feat: PoC redeem frontrun protection (#335)

* feat: redeem frontrun protection

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* fix: dry-run approach based on discussion with Stan

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* Resolved comments based on discussion with Stan

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* Prettier fix

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* Resolved comments

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* Resolved prettier fix

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* Resolved lint errros

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* Resolved comments

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

* Resolved comments

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>

---------

Signed-off-by: Rayane Charif <rayane.charif@gonative.cc>
Co-authored-by: sczembor <43810037+sczembor@users.noreply.github.com>

Author: Rcc999

packages/sui-indexer/src/redeem-service.ts

@@ -326,9 +326,6 @@ export class RedeemService {
 		const availableUtxos = await this.storage.getAvailableUtxos(req.setup_id);
 		const selectedUtxos = selectUtxos(availableUtxos, req.amount);
 
-		// TODO: we should continue only if our solution is better than the existing one - in case
-		//   someone frontrun us.
-
 		if (!selectedUtxos) {
 			logger.warn({
 				msg: "Insufficient UTXOs for request",
@@ -340,24 +337,69 @@ export class RedeemService {
 
 		try {
 			const client = this.getSuiClient(req.sui_network);
-			const txDigest = await client.proposeRedeemUtxos({
+			const result = await client.proposeRedeemUtxos({
 				redeemId: req.redeem_id,
 				utxoIds: selectedUtxos.map((u) => u.nbtc_utxo_id),
 				nbtcPkg: req.nbtc_pkg,
 				nbtcContract: req.nbtc_contract,
 			});
 
-			logger.info({
-				msg: "Proposed UTXOs for redeem request",
-				redeemId: req.redeem_id,
-				txDigest: txDigest,
-			});
-			await this.storage.markRedeemProposed(
-				req.redeem_id,
-				selectedUtxos.map((u) => u.nbtc_utxo_id),
-				this.utxoLockTimeMs,
-			);
+			if (result.effects?.status.status === "success") {
+				logger.info({
+					msg: "Proposed UTXOs for redeem request",
+					redeemId: req.redeem_id,
+					txDigest: result.digest,
+				});
+				await this.storage.markRedeemProposed(
+					req.redeem_id,
+					selectedUtxos.map((u) => u.nbtc_utxo_id),
+					this.utxoLockTimeMs,
+				);
+			} else {
+				const error = result.effects?.status.error ?? "";
+				if (isRedeemProgressed(error)) {
+					logger.info({
+						msg: "Redeem already progressed past proposal phase",
+						redeemId: req.redeem_id,
+						txDigest: result.digest,
+						error,
+					});
+					let onChainUtxoIds: number[] = [];
+					try {
+						onChainUtxoIds = await client.getRedeemUtxoIds(
+							req.redeem_id,
+							req.nbtc_pkg,
+							req.nbtc_contract,
+						);
+					} catch (e) {
+						logError(
+							{
+								msg: "Failed to fetch on-chain UTXO IDs",
+								method: "redeemReqProposeSolution",
+								redeemId: req.redeem_id,
+							},
+							e,
+						);
+					}
+					await this.storage.markRedeemProposed(
+						req.redeem_id,
+						onChainUtxoIds,
+						this.utxoLockTimeMs,
+					);
+				} else {
+					// TODO: Add specific error codes in the smart contract for
+					// better classification of contract aborts.
+					// For now, leave as pending to retry on next cron tick.
+					logger.warn({
+						msg: "Proposal failed on-chain, will retry",
+						redeemId: req.redeem_id,
+						txDigest: result.digest,
+						error,
+					});
+				}
+			}
 		} catch (e: unknown) {
+			// Network error: leave as pending so next cron retry.
 			logError(
 				{
 					msg: "Failed to propose UTXOs for redeem request",
@@ -404,6 +446,13 @@ export class RedeemService {
 	}
 }
 
+// Contract error messages indicating the redeem has progressed past the proposal phase.
+function isRedeemProgressed(error: string): boolean {
+	return (
+		error.includes("not in resolving status") || error.includes("resolving window has expired")
+	);
+}
+
 // V1 version
 function selectUtxos(available: Utxo[], targetAmount: number): Utxo[] | null {
 	let sum = 0;

packages/sui-indexer/src/redeem-sui-client.ts

@@ -1,4 +1,9 @@
-import { SuiClient as Client, getFullnodeUrl } from "@mysten/sui/client";
+import {
+	type SuiTransactionBlockResponse,
+	SuiClient as Client,
+	getFullnodeUrl,
+} from "@mysten/sui/client";
+import { bcs } from "@mysten/bcs";
 import { Ed25519Keypair } from "@mysten/sui/keypairs/ed25519";
 import { Transaction } from "@mysten/sui/transactions";
 
@@ -20,7 +25,7 @@ export interface SuiClientCfg {
 
 export interface SuiClient {
 	ikaClient(): IkaClient;
-	proposeRedeemUtxos(args: ProposeRedeemCall): Promise<string>;
+	proposeRedeemUtxos(args: ProposeRedeemCall): Promise<SuiTransactionBlockResponse>;
 	solveRedeemRequest(args: SolveRedeemCall): Promise<string>;
 	finalizeRedeem(args: FinalizeRedeemCall): Promise<string>;
 	requestIkaPresigns(count: number): Promise<string[]>;
@@ -39,6 +44,7 @@ export interface SuiClient {
 		nbtcContract: string,
 	): Promise<void>;
 	getRedeemBtcTx(redeemId: number, nbtcPkg: string, nbtcContract: string): Promise<string>;
+	getRedeemUtxoIds(redeemId: number, nbtcPkg: string, nbtcContract: string): Promise<number[]>;
 }
 
 class SuiClientImp implements SuiClient {
@@ -111,7 +117,50 @@ class SuiClientImp implements SuiClient {
 		return Buffer.from(decoded).toString("hex");
 	}
 
-	async proposeRedeemUtxos(args: ProposeRedeemCall): Promise<string> {
+	async getRedeemUtxoIds(
+		redeemId: number,
+		nbtcPkg: string,
+		nbtcContract: string,
+	): Promise<number[]> {
+		const tx = new Transaction();
+		const redeem = tx.add(
+			nBTCContractModule.redeemRequest({
+				package: nbtcPkg,
+				arguments: {
+					contract: nbtcContract,
+					redeemId: redeemId,
+				},
+			}),
+		);
+
+		tx.add(
+			RedeemRequestModule.utxoIds({
+				package: nbtcPkg,
+				arguments: {
+					r: redeem,
+				},
+			}),
+		);
+
+		const result = await this.#sui.devInspectTransactionBlock({
+			transactionBlock: tx,
+			sender: this.signer.toSuiAddress(),
+		});
+
+		if (result.error) {
+			throw new Error(`DevInspect failed: ${result.error}`);
+		}
+
+		const rawResult = result.results?.[1]?.returnValues?.[0]?.[0];
+		if (!rawResult) {
+			return [];
+		}
+
+		const utxoIds = bcs.vector(bcs.u64()).parse(Uint8Array.from(rawResult));
+		return utxoIds.map(Number);
+	}
+
+	async proposeRedeemUtxos(args: ProposeRedeemCall): Promise<SuiTransactionBlockResponse> {
 		const tx = new Transaction();
 
 		tx.add(
@@ -135,11 +184,7 @@ class SuiClientImp implements SuiClient {
 			},
 		});
 
-		if (result.effects?.status.status !== "success") {
-			throw new Error(`Transaction failed: ${result.effects?.status.error}`);
-		}
-
-		return result.digest;
+		return result;
 	}
 
 	async solveRedeemRequest(args: SolveRedeemCall): Promise<string> {