T3 Lockup Implementation (#3772)

* Start lockup implementation

* Restructure and implement balance changes to handle lockups

* Logic for earned tokens

* Tests passing

* Test updates

* Refactor logic

* Fix data types

* Restructure logic

* Below 0 handling and tests

* Prettier

* QRcode package

* Yarn.lock conflict

Author: Tom Linton

infra/token-transfer-server/.sequelizerc

@@ -0,0 +1,6 @@
+const path = require('path')
+
+module.exports = {
+  'models-path': path.resolve('src', 'models'),
+  'migrations-path': path.resolve('.', 'migrations')
+}

infra/token-transfer-server/migrations/20191022000751-create-lockup.js

@@ -0,0 +1,47 @@
+'use strict'
+
+const tableName = 't3_lockup'
+
+module.exports = {
+  up: (queryInterface, Sequelize) => {
+    return queryInterface.createTable(tableName, {
+      id: {
+        allowNull: false,
+        autoIncrement: true,
+        primaryKey: true,
+        type: Sequelize.INTEGER
+      },
+      user_id: {
+        allowNull: false,
+        type: Sequelize.INTEGER,
+        references: { model: 't3_user', key: 'id' }
+      },
+      start: {
+        allowNull: false,
+        type: Sequelize.DATE
+      },
+      end: {
+        allowNull: false,
+        type: Sequelize.DATE
+      },
+      bonus_rate: {
+        allowNull: false,
+        type: Sequelize.FLOAT
+      },
+      amount: {
+        type: Sequelize.DECIMAL
+      },
+      created_at: {
+        allowNull: false,
+        type: Sequelize.DATE
+      },
+      updated_at: {
+        allowNull: false,
+        type: Sequelize.DATE
+      }
+    })
+  },
+  down: queryInterface => {
+    return queryInterface.dropTable(tableName)
+  }
+}

infra/token-transfer-server/package.json

@@ -50,6 +50,7 @@
     "passport-totp": "^0.0.2",
     "per-env": "^1.0.2",
     "pg": "^7.11.0",
+    "qrcode": "^1.4.2",
     "react-redux": "^7.1.0",
     "react-router-dom": "^5.0.1",
     "react-thunk": "^1.0.0",

infra/token-transfer-server/src/config.js

@@ -40,9 +40,17 @@ const unlockDate = process.env.UNLOCK_DATE
   ? moment.utc(process.env.UNLOCK_DATE)
   : moment.utc('2020-01-01')
 
+// Lockup bonus rate as a percentage
+const lockupBonusRate = process.env.LOCKUP_BONUS_RATE || 10
+
+// Lockup duration in months
+const lockupDuration = process.env.LOCKUP_DURATION || 12
+
 module.exports = {
   discordWebhookUrl,
   encryptionSecret,
+  lockupBonusRate,
+  lockupDuration,
   networkId,
   port,
   portalUrl,

infra/token-transfer-server/src/controllers/account.js

@@ -2,13 +2,13 @@ const express = require('express')
 const router = express.Router()
 const { check, validationResult } = require('express-validator')
 
+const { asyncMiddleware } = require('../utils')
 const { ensureLoggedIn } = require('../lib/login')
 const {
-  asyncMiddleware,
   isEthereumAddress,
   isExistingAddress,
   isExistingNickname
-} = require('../utils')
+} = require('../validators')
 const { Account } = require('../models')
 
 /**

infra/token-transfer-server/src/controllers/index.js

@@ -4,6 +4,7 @@ const router = express.Router()
 router.use('/api', require('./account'))
 router.use('/api', require('./event'))
 router.use('/api', require('./grant'))
+router.use('/api', require('./lockup'))
 router.use('/api', require('./login'))
 router.use('/api', require('./transfer'))
 router.use('/api', require('./user'))

infra/token-transfer-server/src/controllers/lockup.js

@@ -0,0 +1,71 @@
+const express = require('express')
+const router = express.Router()
+const AsyncLock = require('async-lock')
+const lock = new AsyncLock()
+const { check, validationResult } = require('express-validator')
+
+const { asyncMiddleware } = require('../utils')
+const { isValidTotp } = require('../validators')
+const { ensureLoggedIn } = require('../lib/login')
+const { Lockup } = require('../models')
+const { addLockup } = require('../lib/lockup')
+const logger = require('../logger')
+
+/**
+ * Returns lockups for the authenticated user.
+ */
+router.get(
+  '/lockups',
+  ensureLoggedIn,
+  asyncMiddleware(async (req, res) => {
+    const lockups = await Lockup.findAll({ where: { userId: req.user.id } })
+    res.json(
+      lockups.map(lockup => {
+        return lockup.get({ plain: true })
+      })
+    )
+  })
+)
+
+/**
+ * Add a new lockup.
+ */
+router.post(
+  '/lockups',
+  [
+    check('amount')
+      .isNumeric()
+      .toInt()
+      .isInt({ min: 0 })
+      .withMessage('Amount must be greater than 0'),
+    check('code').custom(isValidTotp),
+    ensureLoggedIn
+  ],
+  asyncMiddleware(async (req, res) => {
+    const errors = validationResult(req)
+    if (!errors.isEmpty()) {
+      return res
+        .status(422)
+        .json({ errors: errors.array({ onlyFirstError: true }) })
+    }
+
+    const { amount } = req.body
+
+    let lockup
+    try {
+      await lock.acquire(req.user.id, async () => {
+        lockup = await addLockup(req.user.id, amount)
+      })
+      logger.info(`User ${req.user.email} added a lockup of ${amount} OGN`)
+    } catch (e) {
+      if (e instanceof ReferenceError || e instanceof RangeError) {
+        res.status(422).send(e.message)
+      } else {
+        throw e
+      }
+    }
+    res.status(201).json(lockup.get({ plain: true }))
+  })
+)
+
+module.exports = router

infra/token-transfer-server/src/controllers/login.js

@@ -24,7 +24,9 @@ router.post(
     logger.debug('/send_email_code called for', email)
 
