Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@anastasia-labs/single-asset-staking-offchain
Advanced tools
https://docs.github.com/en/packages/quickstart
"Single Asset Staking Offchain" project provides the necessary SDK to interact with "Single Asset Staking Contracts". These contracts facilitate collective staking of digital assets and distributing rewards among participants in a completely on-chain and trustless manner.
As the name suggests, it allows for a single asset, which can be any Cardano Native Fungible Token, to be staked to earn rewards. The reward itself can be any Cardano Native Fungible Token. The contracts are parameterized with policyId
and tokenName
(in addition to a few others) of stake token and reward token. This allows different projects conducting the Staking event to configure the contracts accordingly.
Instead of a fixed percentage based return, the staking reward obtained is not known beforehand. Because its determined by the total amount of assets staked till the end of the staking period and the total rewards locked before staking begins. Eligible participants are then given rewards propotional to their share of stake ((userStake * totalRewards) / totalStake
).
The contracts are available at Single Asset Staking.
An interesting technical detail about this protocol is the use of an on-chain association list. It maintains every unique public key's stake in a separate UTxO which points to the next stake UTxO. Every UTxO in the list will have StakingSetNode
in its datum.
data StakingSetNode = MkSetNode
{ key :: StakingNodeKey -- owner wallet's PaymentPubKeyHash
, next :: StakingNodeKey -- next PaymentPubKeyHash in a list of lexicographically sorted key hashes
{- This field tells us which Staking Campaign this node belongs to.
Each Staking Campaign is uniquely identified by a Config UTxO
containing an NFT (configCS.configTN) -}
, configTN :: TokenName
}
data StakingNodeKey = Key BuiltinByteString | Empty
This sections provides you with the timeline of different phases involved in Single Asset Staking. With each phase further listing the order of actions which comprises it.
timeline
title Single Asset Staking Phases
Deployment : Build Scripts
: Deploy Reference Scripts
Setup : Create Config UTxO
: Initialize Staking
User Participation : Register Stake
: Modify Stake*
: Remove Stake* (w/o penalty)
Active Staking : Remove Stake* (w/ 25% penalty)
Rewards Processing : Initialize Commit Fold
: Complete Commit Fold
: Initialize Reward Fold
: Complete Reward Fold
: Project Reclaims Reward
: Deinitialize Head Node
Claim : Users Claim Stake & Reward
Note: [*] - Actions which can be performed if user wishes to.
Everything begins here with Anastasia Labs configuring and providing the Smart Contracts, on-chain as Reference Scripts. Once these are available, Projects can reuse the same contracts for any number of new Staking Campaigns. The deployment phase comprises of below two actions.
buildScripts.ts
The contracts available from Single Asset Staking repository, require certain paramters to be applied. These parameters include configCS
(policyId of ConfigPolicy) and script credentials in case of dependant scripts. This step involves providing contracts with the required parameters.
deployRefScripts.ts
This step uses the applied validators obtained above to create a Reference Script UTxO for every validator. In order to easily identify a particular validator on-chain, a native minting policy is used in conjuction. It mints an NFT with the validator name and is made available inside the RefUTxO. This native minting policy allows minting for a very short duration of thirty mintues within which all the RefUTxOs must be created. All the RefUTxOs are sent to an "Always Fail Script" address ensuring they are immutable and locked forever.
---
title: Deploy Reference Scripts
---
graph LR
I1(Input UTxO)
TX[ Transaction ]
subgraph Always Fails Script
O1(("UTxO
$deployId.ConfigPolicy
ref_script: configPolicy "))
O2(("UTxO
$deployId.NodeValidator
ref_script: nodeValidator "))
O3(("UTxO
$deployId.NodePolicy
ref_script: nodePolicy"))
..
end
I1 --> TX
MP{Native Minting Policy} -.-o TX
TX --> O3
Every Project which wants to create a new Staking Campaign will start from here. This phases consists of below three actions. Its only after this phase is completed that users can begin staking.
createConfig.ts
Every individual Staking Campaign begins by first creating a Config UTxO for it. It works like this:
StakingConfig
) contains all the event related details. Thereby leaving the same set of contracts to work for multiple campaigns.data StakingConfig = StakingConfig
{ stakingInitUTxO :: TxOutRef
, freezeStake :: POSIXTime
, endStaking :: POSIXTime
, penaltyAddress :: Address
, stakeCS :: CurrencySymbol
, stakeTN :: TokenName
, minimumStake :: Integer
, rewardCS :: CurrencySymbol
, rewardTN :: TokenName
}
configCS.configTN
), minted in the same transaction.configTN
field value in their datum to avoid mixing UTxOs from different campaigns.---
title: Create Config UTxO
---
graph LR
I1(Config Init UTxO)
TX[ Transaction ]
subgraph Always Fails Script
O1(("Output
$ConfigPolicy.abc: 1n
datum: StakingConfig"))
end
I1 --> TX
MP{"Ref Input
$deployId.ConfigPolicy"} -.-o|Mint $ConfigPolicy.configTN| TX
TX --> O1
initStaking.ts
Here project locks the entire staking reward in tokenHolderValidator
. The total reward amount will be distributed among participants in proportion to their stake. Locking of rewards beforehand gives high assurance to all the participants before they can begin staking. Additional one percent of total reward amount is paid as protocol fees for facilitating staking to Anastasia Labs.
