๐Token Retirement Contract
Last updated
Last updated
The implementation of token retirement in Guardian relies on the capability of Hedera HCS allowing โwipeโ rights for a given token to be assigned to a contract identifier instead of an account key (the account key is commonly referred to as โwipe keyโ). Thus in Guardian for each token a corresponding โwiping contractโ is created, which controls the lifecycle of the token instances. These contracts implement a dynamic access control logic/list (ACL) managed by the Standard Registries (SRs) which issued the corresponding tokens. The contracts provide methods to add/remove โretirement contractโ identifiers to ACLs, thus giving/retracting their permissions to call โwipeโ methods of wiping contracts, which actually execute the wiping of token instances.
The โretirement contractsโ are responsible for the mechanics of matching โcreditโ and โdebitโ tokens, and atomic retirement operations on these matched โplusโ and โminusโ pools (executed via the wiping contracts as per above). The retirement contracts that come out of the box in Guardian implement functionality allowing providers of retirement services to setup configuration of retirements pools, and request the โwipeโ permissions from the token โwiping contractsโ. Guardian UI provides facilities to easily setup these contracts and configure such pools, however the architecture from the start is designed to be decentralised and scalable, such contracts and token pool configurations can be created, deployed and operated by stand-alone entities independently of Standard Registries and/or Guardian instances. It is expected that there would appear multiple โexchange-likeโ services, which would implement their own retirement contracts (based on โcanonicalโ Guardian implementations) with enhanced and expanded rule sets, which would provide automatic โmatch-makingโ services for token owners. The architecture allows anyone to attempt to become such a token retirement โexchangeโ, however the token issuers maintain control over which of these they โapproveโ to operate on their tokens via the ACL in the corresponding wiping contracts.
The high-level flow of the actions which configure token retirement is illustrated on the sequence diagram below:
Guardian contains a full production retirement system implementation which allows the configuration of arbitrary pools of tokens (two-sided, one-sides, with arbitrary โexchange ratesโ etc), issued by different SRs, operating on different Guardian instances, to be configured for retirement with arbitrary additional rules further controlling their lifecycle.
A simplified architecture diagram of the retirement contracts implementation is shown on the diagram below.
