48 | Writing a contract
49 |
50 | A contract consists of a state, some
51 | funds and multiple methods, which can be
52 | called by anyone and may affect the contract state, make GET requests to
53 | other places on the internet and manage the contract funds. What we call
54 | methods are just Lua functions.
55 |
56 |
57 | See the following example of a simple "community faucet" contract code:
58 |
59 |
60 | {faucetcode}
61 |
62 |
63 | The contract above allows generous rich people to put money in (by calling
64 | fundfaucet and including some satoshis in the call) and poor
65 | people to get the money out (by calling getmoney and specifying
66 | how much they want to withdraw in the call payload).
67 |
68 |
69 | However, it is very naïve and could easily be exploited. Although it limits
70 | withdrawals to 100 sat, someone could easily call the
71 | getmoney method multiple times and get all the money to itself.
72 | A less naïve approach would use the global contract.state to
73 | store a list of accounts who have already called getmoney and
74 | disallow them from calling it again. Another approach would be to use
75 | os.time() to keep track of the time of the withdrawals and
76 | force people to wait some time until they can call
77 | getmoney again. The possibilities are endless.
78 |
79 |
80 | Now that you've seen a contract, here are other things you must know about
81 | them:
82 |
83 |
84 | -
85 | Each contract must have an
__init__ method. That is a special
86 | method that is called only when the contract is created, it must return a
87 | Lua table that will serve as the initial contract state.
88 |
89 | -
90 | All other top level functions are methods callable from the external
91 | world, except methods with names beginning in an underscore:
92 |
_.
93 |
94 | -
95 | Some internal functions called from within a contract may fail and these
96 | may call the call execution to terminate, like
97 |
contract.send(). Others, like http calls, can
98 | fail without causing the contract to terminate, instead they return an
99 | error, If you want the call to fail completely you must check for these
100 | errors and call the Lua function error() directly.
101 |
102 | -
103 | All calls and payloads will be stored publicly in the contract history,
104 | except for errored calls.
105 |
106 | -
107 | For your contracts to be easily integrated into the contract explorer and
108 | method caller interface in this website, make sure to follow these
109 | guidelines:
110 |
111 | -
112 | Write top-level methods with 0 indentation, both the
113 |
function and the end keywords.
114 |
115 | -
116 | When referring to payload fields, use the full object path, like
117 |
call.payload.fieldname at least once, in other words,
118 | don't assign call.payload to another variable or you'll
119 | break our naïve regex-based parser.
120 |
121 | -
122 | If you intend to use helper functions from inside the main methods,
123 | don't rely on
call and contract globals,
124 | instead pass them as arguments.
125 |
126 |
127 | These are just soft requirements and they may be dropped once we get a
128 | better Lua parser on our UI (but that will probably never happen).
129 |
130 | -
131 | No one is able to change a contract's code after it has been activated,
132 | not even the contract creator (but contracts can be deleted if you made a
133 | mistake when creating them, provided they're new and don't have any
134 | funds). But of course this is a centralized system and the Etleneum team
135 | may delete contracts if they consider them wrong or harmful in any way.
136 |
137 |
138 | Calling a contract
139 | When you make a call, you send 4 things to the contract:
140 |
141 | -
142 | A string method with the name of the contract method
143 | you're calling.
144 |
145 | - A JSON payload.
146 | -
147 | An integer representing the number of msatoshis to
148 | include in your call. Some methods may require you to include a certain
149 | number of msatoshis so they can be effective. The invoice you're required
150 | to pay to make any call includes this number of msatoshis plus a small
151 | antispam cost.
152 |
153 | Regardless of what the contract code does with them, the msatoshis are
154 | always added to the contract funds.
155 |
156 | -
157 | Optionally, a
?session=<String> query string
158 | identifying the current authenticated user,
159 |
160 |
161 | Contract API
162 |
163 | Contract code has access to the following globals:
164 |
165 |
166 | -
167 |
call table with fields:
168 |
169 | id: String, the call id, mostly useless;-
171 |
payload: Any, the payload submitted along with the call;
172 |
173 | msatoshi: Int, the funds included in the call;
175 |
176 | -
177 |
contract table with fields:
178 |
179 | id: String, the contract id, mostly useless;-
181 |
state: Any, the contract current state, should be mutated
182 | in-place;
183 |
184 | -
185 |
get_funds: () => Int, a function that returns the
186 | contract's current funds, in msatoshi;
187 |
188 | -
189 |
send: (target: String, msatoshi: Int) => (), a function
190 | that sends from the contract funds to an user/contract;
191 |
192 |
193 |
194 | -
195 |
account table with fields:
196 |
197 | -
198 |
id: String, the account id of the caller,
199 | nil when the call is not authenticated;
200 |
201 | -
202 |
get_balance: () => Int, a function that returns the
203 | caller's full balance;
204 |
205 | -
206 |
send: (target: String, msatoshi: Int) => (), a function
207 | that sends from the caller's balance to another user/contract;
208 |
209 |
210 |
211 | -
212 |
etleneum table with fields:
213 |
214 | -
215 |
get_contract: (id: String) => (state: Any, funds: Int), a
216 | function that returns data about another contract.
217 |
218 | -
219 |
call_external: (contract_id: String, method: String, payload: Any,
221 | msatoshi: Int, params: {`{as: String?}`}) => (), a function that calls a method on another contract -- each external
223 | call costs one satoshi and it must be manually included in the current
224 | call, the as parameter could be either "contract" to make
225 | the call as the contract or "user" to make the call as the current
226 | user, or nil;
227 |
228 |
229 |
230 | -
231 |
util table with functions:
232 |
233 | -
234 |
print: (...Any) => (), shows a notification to the caller
235 | if he is listening to the server stream when making the call;
236 |
237 | -
238 |
sha256: (any: String) => String, takes any string and
239 | returns it's SHA256, hex-encoded.
