filers are applied.
     * @param pending Include pending transactions.
     * @param executed Include executed transactions.
     * @return Total number of transactions after filters are applied.
     */
    function getTransactionCount(bool pending, bool executed) public view returns (uint256 count)
    {
        for (uint256 i=0; i<transactionCount; i++) {
            if (pending && !transactions[i].executed || executed && transactions[i].executed) {
                count = count.add(1);
            }
        }           
                
    }

    /** 
     * @dev Returns list of owners.
     * @return List of owner addresses.
     */
    function getOwners() public view returns (address[])
    {
        return owners;
    }

    /** 
     * @dev Returns array with owner addresses, which confirmed transaction.
     * @param transactionId Transaction ID.
     * @return Returns array of owner addresses.
     */
    function getConfirmations(uint256 transactionId) public view returns (address[] _confirmations)
    {
        address[] memory confirmationsTemp = new address[](owners.length);
        uint256 count = 0;
        for (uint256 i=0; i<owners.length; i++) {
            if (confirmations[transactionId][owners[i]]) {
                confirmationsTemp[count] = owners[i]; 
                count = count.add(1);
            }
        }            
        _confirmations = new address[](count);
        for (i=0; i<count; i++) {
            _confirmations[i] = confirmationsTemp[i];
        }

    }

    
    /** 
     * @dev Returns list of transaction IDs in defined range.
     * @param from Index start position of transaction array.
     * @param to Index end position of transaction array.
     * @param pending Include pending transactions.
     * @param executed Include executed transactions.
     * @return Returns array of transaction IDs.
     */
    function getTransactionIds(uint256 from, uint256 to, bool pending, bool executed) public view returns (uint256[] _transactionIds)
    {
        uint256[] memory transactionIdsTemp = new uint256[](transactionCount);
        uint256 count = 0;
        for (uint256 i=0; i<transactionCount; i++) {
            if (pending && !transactions[i].executed || executed && transactions[i].executed)
            {
                transactionIdsTemp[count] = i;
                count = count.add(1);
            }
        }            
        _transactionIds = new uint256[](to.sub(from));
        for (i=from; i<to; i++) {
            _transactionIds[i.sub(from)] = transactionIdsTemp[i];
        }
            
    }

}

各个函数的定义说明参考类图:

多签合约类图.png

核心函数说明:

  • constructor(address _token, address[] _owners, uint256 _required) public validRequirement(_owners.length, _required)
    多签创建函数,参数分别为通证的地址,多签账户的地址,需要几个账户多签;
  • function submitTransaction(address destination, uint256 value) public
    提交转账申请(目标账户和金额),任何人都可以发起;如果是委员会委员者发起则同时完成审批;
  • function confirmTransaction(uint256 transactionId) public
    委员会委员审批通过
  • function revokeConfirmation(uint256 transactionId) public
    在转账成功前,已审核的委员会可撤销审核授权
  • function removeOwner(address owner) public ownerExists(owner)
    删除治理委员账户,只有自己能操作,已防止他人作恶。
  • function withdrawToken() public onlyCreator
    打回通证,只有合约创建者能操作

限于文章篇幅,辉哥并没有把所有的多签合约代码提取出来。如需获取完整代码文件请加入知识星球获取。

5. 多签智能合约场景测试

编译通过后,按照实际业务场景,辉哥做了一下完整测试。测试流程如下:

业务流程.png

具体的操作流程如下,均达到预期目标,本多签合约具备商用能力。

测试数据

代币

  • 彩贝发行总量为 1,000,000,000 个token
  • 激励 占比35%,即350,000,000个token
  • 私募 占比20%,即200,000,000个token
  • 团队及基金会 占比25%,即250,000,000个token
  • 社区培养及推广 占比20%,即200,000,000个token

账号

治理审批委员会成员:

  • 老板 0xca3...a733c
  • 辉哥 0x147...c160c
  • 欧阳哥哥 0x4b0...4d2db
  • ELLA 0x583...40225

申请人:

  • 阿汤哥 0xdd8...92148

  • 管理员0xca35b7d915458ef540ade6068dfe2f44e8fa733c
  • 辉哥0x14723a09acff6d2a60dcdf7aa4aff308fddc160c
  • 欧阳哥哥0x4b0897b0513fdc7c541b6d9d7e929c4e5364d2db
  • ELLA0x583031d1113ad414f02576bd6afabfb302140225
  • 阿汤哥0xdd870fa1b7c4700f2bd7f44238821c26f7392148

