Hydro provides a set of open source smart contracts for implementing ERC20 token exchange capabilities. The Hydro smart contracts are each optimized to perform different types of ERC20 token exchanges. The following figure outlines the broad-scale structure of Hydro Protocol with respect to chains and exchanges.
Within this, there are several nuances. The standard mode is an approval based structure which uses a proxy address to handle token allowance and transfer permissions from users. The structure for this is shown in the figure below:
The following descriptions provide specific details on each segment of the smart contract architecture.
The Hybrid Exchange contract is at the core of the entire protocol. It handles the matching and cancelation of orders.
Specifically, the bulk of the exchange logic resides in the public method matchOrders, which:
- Checks signatures and verifies the integrity of orders
- Computes the resulting state that would occur as a result of matching the passed in orders via a set of limit exchange matching engine rules
- Delegates the actual settlement (a set of token transfers) to the Proxy
The Proxy contract is primarily designed to perform ERC20 to ERC20 token swaps. It is responsible for actually settling the results of matching orders. The Engine (Hybrid Exchange) delegates this key functionality to Proxy. One advantage of using the proxy contract for this is that it allows the Exchange contract to be upgraded without requiring users to waste gas on re-approvals and break the flow of the exchange.
The Proxy contract is built to have two primary methods of settlement: approval and depository. Approval is the default methodology.
ERC20 defines the
transferFrom interfaces, and a user can pre-authorize a certain amount of transfer rights to the HydroProxy address. In this way, HydroProxy has the authority to transfer the user's assets under specified conditions.
In this mode, when a user places an order, the user's actual assets remain in their own address and can be freely controlled at any time until the order is matched (no deposit). Once an order is matched, the proxy contract then executes a transaction that transfers the assets of the trade. Each party of the trade receives their new assets in their address directly (no withdraw).
Since there is no requirement for
transferFrom, the Depository Proxy has greater flexibility than the Approval Proxy and is not limited to transactions between ERC20. The Depository Proxy can support Eth directly.
Before trading, the trader needs to deposit the corresponding currency into the Depository Proxy before placing an order. After a transaction occurs, the assets obtained from the transaction will be logically transferred in the proxy. When the user needs to use this part of the assets, they need to withdraw them from the Depository Proxy to their own address.
The Hydro Proxy is responsible for hosting the user's assets, so a strict mechanism is needed to keep the user's assets safe. Only a strictly audited, logically correct contract can be added into proxy whitelist. Only addresses in this whitelist can execute trades and transfer user assets.
The ability to add addresses to the proxy whitelist is controlled by MultiSigWallet. MultiSigWallet requires multiple owners to authorize and can perform authorization operations after a 14-day lockout period.
MultiSigWallet is autonomous by the community.
Swap Handler Contract
The Swap contract provides an easier, but more restrictive way to exchange tokens. The Swap Contract still uses the same Proxy contract for token allowance, but it is completely separate from the Hybrid Exchange contract.
A user or a contract can take an offline swap order by calling the Swap Contract directly. The exchange process is atomical. It doesn't require a offline matching engine. It is designed to be used to build more lightweight products, such as trading widgets. It can also be used for some others contracts like dydx which need on-chain liquidity.