Note: The wallet containing the
stakingInitUTxO
must have enough reward tokens to cover the total reward amount plus 1% protocol fees along with sufficient lovelaces to cover mininum ADA costs and transaction fees.
This transaction also marks the beginning of the association list which will contain all the stake by different participants as separate UTxOs. The first node of the list know as head node is created in this step.
Head node differs from all the nodes in that its key is null. Every valid stake UTxO in the list has a unique "Node Token" which is minted by nodePolicy
at the time of its insertion. The token name is derived as NODE_PREFIX ("FSN") + PaymentPubKeyHash thereby making every node token unique. Head node just has NODE_PREFIX as the token name.
---
title: Initialize Staking
---
graph LR
I1(Staking Init UTxO)
TX[ Transaction ]
subgraph Token Holder Validator
O1(("Output 1
$rewardCS.rewardTN: totalReward
$TokenHolderPolicy.RTHolder: 1n
datum: configTN = abc"))
end
subgraph Staking Validator
O2(("Head Node
$stakeCS.stakeTN: minStake
$NodePolicy.FSN: 1n
datum: key = null, next = null,
configTN = abc"))
end
O3(("Output 3"))
I1 --> TX
MP1{"Ref Input
$deployId.TokenHolderPolicy"} -.-o|Mint $TokenHolderPolicy.RTHolder| TX
TX --> O1
TX --> O2
MP2{"Ref Input
$deployId.NodePolicy"} -.-o|Mint $NodePolicy.FSN| TX
TX -->|1% Protocol Fees| O3
R1(("Ref Input
$ConfigPolicy.abc: 1n
datum: StakingConfig")) -.-o TX
Now the Staking event is opened and users can participate by locking their stake in nodeValidator
by updating the linked list. Before the stake is frozen, participants can choose to increase, decrease or remove their stake altogether.
insertNode.ts
, modifyNode.ts
, removeNode.ts
)Once stake is frozen (configured by parameter freezeStake :: POSIXTime
), the active staking phase begins for which the participants will be earning rewards. This phase lasts till endStaking :: POSIXTime
as decided by the project. During this period, new participants cannot enter nor can the old ones modify their stake. However, existing stakers can still get their stake back if they choose to, by paying 25% of their stake as penalty fee.
processRewards.ts
After the active staking phase has ended (after endStaking :: POSIXTime
) comes the part where project processes and allocates rewards to its participants who staked till now.
Its done by first calculating and saving the total amount staked on-chain. Then every participant's stake UTxO is updated to include rewards in it, in proportion to their stake. Reward calculation is given by the formula (userStake * totalRewards) / totalStake
.
Following sequence of on-chain actions elaborate further on how rewards processing mechanism works. The processRewards.ts
endpoint carries out all
the below actions for the project in a sequential manner.
initFold.ts
Commit Fold carries out the computation of total staked amount by going over all the linked list UTxOs one after the other in order. The current state of the computation, i.e. how far along the linked list it has summed and the current sum, is stored in a UTxO at foldValidator
. This UTxO is uniquely identified with the presence of an NFT ($FoldPolicy.CFold) minted using foldPolicy
. This initialization of commit UTxO is perfomed in this step.
---
title: Initialize Commit Fold
---
graph LR
I1(Input UTxO)
TX[ Transaction ]
subgraph Staking Validator
N1(("Ref Input
$stakeCS.stakeTN: minStake
$NodePolicy.FSN: 1n
datum:
key = null, next = aa1,
configTN = abc "))
N2(("UTxO
$stakeCS.stakeTN: minStake
$NodePolicy.FSNaa1 : 1n
datum:
key = aa1, next = bb2,
configTN = abc "))
N3(("UTxO
$stakeCS.stakeTN: minStake
$NodePolicy.FSNbb2 : 1n
datum:
key = bb2, next = null,
configTN = abc "))
end
subgraph Fold Validator
O1(("Output
$FoldPolicy.CFold: 1n
datum:
key = null, next = aa1,
totalStake = 0n,
configTN = abc
"))
end
N1 -.-o TX
I1 --> TX
MP{"Ref Input
$deployId.FoldPolicy"} -.-o|Mint $FoldPolicy.CFold| TX
TX --> O1
R1(("Ref Input
$ConfigPolicy.abc: 1n
datum: StakingConfig")) -.-o TX
multiFold.ts
Here one stake UTxO after another is used as reference input to calculate and update totalStake
value in Commit Fold UTxO's datum. This is done till the end of list is not reached, at which point next = null
in fold datum and totalStake
is finally determined. This endpoint needs to be called repeatedly till fetchCampaignState
in fetchState.ts
does not return CapaignStatus.StakeCalculationEnded
in its CampaignStatus field of CampaignState.
