Forced Exit
Emergency funds withdrawal in case the relayer is unavailable
Last updated
Was this helpful?
Emergency funds withdrawal in case the relayer is unavailable
Last updated
Was this helpful?
The zkBob solution involves interacting with the pool through a relayer. You cannot send deposit, transfer, or withdrawal transactions directly to the contract. This is done to facilitate interaction with the pool without the need to pay fees in the native coin. If the relayer subsystem is unavailable for the any reason, there is an option for emergency withdrawal from the pool. In this case, you must interact directly with the pool contract.
In the event of an emergency exit, all available funds will be withdrawn to the specified address, but the zk-account will be destroyed, and you will no longer be able to use it for transactions.
An emergency exit is performed in two stages. In the first stage, you request an exit window from the pool contract, specifying all the necessary parameters in advance, such as the withdrawal address, the amount of funds, and the computed proof for the withdrawal transaction. This operation is known as commit. The exit window opens 1 hour after the commitment and is available for 24 hours after the commit.
The second stage can be completed only during the window's validity period. To perform it you must send an emergency exit execution transaction.
If you miss the exit window, you will need to cancel the previously committed emergency exit in order to request a new exit window.
If the relayer's functionality is restored before executing an emergency exit, and you send any regular transaction to the pool, the existing emergency exit will be invalidated.
If the relayer is in the operational state it will block your transactions from your account during the active exit window.
After a successful emergency exit, your account is marked as destroyed on the pool contract and all incoming transfers to that account will burned.
It's important to note that in the case of an emergency exit execution, only the exact amount specified in the commit transaction will be withdrawn. If you receive an incoming transfer after the commit but before the withdrawal is executed, it will not be withdrawn. In this case, you must wait until the exit window expires, cancel the exit, and then create a new one (which takes into account the received funds).
The following routines guide you through the emergency exit procedure and help to retrieve related info.
The account can be destroyed only during execution of the forced exit.
Promise returns boolean indicating if the forced exit procedure was performed for the account.
The forced exit functionality can be unsupported in the certain pools. Use the following routine to check if this feature is supported.
Promise returns boolean indicating if the forced exit is supported by the current pool contract.
To check forced exit state for your current account you can use the following routine:
When you commit a forced exit the set of parameters should be specified. The following method retrieves the committed forced exit parameters (if the exist).
The following structure describes the second stage result. It's available only in the ForcedExitState.Completed state.
You should always check available funds and compare with the account balance before committing to the forced exit.
Promise returns amount of tokens in pool dimension which can be withdrawn during the forced exit.
This is the first stage of the emergency exit flow. The following method will prepare all values needed to send the commit transaction and invoke a callback to send it.
executerAddress - who will be able to send execute transaction (set to zero address to disable constraints).
toAddress - who will receive funds during forced exit execution.
Use the following routine to complete the committed forced exit. It will automatically collect all needed data and invoke the callback to send a transaction.
If you miss the exit window, you need to first cancel the exit (with the current nullifier) before creating a new one. Use the following method:
Promise returns enum member.
Promise returns object or undefined if unavailable.
Although object contains the cancelled property which can indicate the forced exit was cancelled, the current method doesn't return an object for the cancelled forced exit (because it's difficult to locate it due to nullifier updates).
Promise returns object or undefined if unavailable.
Keep in mind your account configuration may consist of a lot of incoming transfers (notes) which cannot be withdrawn within a single transaction. For the forced exit flow you can use just an account balance with three notes. You cannot initiate an aggregation transaction to collect unspent notes by direct pool contract interaction. Additional details about notes handling can be found
sendTxCallback - callback will be invoked by this method when commit transaction should be sent. You should sign and send the requested transaction (described by ) in your callback and return a transaction hash.
Promise returns object or undefined if unavailable
This routine should be invoked only in ForcedExitState.CommittedReady otherwise an InternalError will thrown
sendTxCallback - callback will be invoked by this method when execute transaction should be sent. You should sign and send requested transaction (described by ) in your callback and return a transaction hash
Promise returns object or undefined if unavailable
This routine should be invoked only in ForcedExitState.Outdated otherwise an InternalError will thrown
sendTxCallback - callback will be invoked by this method when cancel transaction should be sent. You should sign and send requested transaction (described by ) in your callback and return a transaction hash.
Promise returns object or undefined if unavailable.