Background
Whitepaper gave some information about Triggers and initial requirements about this functionality, but a lot of open questions comes into play when implementation details were discussed.
The design of Iroha Triggers mainly takes inspiration from:
- Database triggers - Oracle example
- Substrate weight and fee handling use cases in `pre-dispatch` and `post-dispatch` stages of transaction processing
- Smart contracts in other blockchains
Problem
Currently we can submit transactions that can modify global state if they pass validation. These transactions can contain `Query`s inside of them, allowing them limited capability to execute logic on-chain.
Transactions can include:
- Iroha Special Instrucions
- (Unclear if needed and not yet implemented) WASM blobs
Independently of their content type they will have limited capability as they will only be able to execute the contained logic once.
Though as it is established in blockchain space current use cases require a more sophisticated functionality to efficiently support DeFi:
| Use Case | Needs * |
|---|---|
Swaps | Triggered by user; Does several additional state validations; Manages liquidity; |
Periodic Reward Distribution | Executed periodically; Distributes to all users satisfying certain condition; |
Customizable and modifiable transaction fees | Executed for each transaction; Have ability to disallow transaction execution; |
| Stable coins contracts | Executed periodically or triggered by user; Possibly check external conditions provided by oracle contracts; |
| Oracle smart contracts | Triggered by user; Aggregate data from external world; Provide data to other contracts |
*- Algorithms for all of these use cases need to be on chain for transparency and safety guarantees, which are provided by consensus.
Other use cases for permissioned blockchains might include:
| Use Case | Needs | Comments |
|---|---|---|
| Transaction Metadata Validation | Executed for each transaction; Have ability to disallow transaction execution; | |
| Transaction Set Instructions Validation for Account, Domain and Asset Definition metadata | Executed for each transaction; Have ability to disallow transaction execution; Have access to transaction ISI contents; | |
Permission Management | Executed for each transaction; Have ability to disallow transaction execution; Have access to transaction ISI contents; | We can let all permissions be customizable and upgrade-able during runtime if we use Triggers. |
Solution
To execute arbitrary logic on-chain for unrestricted number of times other popular blockchains have Smart Contracts. Our solution for introducing smart contract functionality is called Triggers.
This is how triggers are described in the whitepaper:
Triggers can be either based on time or on a confirmed transaction (event). This is very powerful and enables Turing complete computation for Iroha's smart contracts.
- Trigger at timestamp (every 5 minutes or after one hour)
- Trigger at blockchain (new block, reach of some height, etc.)
- Trigger at condition (new account, transfer of an asset, etc.)
Representation
With the recent decision to introduce WASM. It is suggested to use it for Triggers. So that Triggers can be written in Rust* and compiled into WASM.
This way Triggers will benefit from a high level language features of an already established language and will be able to solve all the listed use cases with ease.
As discussed previously, solving listed use cases with ISI was impossible or very difficult and needed significant work on the language design side.
*- generally speaking any language could be used that can be compiled into WASM. But due to Rust being our primary development language it is suggested to focus on it.
Execution
Generally the following holds true for Trigger execution
- Triggers are automatically executed on each of the peers when their corresponding condition is met (see Categories).
- Triggers do not generate any new transactions or blocks.
Though there might be exceptions for time based Triggers - see Categories.
Place in the WSV hierarchy
Corresponding to their meaning Triggers can be stored in 2 ways:
- Top Level Triggers - in the World entity
- They can operate on any data in WSV
- Domain Level Triggers - in the corresponding Domain
- Their access is restricted only to their Domain
Second option might be interesting for permission-ed blockchains.
Categories
By purpose:
- System Level - Influence the whole blockchain system rules and features
- Can fail transactions
- Do not pay fees for execution*
- Permissions are not checked for them (can freely modify WSV state)
- User Level - Provide services to users and other apps
- Pay fees for execution*
- Act on behalf of their technical accounts and their permissions
*- for more on this see Execution Limits
By wake up condition:
- Time-based
- At timestamp
- Each `duration`
- For complex use cases Trigger might register itself again to execute at another timestamp
- Time based Triggers seem to be difficult task for synchronization between peers. There are several approaches to solve this problem:
- Leader might generate a transaction (and block) for time based triggers, and will be blamed if it does not do it in given time period
- This seems inconsistent with other Triggers which do not generate txs
- Time based triggers might be tied to block commit - in a sense that we guarantee that they will be executed atomically with the next closest block.
- For this we might need to introduce generating empty blocks, when no transactions were found in the given period.
- Leader might generate a transaction (and block) for time based triggers, and will be blamed if it does not do it in given time period
- Block number-based
- At block
- Each `n_blocks`
- For complex use cases Trigger might register itself again to execute at another height
- Execute atomically with the block commit, after block transactions were applied.
- Transaction-based (can have a condition of whether they need to execute, similar to Oracle `when` condition)
- Before (transaction execution)
- Only for system level Triggers
- Have the ability to check and fail or allow transaction
- After (transaction execution)
- After each
- After transaction that triggered a change in WSV that meets arbitrary condition - this is the most general option
- In both cases they have access to transaction contents and at least read access to WSV
- Before (transaction execution)
- Triggers that are triggered by specific ISI call - ExecuteTrigger(Params)
- Similar to smart contracts as they are in Ethereum blockchain
Persistent State
Complex Triggers (such as Swap triggers managing Liquidity Pools) might need to store data between their invocations. For this purpose Triggers will have following persistent storage:
- Key value Store (Similar to Account, Asset Definition, Domain and Tx metadata)
- On demand technical accounts where they might keep transferred funds.
- While of course technical accounts can be emulated with key value store.
This might complicate usage of Transfer, Mint and other currency related features while using Triggers.
This also looses the more strict definition of Currency and therefore is more error-prone.
Therefore is suggested to keep the technical accounts option.
- While of course technical accounts can be emulated with key value store.
Registration
Trigger is registered by Register<Trigger> instruction. Submitted inside of it as WASM blob.
We have to consider adding appropriate permissions for this instruction.
For private blockchain we might start with a simple permission that only user with corresponding Permission Token can register Triggers.
For public blockchain we need to consider two distinct cases for Trigger registration based on their purpose:
- System Level Triggers - should be registered with democracy voting module*
- User Level Triggers - users can freely register their own triggers if they can pay trigger registration fee (which might depend on WASM blob size)
*- democracy voting module is assumed to be similar to the one used in Substrate based chains for runtime upgrades.
Communication with other Triggers
Generally Triggers can communicate with other Triggers by changing the WSV state and also by calling other triggers through ExecuteTrigger ISI.
ExecuteTrigger ISI might be designed to return some value, therefore introducing a class of `Library Triggers` that are used by other Triggers for various features.
Execution Limits
Trigger execution uses validators' processing resources and therefore has to be limited for the network to stay operational.
Limits would mainly apply to User Level triggers as they are registered freely and are not part of the system itself.
The following is proposed:
- Limit max number of WASM instructions that can be executed per Trigger
- Take network fees for Trigger execution:
- In general case fees can be taken from the Trigger's technical account balance.
- If technical account does not have enough funds - Trigger is not executed
- For Triggers called by ExecuteTrigger(_) we might consider the same approach that is used in Ethereum - take funds from the account that called it.
Misc
It might be good to provide Triggers with a way to `Unregister` themselves. Especially for public blockchain use cases.
Implementation Considerations
The scope of work proposed here is huge. It might be good to approach it iteratively, focusing on use cases needed for permission-ed blockchains at first (e.g. start with System Level triggers that check transactions).