---
title: Complete Commit Fold
---
graph LR
I1(Input UTxO)
TX[ Transaction ]
subgraph Staking Validator
N1(("UTxO
$stakeCS.stakeTN: minStake
$NodePolicy.FSN: 1n
datum:
key = null, next = aa1,
configTN = abc "))
N2(("Ref Input
$stakeCS.stakeTN: minStake
$NodePolicy.FSNaa1 : 1n
datum:
key = aa1, next = bb2,
configTN = abc "))
N3(("Ref Input
$stakeCS.stakeTN: minStake
$NodePolicy.FSNbb2 : 1n
datum:
key = bb2, next = null,
configTN = abc "))
end
subgraph Fold Validator
F1(("Input
$FoldPolicy.CFold: 1n
datum:
key = null, next = aa1,
totalStake = 0n,
configTN = abc
"))
F2(("Output
$FoldPolicy.CFold: 1n
datum:
key = null, next = null,
totalStake = 2 * minStake,
configTN = abc
"))
end
F1 --> TX
N2 -.-o TX
N3 -.-o TX
I1 --> TX
TX --> F2
R1(("Ref Input
$ConfigPolicy.abc: 1n
datum: StakingConfig")) -.-o TX
Note: Head Node's stake is never taken into account.
initRewardFold.ts
Now that we have total staked amount available on-chain, we initialize the reward fold wherein a UTxO to rewardFoldValidator
is sent. This contains total reward amount obtained from UTxO locked at "Token Holder Validator" along with totalRewardTokens
and totalStake
in its datum. Additionally, it has $RewardPolicy.RFold
NFT minted from "Reward Policy" which validates that the initialization is carried out accurately.
---
title: Initialize Reward Fold
---
graph LR
I1(Input UTxO)
TX[ Transaction ]
subgraph Staking Validator
N1(("Head Node Input
$ADA : 3
$stakeCS.stakeTN: minStake
$NodePolicy.FSN: 1n
datum:
key = null, next = aa1,
configTN = abc "))
N2(("Head Node Output
$ADA : 2
$stakeCS.stakeTN: minStake
$NodePolicy.FSN: 1n
datum:
key = null, next = aa1,
configTN = abc "))
end
subgraph Commit Fold Validator
F1(("Input
$FoldPolicy.CFold: 1n
datum:
totalStake = 2 * minStake
key = null, next = null,
configTN = abc
"))
end
subgraph Reward Fold Validator
O1(("Output
$RewardPolicy.RFold: 1n
$rewardCS.rewardTN: totalReward
datum:
totalRewardTokens = totalReward
totalStake = 2 * minStake
key = null, next = aa1,
configTN = abc
"))
end
subgraph Token Holder Validator
T1(("Input
$rewardCS.rewardTN: totalReward
$TokenHolderPolicy.RTHolder: 1n
datum: configTN = abc "))
end
MP1{"Ref Input
$deployId.TokenHolderPolicy"} -.-o|Burn $TokenHolderPolicy.RTHolder| TX
MP2{"Ref Input
$deployId.FoldPolicy"} -.-o|Burn $FoldPolicy.CFold| TX
MP3{"Ref Input
$deployId.RewardPolicy"} -.-o|Mint $RewardPolicy.RFold| TX
T1 --> TX
F1 --> TX
N1 --> TX
I1 --> TX
TX --> O1
TX --> N2
R1(("Ref Input
$ConfigPolicy.abc: 1n
datum: StakingConfig")) -.-o TX
Note: Upon undergoing rewards fold a UTxO has to pay 1 ADA folding fee.
rewardFoldNodes.ts
With Reward Fold UTxO initialized with rewards and other essential information, rewards can be distributed into individual stake UTxO. This is similar to commit fold, with UTxO after head node being processed first and other UTxOs in the order they appear in list. Rewards fold gets concluded when next = null
on processing the last UTxO of the list. Upon undergoing rewards fold a UTxO has to pay 1 ADA folding fee. This endpoint needs to be called repeatedly till fetchCampaignState
in fetchState.ts
does not return CapaignStatus.UserClaimsAllowed
in its CampaignStatus field of CampaignState.