     // No await to prevent enumeration of valid emails
-    sendLoginToken(email)
+    if (process.env.NODE_ENV !== 'test') {
+      sendLoginToken(email)
+    }
 
     res.setHeader('Content-Type', 'application/json')
     res.send(JSON.stringify({ email }))

infra/token-transfer-server/src/controllers/transfer.js

@@ -11,12 +11,10 @@ const { Transfer } = require('../../src/models')
 const { ensureLoggedIn } = require('../lib/login')
 const {
   asyncMiddleware,
-  isEthereumAddress,
-  isValidTotp,
   getFingerprintData,
-  getUnlockDate,
-  hasBalance
+  getUnlockDate
 } = require('../utils')
+const { isEthereumAddress, isValidTotp } = require('../validators')
 const { encryptionSecret, unlockDate } = require('../config')
 const { addTransfer, confirmTransfer } = require('../lib/transfer')
 
@@ -44,7 +42,8 @@ router.post(
     check('amount')
       .isNumeric()
       .toInt()
-      .custom(hasBalance),
+      .isInt({ min: 0 })
+      .withMessage('Amount must be greater than 0'),
     check('address').custom(isEthereumAddress),
     check('code').custom(isValidTotp),
     ensureLoggedIn

infra/token-transfer-server/src/lib/balance.js

@@ -0,0 +1,79 @@
+const { Grant, Lockup, Transfer, User } = require('../models')
+const {
+  calculateVested,
+  calculateUnlockedEarnings,
+  calculateWithdrawn,
+  calculateLocked,
+  calculateEarnings
+} = require('../shared')
+const logger = require('../logger')
+
+/**
+ * Helper method to check if a user has balance available for adding a transfer
+ * or a lockup.
+ *
+ * Throws an exception in case the request is invalid.
+ *
+ * @param userId
+ * @param amount
+ * @returns Promise<User>
+ * @private
+ */
+async function hasBalance(userId, amount) {
+  const user = await User.findOne({
+    where: {
+      id: userId
+    },
+    include: [{ model: Grant }, { model: Transfer }, { model: Lockup }]
+  })
+  // Load the user and check there enough tokens available to fulfill the
+  // transfer request
+  if (!user) {
+    throw new Error(`Could not find specified user id ${userId}`)
+  }
+
+  // Sum the vested tokens for all of the users grants
+  const vested = calculateVested(user.Grants)
+  logger.info('Vested tokens', vested.toString())
+  // Sum the unlocked tokens from lockup earnings
+  const lockupEarnings = calculateUnlockedEarnings(user.Lockups)
+  logger.info('Unlocked earnings from lockups', lockupEarnings.toString())
+  // Sum amount withdrawn or pending in transfers
+  const transferWithdrawnAmount = calculateWithdrawn(user.Transfers)
+  logger.info(
+    'Pending or transferred tokens',
+    transferWithdrawnAmount.toString()
+  )
+  // Sum locked by lockups
+  const lockedAmount = calculateLocked(user.Lockups)
+  logger.info('Tokens in lockup', lockedAmount.toString())
+
+  // Calculate total available tokens
+  const available = vested
+    .plus(lockupEarnings)
+    .minus(transferWithdrawnAmount)
+    .minus(lockedAmount)
+
+  if (available < 0) {
+    logger.info(`Amount of available OGN is below 0 for user ${user.email}`)
+
+    throw new RangeError(`Amount of available OGN is below 0`)
+  }
+
+  if (amount > available) {
+    logger.info(
+      `Amount of ${amount} OGN exceeds the ${available} available for user ${user.email}`
+    )
+
+    throw new RangeError(
+      `Amount of ${amount} OGN exceeds the ${available} available balance`
+    )
+  }
+
+  return user
+}
+
+module.exports = {
+  calculateEarnings,
+  hasBalance
+}

infra/token-transfer-server/src/lib/lockup.js

@@ -0,0 +1,49 @@
+const moment = require('moment')
+
+const { LOCKUP_REQUEST } = require('../constants/events')
+const { Event, Lockup, sequelize } = require('../models')
+const { lockupBonusRate, lockupDuration } = require('../config')
+const { hasBalance } = require('./balance')
+const logger = require('../logger')
+
+/**
+ * Adds a lockup
+ * @param userId - user id of the user adding the lockup
+ * @param amount - the amount to be locked
+ * @returns {Promise<Lockup>} Lockup object.
+ */
+async function addLockup(userId, amount, data = {}) {
+  const user = await hasBalance(userId, amount)
+
+  let lockup
+  const txn = await sequelize.transaction()
+  try {
+    const now = moment()
+    lockup = await Lockup.create({
+      userId: user.id,
+      start: now,
+      end: now.add(lockupDuration, 'months'),
+      bonusRate: lockupBonusRate,
+      amount,
+      data
+    })
+    await Event.create({
+      userId: user.id,
+      action: LOCKUP_REQUEST,
+      data: JSON.stringify({
+        lockupId: lockup.id
+      })
+    })
+    await txn.commit()
+  } catch (e) {
+    await txn.rollback()
+    logger.error(`Failed to add lockup for user ${userId}: ${e}`)
+    throw e
+  }
+
+  return lockup
+}
+
+module.exports = {
+  addLockup
+}