240 |
241 | cuid: () => String, generates a random id;-
243 |
parse_bolt11: (pr: String) => (inv: {payee: String, expiry:
245 | Int, routes: Array, currency: String, msatoshi: Int, created_at:
246 | Int, description: String, payment_hash: String,
247 | min_final_cltv_expiry: Int}, error), parses a bolt11 invoice (and checks signatures, as this has not
249 | many more uses besides checking signatures);
250 |
251 |
252 |
253 | -
254 |
http table with functions:
255 |
256 | -
257 |
gettext: (url: String, headers: Map) => (body: String, error), calls an URL and returns the body response as text;
260 |
261 | -
262 |
getjson: (url: String, headers: Map) => (body: Any, error), calls an URL and returns the body response JSON as a table;
264 |
265 | -
266 |
postjson: (url: String, data: Any, headers: Map) => (body: Any,
268 | error), calls an URL and returns the body response JSON as a table;
270 |
271 |
272 |
273 | -
274 | Then there are the following modules and functions from Lua's standard
275 | library, all pre-imported and available:
276 |
277 | pairs;ipairs;next;error;tonumber;tostring;type;unpack;string with most its functions;table with most its functions;math with most its functions;-
289 |
os with time, clock,
290 | difftime and date functions;
291 |
292 |
293 |
294 |
295 | JSON API
296 |
297 | Anything you can do on this website you can also do through Etleneum's
298 | public JSON API.
299 |
300 | Types
301 |
302 | -
303 |
Contract:
304 | {id: String, code: String, name: String, readme: String, funds:
306 | Int}
308 |
309 | -
310 |
Call:
311 | {id: String, time: String, method: String, payload: Any, matoshi:
313 | Int, cost: Int, diff: String, transfers: []Transfer, ran:
314 | Bool}
316 |
317 | -
318 |
Transfer:
319 | {direction: "in" | "out", matoshi: Int, counterparty:
321 | String}
323 |
324 | -
325 |
AccountHistoryEntry:
326 | {msatoshi: Int, time: String, counterparty: String}
327 |
328 |
329 | Endpoints
330 |
331 | All paths start at https://etleneum.com and must be called with
332 | Content-Type: application/json. All methods are
333 | CORS-enabled and no authorization mechanism is required or supported.
335 | All calls return an object of type
336 | {ok: Bool, error: String, value: Any}. The relevant
337 | data is always in the value key and error is only
338 | present when the call has failed. In the following endpoint descriptions we
339 | omit the ok/value envelope and show just what should be inside
340 | value.
341 |
342 |
343 | -
344 |
GET /~/contracts lists all the contracts, sorted
345 | by the most recent activity, returns Contract;
346 |
347 | -
348 |
POST /~/contract prepares a new contract, takes
349 | {name: String, code: String, readme: String},
350 | returns {id: String, invoice: String}, when the
351 | invoice is paid the __init__ call is executed and the
352 | contract is created;
353 |
354 | -
355 |
GET /~/contract/<id> returns the full
356 | contract info, Contract;
357 |
358 | -
359 |
GET /~/contract/<id>/state returns just
360 | the contract state, Any;
361 |
362 | -
363 |
POST
364 | /~/contract/<id>/state with <jq_filter> as the
365 | body, or
366 | GET
367 | /~/contract/<id>/state/<jq_filter>
368 | returns the contract state after a
369 | jq filter has been
370 | applied to it, Any;
371 |
372 | -
373 |
GET /~/contract/<id>/funds returns just
374 | the contract funds, in msat, Int;
375 |
376 | -
377 |
GET /~/contract/<id>/calls lists all
378 | contract calls, sorted by most recent first, returns Call;
379 |
380 | -
381 |
SSE /~~~/contract/<id> returns a
382 | text/event-stream that emits the following events:
383 |
384 | contract-created: {id: String};-
386 |
contract-error: {id: String, kind: "internal" | "runtime",
388 | message: String};
390 |
391 | -
392 |
call-run-event: {id: String, contract_id: String, kind:
394 | "start" | "print" | "run" String, message: String, method:
395 | String};
397 |
398 | -
399 |
call-made: {id: String, contract_id: String, method:
401 | String};
403 |
404 | -
405 |
call-error: {id: String, contract_id: String, kind: "internal"
407 | | "runtime", message: String, method: String};
409 |
410 |
411 |
412 | -
413 |
POST /~/contract/<id>/call prepares a new
414 | call, takes
415 | {method: String, payload: Any, msatoshi: Int},
416 | returns {id: String, invoice: String}, when the
417 | invoice is paid the call is executed;
418 |
419 | -
420 |
GET /~/call/<id> returns the full call
421 | info, Call;
422 |
423 | -
424 |
PATCH /~/call/<id> takes anything passed
425 | in the JSON body and patches it to the current prepared call
426 | payload, returns the full call info, Call;
427 |
428 | -
429 |
GET /lnurl/auth performs
430 | lnurl-auth
434 | and creates a session;
435 |
436 | -
437 |
SSE /~~~/session[?session=...] returns a
438 | text/event-stream that emits the following events:
439 |
440 | -
441 |
lnurls: {auth: String, withdraw: String};
442 |
443 | -
444 |
auth: {account: String, balance: Int, [secret:
446 | String]};
448 |
449 | history: {[]AccountHistoryEntry};-
451 |
withdraw: {amount: Int, new_balance: Int};
452 |
453 |
454 |
455 |
456 |
457 |
--------------------------------------------------------------------------------
71 | 
98 | 