---
title: Complete Reward Fold
---
graph LR
I1(Input UTxO)
TX[ Transaction ]
subgraph Staking Validator
N1(("UTxO
$stakeCS.stakeTN: minStake
$NodePolicy.FSN: 1n
datum:
key = null, next = aa1,
configTN = abc "))
N2(("Input
$stakeCS.stakeTN: minStake
$NodePolicy.FSNaa1 : 1n
datum:
key = aa1, next = bb2,
configTN = abc "))
N3(("Input
$stakeCS.stakeTN: minStake
$NodePolicy.FSNbb2 : 1n
datum:
key = bb2, next = null,
configTN = abc "))
N4(("Output
$stakeCS.stakeTN: minStake
$NodePolicy.FSNaa1 : 1n
$rewardCS.rewardTN: totalReward/2
datum:
key = aa1, next = bb2,
configTN = abc "))
N5(("Output
$stakeCS.stakeTN: minStake
$NodePolicy.FSNbb2 : 1n
$rewardCS.rewardTN: totalReward/2
datum:
key = bb2, next = null,
configTN = abc "))
end
subgraph Reward Fold Validator
O1(("Output
$RewardPolicy.RFold: 1n
$rewardCS.rewardTN: totalReward
datum:
totalRewardTokens = totalReward
totalStake = 2 * minStake
key = null, next = aa1,
configTN = abc
"))
O2(("Output
$RewardPolicy.RFold: 1n
$rewardCS.rewardTN: rewardsLeft*
datum:
totalRewardTokens = totalReward
totalStake = 2 * minStake
key = null, next = null,
configTN = abc
"))
end
O1 --> TX
N2 --> TX
N3 --> TX
I1 --> TX
TX --> O2
TX --> N4
TX --> N5
R1(("Ref Input
$ConfigPolicy.abc: 1n
datum: StakingConfig")) -.-o TX
Note: [*] - If any reward tokens are left due to remainder from integer division in
(userStake * totalRewards) / totalStake
reclaimReward.ts
Once the rewards are processed, project is free to claim any remaining project tokens left in "Reward Fold UTxO" along with any lovelaces present. They'll have to additionally burn "$RewardPolicy.RFold" token for this, which is only allowed when next = null
i.e. all rewards are processed.
dinitNode.ts
The project is also free to reclaim the Head Node with the "minStake" and lovelaces present in it. It can only be done after the reward fold is initiated (Reward Fold Token datum has next == *head node's next*
), therefore ensuring no information is lost.
reclaimNode.ts
Only after rewards are processed can the participants claim their stake and reward. They can do so by spending their stake UTxO from "Staking Validator" after signing transaction with private key belonging to the PaymentPubKeyHash as key
in UTxO's datum.
configInitUTxO
& stakingInitUTxO
). So that they aren’t spent before their respective initialization transactions. The wallet containing the stakingInitUTxO
must have enough reward tokens to cover the total reward amount plus 1% protocol fees, minimum stake requirement worth of stake tokens and sufficient lovelaces to cover mininum ADA costs and transaction fees.stakeTN
and rewardTN
fields are expected to be UTF-8 encoded strings. All the other Currency Symbols/ Policy Ids and Token name strings are expected to Hex encoded strings.minimumStake
(field in StakingConfig
and other Config objects) to be 10 * 10^6
(Amount * 10 ^ Decimals
) i.e 10_000_000
. Similarly, the reward amount the project wants to lock as total staking reward, specified by rewardsAmount
must be in its lowest unit for e.g. if total reward is 1000 MIN then rewardsAmount == 1_000_000_000
. Likewise, the reponses obtained from the endpoint will provide CNT amount values in their lowest unit. Fields like totalStake
& totalReward
(in CampaignState
), rewardAmount
in InitStakingConfig
and toStake
used while staking or modifying stake, adhere to this representation.freezeStake :: POSIXTime
), the active staking phase begins for which the participants will be earning rewards. This phase lasts till endStaking :: POSIXTime
as decided by the project. During this period, new participants cannot enter nor can the old ones modify their stake. However, existing stakers can still get their stake back if they choose to, by paying 25% of their stake as penalty fee.freezeStake
or endStaking
will result in an error i.e. |Date.now() - freezeStakeOrEndStaking| > 3 minutes
.In the main directory
pnpm run build
https://github.com/vitest-dev/vitest
pnpm test
FAQs
https://docs.github.com/en/packages/quickstart
The npm package @anastasia-labs/single-asset-staking-offchain receives a total of 0 weekly downloads. As such, @anastasia-labs/single-asset-staking-offchain popularity was classified as not popular.
We found that @anastasia-labs/single-asset-staking-offchain demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.