ICS-20 for Corda¶
ICS-20 Overview¶
ICS-20 is an IBC/APP protocol included in the IBC spec that enables a two-way peg between blockchains by linking packet transmission, reception and acknowledgement with token locking, unlocking, burning and minting. This cross-chain protocol works as follows.
Src: The sender of a token sends a packet to a destination chain and at the same time locks a token in escrow.
Dst: The IBC module on the destination chain receives the packet and at the same time mints a voucher token to a receiver.
Dst: The minted voucher token can be transfered arbitrarily.
Dst: The sender of a voucher token sends a packet to the source chain and at the same time burns the voucher token.
Src: The IBC module on the source chain receives the packet and at the same time unlocks a token in escrow.
Design of ICS-20 for Corda (when using the Cash contract of Corda)¶
Key point¶
ICS-20 assumes that smart contract called the IBC module is responsible for escrowing tokens and minting vouchers.
But Corda’s existing asset (e.g. Cash) is supposed to be owned by a specific user (node), making it difficult for tokens to be locked in smart contracts or to be minted by smart contracts.
Therefore in the current implementation of Corda-IBC, a trusted special node (such as a financial institution) is responsible for the role (escrowing tokens and minting vouchers).
Hereinafter, this node will be referred to as “bank”.
Security assumption¶
It is assumed that an issuer of Cash issues Cash tokens properly in a source chain. (trust in the issuer)
It is assumed that bank nodes lock (execute Cash.Move), unlock (execute Cash.Move), mint (execute Cash.Issue) and burn (execute Cash.Exit) tokens only through ICS-20, in both chains. (trust in the bank nodes)
Procedure¶
Src: The sender of Cash sends a packet over IBC/TAO and at the same time executes “Cash.Move” to transfer his Cash state to the bank user on the source chain.
Dst: The bank user on the destination chain receives the packet over IBC/TAO and at the same time executes “Cash.Issue” and “Cash.Move” to mint a new Cash state to a recipient.
Dst: The minted Cash state can be transfered arbitrarily on the destination chain.
Dst: The sender of a Cash state on the destination chain sends a packet over IBC/TAO and at the same time executes “Cash.Move” and “Cash.Exit” to burn his Cash state.
Src: The bank user on the source chain receives the packet over IBC/TAO and at the same time executes “Cash.Move” to transfer a Cash state to a recipient on the source chain.
Detailed specification¶
States¶
No additional state class
Commands¶
-
class
HandleTransfer
(msg: MsgTransfer) A command executing token transfer specified in ICS-20
-
Input states
[readonly] Host
[readonly] ClientState
[readonly] IbcConnection
IbcChannel
[Multiple] Cash(owner = senderUser)
-
Output states
IbcChannel(packets += Pair(sequence, packet), nextSequenceSend += 1)
[Multiple] Cash(owner = bankUser)
-
Contract rules
All input and output states must have the same baseId.
All input states (except readonly input called “reference state”) must also be included in transaction output (because states of IBC are never deleted once created).
The contents of the packet must be consistent with Cash owner, denomination and amount.
Requirements for createOutgoingPacket specified in ICS-20 must be satisfied.
-
-
class
HandlePacketRecv
(msg: MsgRecvPacket) A command receiving a token, specified in ICS-20
-
Input states
[readonly] Host
[readonly] ClientState
[readonly] IbcConnection
IbcChannel
[Multiple] Cash(owner = bankUser)
-
Output states
IbcChannel
[Multiple] Cash(owner = receiverUser)
-
Contract rules
All input and output states must have the same baseId.
All input states (except readonly input called “reference state”) must also be included in transaction output (because states of IBC are never deleted once created).
The contents of the packet must be consistent with Cash owner, denomination and amount.
Requirements for onRecvPacket specified in ICS-20 and recvPacket specified in ICS-4 must be satisfied.
-
-
class
HandlePacketAcknowledgement
(msg: MsgAcknowledgement) A command receiving ack to a token, specified in ICS-20
-
Input states
[readonly] Host
[readonly] ClientState
[readonly] IbcConnection
IbcChannel
[Multiple] Cash(owner = bankUser)
Cash is needed only in the case of refund.
-
Output states
IbcChannel(packets -= sequence, nextSequenceAck +=1)
nextSequenceAck is incremented only when the channel is type of ORDERED.
[Multiple] Cash(owner = senderUser)
Cash is needed only in the case of refund.
-
Contract rules
All input and output states must have the same baseId.
All input states (except readonly input called “reference state”) must also be included in transaction output (because states of IBC are never deleted once created).
The contents of the packet must be consistent with Cash owner, denomination and amount.
Requirements for onAcknowledgePacket specified in ICS-20 and acknowledgePacket specified in ICS-4 must be satisfied.
-
Design of ICS-20 for Corda (when defining new asset type for ICS-20)¶
Key point¶
Defining new asset type enables token lock, unlock, mint and burn in conjunction with IBC/TAO, without trusting in a particular node.
Hereinafter, this asset is referred to as ICS20Cash state.
