wrapnft

mint to account with oracle approvals

unwrapnft

burn (called by user)

burnnft

oracles can burn nft by consensus

regoracle

register oracle

unregoracle

unregister oracle

regcust

register custodian

unregcust

unregister custodian

listDomainsOfOwner

Returns list of tokenIds owned by the provided ethereum account

getOracle

Get oracle status by ethereum account

getCustodian

Get custodian status by ethereum account

getApproval

getApproval status by indexhash. This is emitted in consensus_activity event after a successful approval has been executed.

tokenURI

retrieve JSON information about NFT

setBaseURI

Change the baseURI path (custodian only)

_baseURI

Retrieve baseURI path (used as first portion of tokenURI)

custodian_count

Keeps track of the number of custodians active in the oracle. Required for consensus math

oracle_count

Keeps track of the number of custodians active in the oracle. Required for consensus math

oraclelist

list of active oracles

custodianlist

list of active custodians(private)

_baseURIextended

Stored baseURI

attribute[]

Holds the domain names for each tokenID 1:1

attribute

Keeps track of the domain names by tokenId

approvals

Keeps track of the approval statuses

_owners

Keeps track of token owners

wrapped

Event emitted when wrap has completed.
emit wrapped(account, tokenID, obtid);

unwrapped

Event emitted when user has unwrapped NFT.
emit unwrapped(fioaddress, tokenID);

custodian_registered

Event emitted when a custodian has been registered
event custodian_registered(address ethaddress, uint256 eid);

custodian_unregistered

Event emitted when a custodian has been unregistered
event custodian_unregistered(address ethaddress, uint256 eid);

oracle_registered

Event emitted when an oracle has been registered
event oracle_registered(address ethaddress, uint256 eid);

oracle_unregistered

Event emitted when an oracle has been unregistered
event oracle_unregistered(address ethaddress, uint256 eid);

consensus_activity

Event emitted when any oracle has approved a transaction
event consensus_activity(string signer, bytes32 hash);

Important: indexhash is emitted after every approval and is required to check status with getApproval action

Custodians
mapping (address=>custodian) custodians

custodian
- active

Keeps track of the custodians that registered another custodian and their activation

Oracles
mapping (address=>oracles) oracles

oracle
- active

Keeps track of the custodians that registered an oracle and the oracles activation count

Approvals
mapping (bytes32 => bool) approver;

pending
- approvals
- account
- obtid

Keeps track of the approvals by obtid, the number of approvals, and the details of the approval
This table is also used for oracle and custodian registration

OWNER_ROLE

Deploy contract

default

ORACLE_ROLE

wrapnft/butnnft

Only FIONFT oracle may use this function

CUSTODIAN_ROLE

regoracle
unregoracle
regcust
unregcust
pause
unpause

Only FIONFT custodian may use this function

Max transaction size

Should we put a max transaction size limit on mint into the ERC721 contract.

Not needed

ERC721 contract key

What is the status of the key used to set the contract?

Key should only be used for spinning up the contract and should be burned.

Oracle “Admin” functions

Do we need to enable the ability for Oracles to call various contract actions such as approve, transfer, mint, etc.

This can be performed in a couple of ways:
1 - The Oracles vote in who can execute the next essential action as follows:
Oracle 1 executes wrap action to mint using FIO obtid xxxxxxxx
Oracle 2 wrap action to transfer for the same FIO obtid to Alice
Oracle 3 executes wrap action for mint, but wrong recipient is provided. Trx goes to Alice defined by oracle 1 and 2

2 - The Oracles can sign the next transfer action as a multisig
This could be quite costly on the ethereum chain, but is possible to implement.
Example of multisig on ethereum simple-multisig/contracts/SimpleMultiSig.sol at master · coder5876/simple-multisig

Decision: We do not want any Oracle admin functions.

Custodian “Admin” functions

Are there contract actions that should be exposed to Custodian “admin” approval?

• Pause switch is an admin function.

• Use case: refunds. If someone calls unwrap to the wrong address and it gets lost. We may want to enable the ability for Custodians to call 2/3+1 approval for a “mint” refund.

  • This can already be done by the Oracles calling wrap to a specific Ethereum address.

TBD: Are there any other contract actions that might be used for “admin” functionality?

Unwrap fee

Is there a fee for unwrap?

Yes. Unwrapping user pays the gas fee

account

Yes

address

Public address on ETH blockchain where wrapped NFT should be delivered.

domain

Yes

string

FIO Domain being wrapped. This will be included in the NFT TokenURI

obtid

Yes

uint256

FIO chain transaction ID

Invalid tokenURI

tokenURI is not valid.

400

"Invalid tokenURI"

Invalid public address

Recipient public address is not valid

400

"Invalid public address"

Invalid account

Uninitialized address is provided

400

“Invalid account”

Invalid obtid

Obtid is is empty or uninitialized

400

“Invalid obtid”

Domain string is invalid

Length is less than 1 or greater than 64

400

“Invalid domain”

Account parameter is contract address

Cannot wrap to contract account

400

“Cannot wrap to contract account”

Already approved

Oracle address tries to approve a wrap multiple times

400

“sender has already approved this hash”

Already complete

Oracle tries to approve a wrap that has already been completed

400

“Approval already complete”

Approver must execute

Oracle tries to execute wrap it didn’t approve

400

“An approver must execute”

Not enough oracles

Oracle tries to execute wrap when there are not enough registered oracles

400

“Oracles must be 3 or greater”

No authority

The signer is not a registered Oracle and does not have authority to call this function

403

"AccessControl: account [user account] is missing role [role hash]"

Return

uint256

TokenID of minted NFT returned on success

Events

String

consensus_activity emitted on successful approval

Transfer, Wrapped, and Consensus_Activity (oracle) events emmitted on successful wrap

tokenID

Yes

uint256

TokenID to be unwrapped (will be burned on Ethereum chain, sent to 0x000000000000…)

fio_address

Yes

String

The FIO Handle where NFT should be delivered on FIO chain

Invalid FIO handle

Recipient FIO handle is not valid with less than 3 characters or greater than 64 characters

400

"Invalid FIO handle"

Invalid TokenID

TokenID is not valid

400

"Invalid tokenID"

No authority

The signer does not own the NFT to burn

403

“Invalid token owner“

Events

String

Approval, transfer and unwrapped event emitted on successful unwrap

tokenID

Yes

uint256

TokenID to be unwrapped (will be burned on Ethereum chain, sent to 0x000000000000…)

obtid

Yes

String

FIO transaction ID or other unique identifier

Invalid FIO handle

Recipient FIO handle is not valid with less than 3 characters or greater than 64 characters

400

"Invalid FIO handle"

Invalid TokenID

TokenID is not valid

400

"Invalid tokenID"

No authority

The signer does not own the NFT to burn

403

“Invalid token owner“

Invalid obtid

Obtid is is empty or uninitialized

400

“Invalid obtid”

Already approved

Oracle address tries to approve a wrap multiple times

400

“sender has already approved this hash”

Already complete

Oracle tries to approve a wrap that has already been completed

400

“Approval already complete”

Approver must execute

Oracle tries to execute wrap it didn’t approve

400

“An approver must execute”

Events

String

Consensus_activity event emitted on successful approval by oracle

Approval, Transfer, domainburned and consensus_activity logs emitted at successful execution

account

Yes

Ethereum public address

Ethereum address owned by the Oracle.

Invalid account

Ethereum account is not valid

400

"Invalid account"

Self registration

Custodian tries to register itself as oracle

400

“Cannot register self”

Already registered

The Ethereum account is already registered as an Oracle

400

“Oracle already registered”

Already approved

Oracle address tries to approve a wrap multiple times

400

“sender has already approved this hash”

Already complete

Oracle tries to approve a wrap that has already been completed

400

“Approval already complete”

Approver must execute

Oracle tries to execute wrap it didn’t approve

400

“An approver must execute”

No authority

The signer is not a registered Custodian and does not have authority to call this function

403

"AccessControl: account [user account] is missing role [role hash]"

Events

String

consensus_activity event emitted successful approval

RoleGranted, oracle_registered and consensus_activity events emitted on completed registration after all approvals

account

Yes

Ethereum account

Ethereum account owned by the Oracle

Invalid oracle

Oracle is not registered

400

"Oracle not registered"

No authority

The signer is not a registered Custodian and does not have authority to call this function

403

"AccessControl: account [user account] is missing role [role hash]"

Already approved

Oracle address tries to approve a wrap multiple times

400

“sender has already approved this hash”

Already complete

Oracle tries to approve a wrap that has already been completed

400

“Approval already complete”

Approver must execute

Oracle tries to execute wrap it didn’t approve

400

“An approver must execute”

Invalid account

Ethereum account is not valid

400

“Invalid account”

Minimum 3 oracles required

Trying to unregister an oracle when there are only 3 registered

400

“Minimum 3 oracles required”

Event

String

consensus_activity event emitted on successful approval

RoleRevoked, oracle_unregistered and consensus_activity events emitted on successful unregister of an oracle

account

Yes

Ethereum account

Ethereum account owned by the Custodian

Invalid account

Ethereum account is not valid

400

"Invalid account"

Self registration

Custodian tries to register itself as custodian

400

“Cannot register self”

Already registered

The Ethereum account is already registered as a custodian

400

“Already registered”

Already approved

Custodian account tries to approve a wrap multiple times

400

“sender has already approved this hash”

Already complete

Custodian tries to approve a wrap that has already been completed

400

“Approval already complete”

Approver must execute

Custodian tries to execute wrap it didn’t approve

400

“An approver must execute”

No authority

The signer is not a registered Custodian and does not have authority to call this function

403

"AccessControl: account [user account] is missing role [role hash]"

Event

String

consensus_activity event emitted on successful approval

RoleGranted, custodian_registered and consensus_activity emitted on successful registration of a custodian

account

Yes

Ethereum public address

Ethereum address owned by the Custodian

Invalid custodian

Custodian is not registered

400

"Custodian not registered"

No authority

The signer is not a registered Custodian and does not have authority to call this function

403

"AccessControl: account [user account] is missing role [role hash]"

Already approved

Oracle address tries to approve a wrap multiple times

400

“sender has already approved this hash”

Already complete

Oracle tries to approve a wrap that has already been completed

400

“Approval already complete”

Approver must execute

Oracle tries to execute wrap it didn’t approve

400

“An approver must execute”

Invalid account

Ethereum account is not valid

400

“Invalid account”

Not enough custodians

Trying to unregister a custodian when there are not enough remaining

400

“Must contain 7 custodians”

status

String

consensus_activity event emitted on successful approval

RoleRevoked, custodian_unregistered and consensus_activity events are emitted after successfully unregistering a custodian

_tokenId

Yes

Integer

TokenId of NFT

NFT tokenId does not exist

Token ID not present

400

No token