@melonproject/protocol
Advanced tools
Melon ([méllō], μέλλω; Greek for "destined to be") is blockchain software that seeks to enable participants to set up, manage and invest in technology regulated investment funds in a way that reduces barriers to entry, while minimizing the requirements for trust.
It does so by leveraging the fact that digital assets on distributed quasi-Turing Complete machines can be held solely by smart-contract code, and spent only according to preprogrammed rules within this code. The Melon protocol is a set of rules for how digital assets can be spent once held in a Melon smart-contract, or a Melon investment fund. These rules are meant to protect the investor and fund manager from malevolent behaviour of each other, even when both parties remain private.
Melon is to investment funds as Bitcoin is to accounting: a set of rules, enforced by blockchain technology, legitimized by the consent of its participants.
This repository contains a reference implementation of the Melon protocol written in Solidity, as specified in our paper.
# Clone this repository
git clone git@github.com:melonproject/protocol.git
cd protocol
# Install dependencies
yarn install
If you don't set JSON_RPC_ENDPOINT, the test will load ganache in-memory which works but is much slower.
After installation, go to the above protocol directory, open a terminal and:
# Launch parity dev chain:
yarn devchain
# Generate bytecode and abi of smart-contracts
yarn compile
# Run the tests using
yarn test
To just develop and test, you don't need to deploy. Unit & integration-tests do deploy the contracts they need.
But if you want to deploy the protcol to Kovan or Mainnet, here is the recommended way:
.keystore.json file in the project root. See What is an Ethereum Keystore file about keystore v3 JSON files.yarn deploy \
--config deployments/configs/kovan-fresh.json \
--gas-price 2000000000 \
--keystore .keystore.json \
--endpoint wss://kovan.infura.io/ws/v3/YOUR-PROJECT-ID
This will prompt to enter the password for the keystore file. A solution on CI would be to set the KEYSTORE_PASSWORD env var.
Deployment is flexible: basically it just deploys all contracts that are not found in the deployment config JSON. Here is a step-by-step guide how to deploy a new version with one changed factory:
cp deployments/kovan-default.json deployments/configs/kovan-default/001-change-0.9.100.json
Naming is: deployments/configs/[chain]-[track]/[index]-[short-name]-[version from package.json].json
Append the README.md in deployments/configs/[chain]-[track]/ with your change.
Change the addresses of the factory that you want to redeploy and of the version to "DEPLOY". This will redeploy the factory, and redeploy the version with the new factory and all old factories registered. Remove exchangeConfigs anyways, this is just for information.
Run deploy:
yarn deploy --config deployments/configs/kovan-default/001-change-0.9.100.json
# Launch an ethereum client. For example something similar to this:
parity \
--chain kovan \
--rpcport 8545 \
--auto-update=all \
--jsonrpc-apis=all \
--author <address> \
--unlock <address> \
--password <password file>
# Open a second terminal and deploy the contracts:
yarn deploy \
--config deployments/configs/kovan-fresh.json \
--gas-price 2000000000 \
It is recommended to change the version in package.json before changing the code base. Here is the step-by-step guide:
yarn version)yarn test)yarn build && yarn compile && yarn deploy ...)yarn test:system)yarn publish) and when asked for "New version", put in the same version as in step 1.git tag v0.X and git push --tags... repeat
This workflow ensures, that all versions are always in sync
To integrate the Melon Protocol into your application, you do not need to clone this repo, you can just install it from npm:
yarn add @melonproject/protocol
You need to have a local dev-chain running to develop your consuming application. We recommend Ganache:
yarn add -D ganache-cli
yarn ganache-cli --gasLimit 0x7a1200 --defaultBalanceEther 1000000
Then, you can deploy the contracts to your local dev node:
yarn melon deploy
This creates a new deployment which you can use like this:
import * as protocol from '@melonproject/protocol';
const environment = await protocol.utils.environment.initTestEnvironment();
const deployment = protocol.utils.solidity.getDeployment(environment);
const hub = await protocol.factory.managersToHubs(
deployment.fundFactory,
'0xdeadbeef',
environment,
);
To help debug the system, the test environment has loggers that log into ./logs/. This keeps the terminal clean but also a great possibility to inspect the logs in detail. Here is how it works:
Inside a function that has the environment, the environment.logger is a curried function with the following signature:
(namespace: string, level: LogLevels, ...messages: any): void;
This currying gives a high level of flexibility, but basically we just use this pattern:
const log = environment.logger('melon:protocol:module');
// and then use debug as you would console.log:
log(
LogLevels.DEBUG,
'Something happened',
interestingObject,
' ... and more ...',
whatever,
);
Basically, LogLevels.DEBUG just logs into the log files and does not output to the screen. LogLevels.INFO logs to the console for deployment but not during tests. So INFO logs should be concise whereas DEBUG logs should be verbose. LogLevels.WARN and LogLevels.ERROR log always to the console.
A consumer can obviously inject its own logger.
Generally, transactions have a shortcut method called execute, which is renamed to the actual transaction name:
import { transfer } from '~/contracts/dependencies/token/transactions/transfer';
const params = {
howMuch: createQuantity(shared.token, 2000000),
to: shared.accounts[1],
};
await transfer(params);
If one needs to have custom access to the different steps, like a custom signer, the transaction function can be decomposed into a prepare and sign step:
import { sign } from '~/utils/environment/sign';
const prepared = await transfer.prepare(params);
const signedTransactionData = await sign(prepared.rawTransaction, environment);
const result = await transfer.send(signedTransactionData, params);
Sometimes during development, one wants to check if a transaction actually fails without the guards. To do so, there are options inside of the transaction factory. The simplest example would be transfer. So here is the minimalistic usage of transfer with skipped guards and transactions:
import { transfer } from '~/contracts/dependencies/token/transactions/transfer';
const params = {
howMuch: createQuantity(shared.token, 2000000),
to: shared.accounts[1],
};
await transfer(params, environment, {
gas: '8000000',
skipGasEstimation: true,
skipGuards: true,
});
The same pattern could be applied to the deconstructed execute:
import { sign } from '~/utils/environment/sign';
const options = {
gas: '8000000',
skipGasEstimation: true,
skipGuards: true,
};
const prepared = await transfer.prepare(params, options);
const signedTransactionData = await sign(prepared.rawTransaction, environment);
const result = await transfer.send(signedTransactionData, params);
Main principle: Every smart contract should be seen as an event-sourced entity:
In other words: Events should transport as much information as needed so that an observer can sync for example a database.
mapping (address => uint256) balances;
For the sake of simplicity, lets assume that:
0x0: is the null address
0x1: user 1
0x2: user 2
...and so on
Transfer(0x0, 0x1, 100) // Initial minting: User 1 receives 100 tokens. Total 100 tokens.
Transfer(0x1, 0x2, 30) // User 1 sends 30 tokens to user 2. New balances: User 1: 70, User 2: 30.
...
Although we fire events after the action happened, we use nouns in the event names. So: NewFund instead of FundCreated of CreateFund.
Like we communicate to the outside world: Hey, there is a NewFund.
Try cloning using git clone https://github.com/melonproject/smart-contracts.git
Update your Parity installation to the latest version or try changing "instantSeal": null to "instantSeal": { "params": {} } in chainGenesis.json
Deploying contracts may stuck indefinitely in case your parity node is not unlocked for some reason. Locked node requires you to enter password for each transaciton manually.
As an open-source project, we welcome any kind of community involvement, whether that is by contributing code, reporting issues or engaging in insightful discussions. Please see our contributing instructions for information on the code style we use.
If you find a vulnerability that may affect live or testnet deployments please send your report privately to security@melonport.com. Please DO NOT file a public issue.
When considering protocol design proposals, we are looking for:
Please note that protocol design is hard, and meticulous work. You may need to review existing literature and think through generalized use cases.
When considering design proposals for implementations, we are looking for:
FAQs
Technology Regulated and Operated Investment Funds
We found that @melonproject/protocol demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.