Research: Add BOB token to Polygon Bridge

What to do?

It's part of the task regarding the USDC pool on Polygon. One of the parts of the task is to deploy USDC contracts

EPIC -> https://www.notion.so/blockscout/USDC-Pool-on-Polygon-99284d21d62b49c7a15ca4201d972c91?pvs=4

What to do?

Most of the top-tier exchanges already use native USDC as a default withdrawal option for Polygon. We asked Circle and Polygon directly about their plans regarding the expansion of the token and they told us they do this actively.

1. Binance already uses it as a default option
2. Coinbase started to use it as well
3. Polygon said they are actively replacing this token with a native one for all platforms on the chain
4. They already set Uniswap pool for 600k

We need to to plan to migrate the pool in the upcoming month because people who get UDSC from exchanges and most of other apps couldn't use it in zkBob

@akolotov @k1rill-fedoseev Could we use the same process that we used previously? How much time do we need for the preparation?

Changes required:

• ZkBobPool contract: new functionality for adding new deposits, processing, refunding (@k1rill-fedoseev #49 )
• Relayer: Direct deposit worker (@LyzeOfKiel )
• Js lib: zkBob/zkbob-client-js#93
• UI: TBD view direct deposits in UI
• Libzeropool, Libzkbob-rs: new circuit support;
• New ceremony and verifier contract deployment

User might be interested in getting some native gas tokens when withdrawing BOB tokens from shielded pool. So the user could pay some extra fee to relayer that would be automatically exchanged and transferred to the user as native gas token

Need to research and propose a user flow.

• Contains a queue of pending transactions
• Contains a list of pending nullifiers
• change transact: it must append new tx commitment instead of new root
• Contains a whitelist of provers
• Is upgradeable ( need to fix storage slot collision)

What to do?

We need to prepare changes for the pool contract to support Opium KYC. If a user is approved by Opium KYC we will get him access to extended limits OR we will remove all limits at all (TBD)

Related task:

• zkBob/zkbob-ui#142

• Add one more permit fields set to memo
• upfront fees for permitable deposts
• Disseminate fees to proxy and prover when transaction is processed in Pool
• #95
• Support permittable deposit
• #96

Consider to check that the recovery is allowed by checking recoveredFundsReceiver in requestRecovery and executeRecovery

• Create some parameter for sharing fee between tx commitment and tree update prover

New memo struct
0-2 bytes - tx type
2-22 bytes - proxy address
22-30 bytes - proxy fee
30-38 bytes - prover fee

Currently the code of the vault and the AAVE connector in the dev branch of the zkbob-contracts repo with bunch of other not reviewed components like Compound connector and auctions code. It is necessary to create a PR with to propagate code of the vault and the connector to the main branch.

1. Deploy current contracts on Sepolia
2. Make some transactions
3. Run upgrade to decentralized relayer contracts version
4. Checks that everything is fine on the client/relayer/contracts side

Consider to have a low boundary for recoveryRequestTimelockPeriod:

Does it make sense to keep it on one day at least?

Since fees are collected in BOB whereas the operator spends native tokens to pay for gas, expected flow to cover gas expenses will be:

1. The operator withdraws BOB tokens by withdrawFee
2. The operator swaps BOB tokens to native tokens

The operator is an account which the relayer sends transaction behalf of. The relayer does not have the functionality to call withdrawFee. If an admin will uses the operator's PK to call withdrawFee it could be not safe.

At the same time it is a good practice (it was implemented in POSDAO) to have two accounts for operators: one is to send service transactions, another is to receive rewards and expenses coverage.

Consider to keep a separate account as the fee recipient for every operator.

In this case the flow to cover expenses will be:

1. The fee recipient withdraws BOB tokens by withdrawFee
2. The fee recipient swaps BOB tokens to native tokens
3. The fee recipient sends native tokens to the operator.

What to do?

The whole task is described in the following Notion task: https://www.notion.so/blockscout/Payment-Link-Request-Money-7af4edd96c094ef28305ce9b603c9126?pvs=4

• UI: allow user to create a payment link and use it to make a payment
• contracts: process swap and payment

It seems reasonable to not allow to request recovery if expected amount of total recovered funds exceeds the limit. The similar check exists in executeRecovery:

Limits

The main goal is to create an additional barrier for illicit activities and at the same time not to impair ability for regular users. Since the main feature to distinguish illicit transaction right now is the amount, it's seems reasonable to set following restictions:

1. A single operation ( deposit or withdrawal ) cannot exceed A
2. A single address must not deposit more than B during a single period of 24 hours
3. Overall sum of all of the deposits during a single period of 24 hours must not exceed C
4. Overall amount of tokens in the Pool must not exceed D

Implementation

1. Add a mutable daily quota value to the Pool state and constructor
2. Add a map of all the addresses that have transacted that day and additional counters for overall deposits and
3. When a user performs a transaction check that
   1. map entry doesn't exist or contains enough quota
   2. this operation doesn't result in any excess in cumulative metrics (all daily deposits, pool overall value)
4. Process transaction
5. Reduce the quota

Consider to improve the logic in isRecoveryEnabled

The recovery is enabled if recoveredFundsReceiver is set and totalRecovery does not exceed the limit.

What to do?

We need to add the time lock for the upgradability of zkBob smart contracts. Let's discuss what time lock period it could be

• Make a new contract for USDC Pool with 9 decimals
• Make swap for tokens in the Pool
• JS SDK: zkBob/zkbob-client-js#143
• UI: zkBob/zkbob-ui#202
• Update user documentation
• Add support for inverse denominator in the Relayer: zkBob/zeropool-relayer#188