Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CIP-0040? | Collateral output #216

Merged
merged 18 commits into from
Jul 2, 2022
+65 −1
Merged

CIP-0040? | Collateral output #216

Changes from 2 commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
b4c7280
added work from PR#25 to support single stake pool links as well
rphair Jan 17, 2021
b24d0ef
for brevity
rphair Jan 17, 2021
235ad40
for clarity
rphair Jan 17, 2021
75faa8f
response to first round of editing by co-author
rphair Jan 18, 2021
0389fa1
second round of co-author edits
rphair Jan 18, 2021
adbee6f
reclassified wallet integration as Motivation rather than Rationale
rphair Jan 18, 2021
176b5c0
2 of 3 changes from @nicarq via PR 65
rphair Feb 20, 2021
20f35f6
undone most recent commit (removing PR65 suggestions)
rphair Feb 20, 2021
f43d28c
Merge branch 'master' of github.com:rphair/CIPs
rphair Feb 20, 2021
85c4b77
undone most recent commit (removing PR65 suggestions)
rphair Feb 20, 2021
db81cb6
Merge remote-tracking branch 'upstream/master'
rphair Apr 12, 2021
efd6491
Collateral output CIP
SebastienGllmt Feb 10, 2022
d3c48ce
rename file
SebastienGllmt Feb 10, 2022
07ff3b5
Include self-contained balancing requirement
SebastienGllmt Feb 14, 2022
138565e
Add Andre to the CIP
SebastienGllmt Feb 15, 2022
b136b3b
Merge branch 'master' of github.com:cardano-foundation/CIPs
rphair Jul 2, 2022
89239b2
Merge branch 'output-collateral' of github.com:cardano-foundation/CIP…
rphair Jul 2, 2022
c50eff3
pre merge changes, attempt as 3rd party
rphair Jul 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 60 additions & 0 deletions CollateralOutput/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
---
CIP: ?
Title: Explicit Collateral Output
Authors: Sebastien Guillemot <seba@dcspark.io>
Status: Draft
Type: Standards
Created: 2022-02-10
License: CC-BY-4.0
---

# Abstract

This document describes adding a new output type to transactions called Collateral Outputs

# Motivation

As of Alonzo, transactions that call Plutus smart contracts are required to put up collateral to cover the potential cost of smart contract execution failure. Inputs used as collateral have the following properties:

1. Cannot contain any tokens (only ADA)
2. Cannot be a script address
3. Must be a UTXO input
4. Must be at least some percentage of the fee in the tx (concrete percentage decided by a protocol parameter)
5. Can be the same UTXO entry as used in non-collateral tx input
6. Is consumed entirely (no change) if the contract execution fails during phase 2 validation
7. Is not consumed if phase phase 2 validation succeeds

Additionally, there cannot be more than *maxColInputs* (protocol parameter) inputs and the inputs have to cover a percentage of the fee defined by *collateralPercent* (protocol parameter)

However,

- Restriction #1 is problematic because hardcore dApp users rarely have UTXO entries that do not contain any tokens. To combat this, wallets have created a special wallet-dependent "collateral" UTXO to reserve for usage of collateral for dApps which is not a great UX.
- Restriction #6 is problematic because wallets want to protect users from signing transactions with large collateral as they cannot verify whether or not the transaction will fail when submitted (especially true for hardware wallets)

# Specification

If phrase-2 verification fails, we can send outputs to a special output marked as the collateral output.

There are two ways to create collateral outputs

1. Add collateral outputs as a new field inside the transaction. This change is similar to how collateral inputs were created a new field
SebastienGllmt marked this conversation as resolved.
Show resolved Hide resolved
2. Change the definition of outputs as `TxOut = Addr × Value × DataHash? × Source?` where source (optional for backwards compatibility) is an enum `0 = regular output, 1 = collateral output`.

Option #1 provides the best backwards compatibility because we don't expect phase-2 validation to be a common occurrence and so wallets that (due to not being updated) never check collateral outputs will still in the overwhelming majority of cases return the correct result.

Additionally, this requires updating the collateral requirement.

If no collateral output is specified (and therefore no tokens are in the collateral input), then we keep the old definition

```
ubalance (collateral txb ◁ utxo) ≥ quot (txfee txb * (collateralPercent pp)) 100
```

However, if collateral output is specified, then
1. Each collateral output needs to satisfy the same minimum ADA requirement as regular outputs
2. Collateral output needs to be balanced according to `sum(collateral_input) = sum(collateral_output) + collateral_consumed`
Where `collateral_consumed` is equal to the old formula (`quot (txfee txb * (collateralPercent pp)) 100`). Note that when collateral is consumed, any certificate, etc. in the transaction is ignored so they have no impact on the change calculation.

## Copyright

This CIP is licensed under [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode)