search

3.1 Deterministic Finite State Machine (DFSM)

In OES, we not only regard state machines as a code pattern, but also as a kind of mathematical constraint. We have defined a five-tuple automaton. Let's formally describe the guarantee process:

M=(Q,Σ,δ,q0,F)M = (Q, \Sigma, \delta, q_0, F)

hashtag
3.1.1 Mathematical Definition of States

  • $Q$(Finite state set): All possible legal states in the protocol.

Q={Sinit,Slock,Sdel,Sdisp,Sfin,Svoid}Q = \{S_{init}, S_{lock}, S_{del}, S_{disp}, S_{fin}, S_{void}\}

  • (Initialized):The contract is instantiated, parameters have been configured, waiting for funding.

  • (Locked): The buyer's funds have been deposited into the Vault, and the guarantee has taken effect.

  • (Delivered): The seller submitted the on-chain performance certificate (Proof of Delivery).

  • (Disputed): A dispute is triggered, the contract is suspended, and control is transferred to DAN.

  • (Finalized): Normal case closure, with funds flowing to the seller.

  • (Voided): If the transaction is cancelled or an arbitration ruling decides on a refund, the funds will be returned to the buyer.

  • (Initial state):

  • (Set of terminating states): 。Once entering this set, the state becomes immutable.(Immutable)。

hashtag
3.1.2 Transition Function

transfer function Defines the legal state transition paths. Any attempt to transition that is not defined in this function will be handled by the smart contract's require()Statement interception and rollback (Revert)。

hashtag
The core transfer logic is as follows:

1.Locking Transition:

δ(Sinit,Deposit)Slock\delta(S_{init}, \text{Deposit}) \rightarrow S_{lock}

Constraints: msg.value >= amount or token.transferFrom Success.

2.Delivery Transition.

δ(Slock,SubmitProof)Sdel\delta(S_{lock}, \text{SubmitProof}) \rightarrow S_{del}

Constraints: Only the seller can call, and block.timestamp < deliveryDeadline。

3.Settlement Transition:

δ(Sdel,Confirm)Sfin\delta(S_{del}, \text{Confirm}) \rightarrow S_{fin}

Constraints: Buyer's signature confirmation or block.timestamp > inspectionPeriod (Automatic acceptance)。

4.Dispute Interrupt:

δ({Sdel,Slock},RaiseDispute)Sdisp\delta(\{S_{del}, S_{lock}\}, \text{RaiseDispute}) \rightarrow S_{disp}

Constraints: within the inspectionPeriod, and neither party has confirmed.

hashtag
3.1.3 Atomic Swap Implementation

OES leverages the atomic nature of blockchain to implement Conditional Asset Swap. Unlike traditional Hash Time-Locked Contracts (HTLC), which rely solely on hash preimages, OES expands the triggering conditions.

Solidity Style Pseudocode:

Solidity

Security Properties:

  • Idempotency: because the state was modified in step 4 to FINALIZED, even if the attacker calls the function again, it will still be in step 2 require fail. This ensures that the funds can only be released once.

  • Delivery-versus-Payment (DvP): The only prerequisite for the release of funds is that the state machine has successfully transitioned to (meaning that the seller has submitted evidence). Mathematically, it is guaranteed that the buyer cannot withdraw funds unless the seller has submitted the action (except for refund upon timeout).

PreviousOES: The Omni Escrow SystemNext3.2 The Vault Standard: OmniVault

Last updated