[WIP] Add cancel trade feature #4514

chimp1984 · 2020-09-10T23:15:55Z

This PR adds the feature to cancel a trade for teh BTC buyer at trade step 2 (payment started screen).
If he requests for cancellation he will get refunded the min sec. deposit which would be use in a mediation case in case he loses (0.003 BTC). The rest of his sec. deposit goes to the seller. The seller will receive the message and can accept, reject or decide later. If accepted the trade get closed with the payout distribution that the seller receives his trade amount, his deposit + the deposit of the buyer minus the 0.003 BTC. If he rejects the trade continues as normal. The buyer could still click the payment started button at any time and that would trigger the next step in the protocol and the cancelation request is ignored.
If a dispute gets opened the cancellation is disabled.

The feature needs good testing with the different scenarios.

It comes also with a few refactorings in the trade process code base. Most are not functional changes but some are. So we should get the whole trade process a good test.

To call initialize from constructor would adds issues with later changes. It is more clean to have a clear call order of: Constructor -> initialize -> activate

…eturn.

-> We will later use that class for more generic use cases.

We will separate state for requester and peer in the next commits

WIP - will separate in next commits states

not allow canceling anymore

…sentation to make more explicit which one is for buyer and which for seller

Add delegate protocol for cancel trade

For failed trades without deposit tx it is expected that the DelayedPayoutTx is null as well.

to be more consistent with other calling methods using the same param name

Change reBroadcast flag to true.

in case we have not received an ACK

…ness Helps to make it more explicit that we not only sign but also broadcast the data.

We do the re-sending of the payment sent message via the BuyerSendCounterCurrencyTransferStartedMessage task on the buyer side, so seller do not need to do anything interactively.

sqrrm

During testing I get the accept/reject/decide later popup twice if the trade is not open when receiving the request. First I Accept/Reject and the same popup shows again and I must choose again. Perhaps a listener is attached when switching to that view or something like that.

The buyer should not be able to continue with the trade after the rejection with the current protocol since he's signing the payout with all going to seller. Better might be:
Accept path

Buyer proposes cancellation
Seller accepts, signs payout and sends signature back
Buyer finalizes cancellation

Reject path

Buyer proposes cancellation
Seller rejects
Buyer can continue with trade. No risk to buyer since the seller doesn't have the signed payouttx. No risk to seller since the potential cancellation tx would send all funds to seller.

Adding signedwitness to last message in protocol makes a lot of sense.

The handling of mailboxmessages wasn't obivous to me. Hence the failure to remove them from the network. Would it make sense to make a separate service to pop mailboxmessages from the p2p network store them locally to be processed by the trade protocol later. That way there is no need to worry about the post trade tast mailbox handling.

Added some minor comments inline.

core/src/main/java/bisq/core/btc/wallet/TradeWalletService.java

core/src/main/java/bisq/core/trade/protocol/tasks/cancel/FinalizeCanceledTradePayoutTx.java

core/src/main/resources/i18n/displayStrings.properties

...va/bisq/desktop/main/portfolio/pendingtrades/steps/HandleCancelTradeRequestPresentation.java

proto/src/main/proto/pb.proto

core/src/main/java/bisq/core/trade/BuyerTrade.java

core/src/main/java/bisq/core/trade/Trade.java

.../java/bisq/core/trade/protocol/tasks/seller/SellerMaybeSignWitnessAndSendWitnessMessage.java

chimp1984 · 2020-09-17T01:10:15Z

During testing I get the accept/reject/decide later popup twice if the trade is not open when receiving the request. First I Accept/Reject and the same popup shows again and I must choose again. Perhaps a listener is attached when switching to that view or something like that.

The buyer should not be able to continue with the trade after the rejection with the current protocol since he's signing the payout with all going to seller. Better might be:
Accept path
1. Buyer proposes cancellation

2. Seller accepts, signs payout and sends signature back

3. Buyer finalizes cancellation
Reject path
1. Buyer proposes cancellation

2. Seller rejects

3. Buyer can continue with trade. No risk to buyer since the seller doesn't have the signed payouttx. No risk to seller since the potential cancellation tx would send all funds to seller.
Adding signedwitness to last message in protocol makes a lot of sense.

The handling of mailboxmessages wasn't obivous to me. Hence the failure to remove them from the network. Would it make sense to make a separate service to pop mailboxmessages from the p2p network store them locally to be processed by the trade protocol later. That way there is no need to worry about the post trade tast mailbox handling.

Added some minor comments inline.

The popup comes everytime when you activate the pending trades UI and select the trade. Once you accept/reject it does not come again.
Did you get 2 popups?

Re buyers signature:
Good catch! Yes that was a real security flaw. Thanks for catching it! Of course the buyer must not send the signature first but the other way round as the seller gets the funds back. I will change that and yes we need a 3rd step so that the buyers signs as the end and publishes the tx.

Re mailbox msg:
Yes that might be a good idea, then we have less risk that there are dangling msgs. We just need to add a new store for that and manage it locally. I will have a look into that once the persistence PR is merged.

Currently we allow the buyer to continue with the trade once he opened a cancel request. I think that is dangerous as it might cause conflicts in the trade protocol if 2 branches can be executed in parallel. As well it might lead to more complex situations and carries higher risk that it could be abused. So I think better to deactivate that the buyer can continue normally until the seller has replied.

chimp1984 · 2020-09-17T01:11:22Z

Better wait with further review until I have fixes the protocol. Will put it WIP until its ready again for review.

sqrrm · 2020-09-17T07:11:34Z

Regarding the popup: yes, it appears twice, ie, it reappears when accept or reject is pressed. This happens only when the trade view is not active when the cancel request is received.

chimp1984 · 2020-09-19T15:05:42Z

Will close for now as the risks and effort have been much larger as initially thought for a rather small and maybe even controversial feature. Might open a new PR again once I dedicate time to continue on that.

chimp1984 added 30 commits September 9, 2020 21:19

Refactor: Rename method

59860f6

Refactor: Move initialize before activate, add separator lines

3ef7599

Refactor: Move methods

2bfdcfb

Refactor: Make initialize public

1159836

Functional change: Do not call initialize in constructor

59e4e98

To call initialize from constructor would adds issues with later changes. It is more clean to have a clear call order of: Constructor -> initialize -> activate

Refactor: Do check for trade.getPayoutTx() == null at beginning and r…

17ba6e9

…eturn.

Refactor: Move check for trade.getPayoutTx() == null to sub classes

1e2ea6d

-> We will later use that class for more generic use cases.

Refactor: Rename class for more generic use cases.

88cd5b2

Functional change: Avoid possibility to add duplicated tradable to list

5f1d5f3

Add cancel trade domain

1f2241f

Refactor: Rename id to tradeId

5dd81cb

Remove unused field

d50d825

Refactor: Rename CanceledTradeState to HandleCancelTradeRequestState

25db775

We will separate state for requester and peer in the next commits

Add RequestCancelTradeState

68add41

WIP - will separate in next commits states

Separate states completed

b28f507

Remove cancel support at step 3. Once buyer has send payment we do

8236ce2

not allow canceling anymore

Rename RequestCancelTradePresentation and HandleCancelTradeRequestPre…

6f5e386

…sentation to make more explicit which one is for buyer and which for seller

Refactor: Move classes

79a9ac9

Refactor: Rename enums

7313458

Refactor: Move enums to seller and buyer trade

e483efd

Refactor: Rename enums

3e85ff6

Split buyer seller protocol classes.

a134c74

Add delegate protocol for cancel trade

Refactor: Move method, improve comments

fa00593

Refactor: Move message classes to new package

b4d9807

Refactor: Move dispute message classes to new dispute package

9ee586f

Refactor: Rename package

482c73a

Only log error at DelayedPayoutTx check if deposit tx is not null

54e4a08

For failed trades without deposit tx it is expected that the DelayedPayoutTx is null as well.

Merge branch 'master_upstream' into add-cancel-trade-feature

dce1873

Improve text, dont use action style for button

eae6a46

Refactor: Rename classes

4985435

chimp1984 added 10 commits September 10, 2020 20:19

Moved witness signing and msg sending to trade protocol task

6b5e08d

Refactoring: Rename param to avoid confusion with allowBroadcast and

e3c6aa2

to be more consistent with other calling methods using the same param name

Add comments

286402f

Let signer broadcast signedWitness as well.

f819a0d

Change reBroadcast flag to true.

Use a deterministic id instead of uid

396c6f4

Refactor: Use SendMailboxMessageTask to avoid duplicated code

93f24a4

Resend payment started message as long we dont get an ACK

ab2e54f

Start BuyerSendCounterCurrencyTransferStartedMessage at startup again

873d2cf

in case we have not received an ACK

Add comment

00bb8db

Remove dev test value

2b05638

sqrrm self-requested a review September 11, 2020 14:11

chimp1984 added 7 commits September 11, 2020 09:36

Refactor: Rename signAccountAgeWitness to signAndPublishAccountAgeWit…

bf3ce34

…ness Helps to make it more explicit that we not only sign but also broadcast the data.

Remove duplicate broadcast of witness data

5e46366

Send witness with PayoutTxPublishedMessage

c2296d4

Remove refresh button

37496c2

We do the re-sending of the payment sent message via the BuyerSendCounterCurrencyTransferStartedMessage task on the buyer side, so seller do not need to do anything interactively.

Refactor: Rename display strings

d53f5ed

Refactor: Move display strings

1742da3

Merge branch 'master_upstream' into add-cancel-trade-feature

8f7fe51

sqrrm requested changes Sep 16, 2020

View reviewed changes

chimp1984 changed the title ~~Add cancel trade feature~~ [WIP] Add cancel trade feature Sep 17, 2020

chimp1984 added 2 commits September 16, 2020 20:24

Apply suggestions from code review. Add todos for required changes

71e452f

Merge branch 'master_upstream' into add-cancel-trade-feature

7318b10

chimp1984 closed this Sep 19, 2020

sqrrm mentioned this pull request Sep 22, 2020

For Cycle 17 bisq-network/compensation#667

Closed

ripcurlx mentioned this pull request Sep 22, 2020

For Cycle 17 bisq-network/compensation#671

Closed

chimp1984 deleted the add-cancel-trade-feature branch October 20, 2022 16:25

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[WIP] Add cancel trade feature #4514

[WIP] Add cancel trade feature #4514

chimp1984 commented Sep 10, 2020

sqrrm left a comment

chimp1984 commented Sep 17, 2020

chimp1984 commented Sep 17, 2020

sqrrm commented Sep 17, 2020

chimp1984 commented Sep 19, 2020

[WIP] Add cancel trade feature #4514

[WIP] Add cancel trade feature #4514

Conversation

chimp1984 commented Sep 10, 2020

sqrrm left a comment

Choose a reason for hiding this comment

chimp1984 commented Sep 17, 2020

chimp1984 commented Sep 17, 2020

sqrrm commented Sep 17, 2020

chimp1984 commented Sep 19, 2020