1. 创建多签合约

1) 创建代币合约Colorbay

切换到管理员账号0xca3...a733c下,创建代币合约Colorbay,创建完成后,复制合约地址备用。试用者也可以创建自己的ERCC20合约,记住地址即可。

0x692a70d2e424a56d2c6c27aa97d1a86395877b3a

2、创建多签合约

切换到管理员账号0xca3...a733c下,创建多签合约。输入CLB合约地址,将审批委员会名单导入(管理员、辉哥、欧阳哥哥、ELLA),配置需要4个确认个数(也称必签数,即需要审批4次才能通过)

constructor("0x692a70d2e424a56d2c6c27aa97d1a86395877b3a", ["0xca35b7d915458ef540ade6068dfe2f44e8fa733c","0x14723a09acff6d2a60dcdf7aa4aff308fddc160c","0x4b0897b0513fdc7c541b6d9d7e929c4e5364d2db","0x583031d1113ad414f02576bd6afabfb302140225"], "4")

如果必签数<委员会成员数,将不能完成任何事务的审批,必须通过新增委员会成员(见用例8)才能完成

将多签合约地址复制下来备用:

0xbbf289d846208c16edc8474705c748aff07732db

3、给多签合约地址充值CLB

回到CLB合约中,切换到管理员账号0xca3...a733c下,给多签合约地址充值2000000CLB

transfer("0xbbf289d846208c16edc8474705c748aff07732db", "2000000,000000000000000000") #约定:运行时,去除数额中的逗号,否则会出错

4、查询多签合约地址代币余额

balanceOf("0xbbf289d846208c16edc8474705c748aff07732db")

5、查询剩余发行总量

balanceOf("0xca35b7d915458ef540ade6068dfe2f44e8fa733c")

2)发起待审批事务

仅审批委员会成员可操作

1、作为申请人阿汤哥0xdd8...92148,向管理员提出申请,需要10000个CLB做为活动运营激励。切换到管理员账号0xca3...a733c下(可以是任意审批委员会账号)

submitTransaction("0xdd870fa1b7c4700f2bd7f44238821c26f7392148", "10000,000000000000000000")

编号为0的事务申请提交完成后,即管理员已经审批通过了这个事务,待其他3个审批通过。

2、作为申请人阿汤哥0xdd8...92148,直接自己发起待审批事务。切换到阿汤哥账号0xca3...a733c下(任意非审批委员会账号),将会报错,因为普通用户不能发起待审批事务

submitTransaction("0xdd870fa1b7c4700f2bd7f44238821c26f7392148", "10000,0000000000000000000000")

3、查询当前编号为0的事务有几人审批确认了

getConfirmationCount(0)

4、查询当前编号为0的事务有哪些委员做审批确认了

getConfirmations(0)

3) 进入审批流程

1、编号为0的事务还需要3个审批确认,现在辉哥、欧阳哥哥开始审批编号为0的事务,分别切换到辉哥账号、欧阳哥哥账号0xca3...a733c下,

confirmTransaction(0)

辉哥再次审批将会报错,因为已经审批过了

重复用例3第3、4步

2、辉哥后悔了,想要撤销审批,切换到辉哥账号0xca3...a733c下:

revokeConfirmation(0)

重复用例3第3、4步

3、审批委员会说服了辉哥,切换到辉哥账号0xca3...a733c下,辉哥再次做审批通过操作:

重复用例5第1步

4)完成最后1次审批,同时执行转账,结束事务

1、切换到ELLA账号0x583...40225下,完成最后1次审批确认,同时将执行转账操作(已经满足4次确认)

2、查询阿汤哥到账情况

回到CLB合约,查询阿汤哥账号0xdd8...92148余额

balanceOf("0xdd870fa1b7c4700f2bd7f44238821c26f7392148")

3、查询发行总量

重复用例1第5条

4、查询编号为0的事务是否已经处于完成状态

isConfirmed(0)

5) 删除审批委员会成员

说明:不管是在审批流程中操作,还是在审批结束后操作,移除成员时,遵循以下规则:

  • 委员会成员最多数为100个;
  • 如果必签的个数>委员会成员数,比如必签个数为4,委员会成员数为4,做删除1个成员操作后,那么必签个数会更新成=委员会成员数;
  • 如果必签的个数<委员会成员数,比如必签个数为4,委员会成员数为5,做删除1个成员操作后,那么审批通过不受影响;
  • 删除操作人必须是自己账号,就是自有自己能删除自己,否则就是中心化了。

1、辉哥由于个人原因,要退出治理审批委员会。他在自己账号下调用多签合约的函数 0x147...c160c

removeOwner("0x14723a09acff6d2a60dcdf7aa4aff308fddc160c")

6) 取回合约代币

后来,该治理委员会开始无法有效运作,部分人员审批并不及时,严重影响了业务进展。老板决策把剩余代币打回到管理账号,结束该审计委员会工作和审批权限。

withdrawToken()

6.参考

本文编码为欧阳哥哥实现,辉哥参与需求设计和验收测试。


推荐阅读更多精彩内容