The state responsible for locking, unlocking, minting and burning ICS20Cash is referred to as Bank state.
Security assumption¶
It is assumed that an issuer of ICS20Cash tokens issues them properly in the source chain. (trust in the issuer)
Procedure¶
Src: The sender sends a packet over IBC/TAO and at the same time locks his ICS20Cash state in the Bank state.
TX inputs
Bank: The lock balance of ICS20Cash is N.
ICS20Cash: quantity is M, owner is the sender.
TX outputs
Bank: The lock balance of ICS20Cash becomes N + M.
ICS20Cash: None(not included in outputs)
Dst: The IBC module receives the packet over IBC/TAO and at the same time mints a new ICS20Cash state to a recipient on the destination chain.
TX inputs
Bank: The mint balance of ICS20Cash is N.
TX outputs
Bank: The mint balance of ICS20Cash becomes N + M.
ICS20Cash: Quantity is M and owner is the receiver on the destination chain.
Dst: The minted ICS20Cash can be arbitrarily transfered on the destination chain.
Dst: The sender sends a packet over IBC/TAO and at the same time burns his ICS20Cash state.
TX inputs
Bank: The mint balance of ICS20Cash is N + M.
ICS20Cash: quantity is M and owner is the sender on the destination chain.
TX outputs
Bank: The mint balance of ICS20Cash is N
ICS20Cash: None (not included in outputs)
Src: The IBC module receives the packet over IBC/TAO and at the same time unlocks a ICS20Cash state to a recipient on the source chain.
TX inputs
Bank: The lock balance of ICS20Cash is N + M’.
TX outputs
Bank: The lock balance of ICS20Cash becomes N.
ICS20Cash: quantity is M’ and owner is the recipient on the source chain.
Detailed specification¶
States¶
-
class
ICS20Cash
The state class of token dedicated for ICS-20
-
amount
: Amount<Issued<Currency>>¶ The number of tokens. It also holds the issuer and units information as data types.
-
owner
: AbstractParty¶ Owner of the token state
-
participants
: List<AbstractParty>¶ Participants in the token state
-
-
class
Bank
The state class responsible for locking, unlocking, minting and burning ICS20Cash
-
participants
: List<AbstractParty>¶
-
baseId
: StateRef¶
-
locked
: Map<Denom, Amount>¶ Locked amount for each denomination
-
minted
: Map<Denom, Amount>¶ Minted amount for each denomination
-
denoms
: Map<Denom, Denom>¶ Associative array used to support “IBC denom” specified in ADR-001 of Cosmos.
-
Commands¶
-
class
HandleTransfer
(msg: MsgTransfer) A command class transfering ICS20Cash
-
Input states
[readonly] Host
[readonly] ClientState
[readonly] IbcConnection
IbcChannel
Bank
[Multiple] ICS20Cash(owner = senderUser)
-
Output states
IbcChannel(packets += Pair(sequence, packet), nextSequenceSend += 1)
Bank(locked + = Pair (denom, amount) or mined - = Pair (denom, amount))
-
Contract rules
All input and output states must have the same baseId.
All input states (except readonly input called “reference state”) must also be included in transaction output (because states of IBC are never deleted once created).
The contents of the packet must be consistent with ICS20Cash owner, denomination and amount.
Requirements for createOutgoingPacket specified in ICS-20 must be satisfied.
-
-
class
HandlePacketRecv
(msg: MsgRecvPacket) A command class receiving ICS20Cash
-
Input states
[readonly] Host
[readonly] ClientState
[readonly] IbcConnection
IbcChannel
Bank
-
Output states
IbcChannel
Bank(mined + = Pair(denom, amount) or locked -= Pair (denom, amount))
ICS20Cash(owner = receiverUser)
-
Contract rules
All input and output states must have the same baseId
All input states (except readonly input called “reference state”) must also be included in transaction output (because states of IBC are never deleted once created).
The contents of the packet must be consistent with the ICS20Cash owner, denomination and amount
Requirements for onRecvPacket specified in ICS-20 and recvPacket specified in ICS-4 must be satisfied.
-
-
class
HandlePacketAcknowledgement
(msg: MsgAcknowledgement) A command class receiving acknowledgement for token transfer specified in ICS-20
-
Input states
[readonly] Host
[readonly] ClientState
[readonly] IbcConnection
IbcChannel
Bank
The Bank state is needed used only in the case of refund.
-
Output states
IbcChannel(packets -= sequence, nextSequenceAck +=1)
nextSequenceAck is incremented only when the channel is type of ORDERED.
Bank(locked -= Pair (denom, amount) or minted += Pair (denom, amount))
ICS20Cash(owner = senderUser)
The ICS20Cash state is needed used only in the case of refund.
-
Contract rules
All input and output states must have the same baseId.
All input states (except readonly input called “reference state”) must also be included in transaction output (because states of IBC are never deleted once created).
The contents of the packet must be consistent with the ICS20Cash owner, denomination and amount
Requirements for onAcknowledgePacket specified in ICS-20 and acknowledgePacket specified in ICS-4 must be satisfied.
-