The Deposit Manager contract serves as a gated entry point for deposits into the Nocturne protocol. Users instantiate deposits by sending their ETH or ERC-20 assets to the contract. The contract will non-custodially hold the user's funds until an off-chain screener signs and completes the deposit request or the user retrieves their deposit.
Users instantiate deposits by calling one of the instantiateErc20MultiDeposit or instantiateETHMultiDepositmethods, supplying additional ETH with the call to later compensate the screener for gas. During the deposit instantiation process, one or more DepositRequest structs are created, containing the spender's address, the encoded asset information, the deposit value, a stealth address, a nonce, and gas compensation. These deposit requests are hashed into 32-byte identifiers that are stored to track each deposit.
The retrieveDeposit function allows users to withdraw their assets if they change their mind or their deposit request is not completed by the screener. To retrieve a deposit, the function verifies that the caller is the original spender and checks if the deposit request exists. If the deposit request is valid, the assets are transferred back to the spender, and the gas compensation is returned.
The completeErc20Deposit function is used to complete a deposit after it has been signed off on by a screener. This function takes a deposit request and a signature as input. It verifies that the signature is from an allowed screener and confirms the existence of the deposit request. Once validated, the deposit hash is cleared, the assets are transferred to the Teller, and the gas compensation is distributed to the screener. Any remaining gas compensation left is sent back to the user.
Global Caps and Max Deposit Sizes
In order to control the rate at which funds flow into the protocol, we set a global hourly cap that is enforced in-contract (e.g. 100 ETH per hour). Additionally, we enforce a max size per deposit (e.g. 5 ETH) to ensure users don't hog the amount of available deposit "space" by submitting one large deposit that fills the current hour's entire cap. The off-chain screener will observe incoming deposits do its best to ensure fair distribution of deposit queue space. The in-contract restrictions are there as a backstop so nobody (including the screener) is able to intentionally or accidentally over-deposit.