VYFI: Fix For Incorrect Datums Resulting in "Burnt" Assets on Chain

[GENERAL] Name and surname of main applicant

Skylar Ray O'Quinn

[GENERAL] Are you delivering this project as an individual or as an entity (whether formally incorporated or not)

Entity (Incorporated)

[GENERAL] Please specify how many months you expect your project to last (from 2-12 months)

8

[GENERAL] Please indicate if your proposal has been auto-translated into English from another language

No

[GENERAL] Summarize your solution to the problem (200-character limit including spaces)

The solution is to modify our smart contract languages like Aiken, and Plutus to automatically include a way to withdraw when a UTXO is un-spendable. That way users don't unknowingly burn assets.

[GENERAL] Does your project have any dependencies on other organizations, technical or otherwise?

No

[GENERAL] If YES, please describe what the dependency is and why you believe it is essential for your project’s delivery. If NO, please write “No dependencies.”

No dependencies.

[GENERAL] Will your project’s output/s be fully open source?

Yes

[GENERAL] Please provide here more information on the open source status of your project outputs

https://www.gnu.org/licenses/gpl-3.0.html

[METADATA] Horizons

Developer Tools

[SOLUTION] Please describe your proposed solution

We must allow malformed datums to be refunded to the user, this would take the form of a redeemer constructor and case in the validator that will check for the malformed datum and then return the spent utxo to the user. This operation could be automatically included, and common tools like pluto, aiken, and plutus (Haskell) could change their generation to automatically include this case, so even when not explicitly considered by developers we can ensure such a simple mistake, that can happen on any part of the stack, doesn't cost somebody the entire output paid to the script.

We propose to update the Aiken and Plutus libraries to support this automatic withdrawal functionality, rendering users unable to burn assets due to an error in code execution. 

[IMPACT] Please define the positive impact your project will have on the wider Cardano community

Users will no longer be able accidently burn assets when datums are formed incorrectly. 

Projects will also save time and effort on support with regards to attempted salvage and return of user assets.

[CAPABILITY & FEASIBILITY] What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

Platform

We’ve been in the ecosystem for over four years. We have already delivered a unique suite of products for the ecosystem (Our DEx, our distributive BAR, first on-chain lottery, our Vaults, Transaction Cart, and many more), and continued to build and innovate within the Cardano ecosystem. We are confident with our track record and that we have the capability to deliver this code update. 

Funds

We are a registered business in Australia, with our registration under International Markets, ABN: 84 649 719 433

Abn lookup: https://abr.business.gov.au/ABN/View?abn=84649719433

The Funds (wallets) used for the development of the Auto Harvester will be public and transparent. We intend on using these funds in a transparent manner that will be auditable on chain.

Project Visibility and Community Engagement 

The VyFinance team has attended (and will continue to attend) each major Cardano event in the community, including: 

- Rare Bloom 2022

- CNFTcon 2022

- NFTxLV 2023

- Rare Evo 2023

- Rare Evo 2024

- Cardano Summit 2022

- Cardano Summit 2023

- Cardano Summit 2024

Here we have been able to build confidence with the ecosystem and create relationships with many projects and leading community members.

We have also had the honor of being awarded/nominated for multiple accolades within the blockchain. This includes:

CNFT awards - “Best Long-Term Utility” - Winner

Rare Evo Award 2024 - “Best DeFi” - Winner

Cardano Summit 2024 - “DeFi Category” - Nominated 

[PROJECT MILESTONES] What are the key milestones you need to achieve in order to complete your project successfully?

Milestone 1: 

Completed Design

We have an outline for this solution, but will need to write up the technical documents for each of the libraries, and have these documents checked by the relevant sources. The deliverable for this stage will be the public release of our technical documents and design schema. 

Implementation On Aiken

Once given the go ahead, we will implement this update on the Aiken Library. The deliverable for this stage will be a publicly viewable pull request to the Aiken Library.

Implementation on Plutus

Once implemented on Aiken, we will implement this upgrade to the Plutus Library. The deliverable for this stage will be a publicly viewable pull request to the Plutus Library.

Audit of pull requests

The audit is crucial for ensuring the quality and safety of our implementations prior to being merged to main. 

The deliverable for this milestone will be a public release of any documentation regarding the security and safety of this implementation.  

Final Merge to Libraries

We regularly engage with the Cardano community, and have released over 150 videos that can be found on YouTube. We will continue releasing content regarding the auto-harvester through until launch. We will continue to share our progress with our combined community through the various social media platforms. At this point, our changes will be fully public and available for all to use!

[RESOURCES] Who is in the project team and what are their roles?

Steven Ward - CEO

Dylan McCoy - COO

Deann Zois - CMO

Ryan Felt - CTO

Jon Hendrickson - CRO

Nick Cappiello - CCO

[BUDGET & COSTS] Please provide a cost breakdown of the proposed work and resources

[VALUE FOR MONEY] How does the cost of the project represent value for money for the Cardano ecosystem?

Many users and projects throughout our ecosystem have been negatively impacted by this crucial, albeit rare, vulnerability. Whilst the risk on any given transaction is small, this failure can result in the burning of a theoretically unlimited amount of user funds. Protecting users from this catastrophic failure will allow us to retain any persons that have encountered this issue, and ensure that the value on-chain always remains with its rightful owner.