diff --git a/algorand/README.md b/algorand/README.md
index f1a70a388..6cbd1b2ba 100644
--- a/algorand/README.md
+++ b/algorand/README.md
@@ -8,13 +8,13 @@ This directory contains the components needed to support full Wormhole functiona
This system is comprised of the following main components:
-* **Core contract (`wormhole_core.py`)**: Algorand stateful contract with entrypoints for publishing messages (VAAs), verification of VAA signatures, and triggering of governance chores. This will be referred as _CoreContract_ in this document.
+* **Core contract ([`wormhole_core.py`](./wormhole_core.py))**: Algorand stateful contract with entrypoints for publishing messages (VAAs), verification of VAA signatures, and triggering of governance chores. This will be referred as _CoreContract_ in this document.
-* **Token bridge contract (`token_bridge.py`)**: Algorand stateful contract supporting cross-chain bridging, exposing entrypoints for exchanging attestations, native tokens and ASAs, and triggering of governance. This will be referred as _TokenBridge_ in this document.
+* **Token bridge contract ([`token_bridge.py`](./token_bridge.py))**: Algorand stateful contract supporting cross-chain bridging, exposing entrypoints for exchanging attestations, native tokens and ASAs, and triggering of governance. This will be referred as _TokenBridge_ in this document.
-* **VAA verification stateless program (`vaa_verify.py`)**: Stateless program for verifying the signatures of a Wormhole VAA payload against the set of active guardian public keys. This will be referred as _VaaVerify_ in this document.
+* **VAA verification stateless program ([`vaa_verify.py`](./vaa_verify.py))**: Stateless program for verifying the signatures of a Wormhole VAA payload against the set of active guardian public keys. This will be referred as _VaaVerify_ in this document.
-* **Dynamic storage stateless program (`TmplSig.py`)**: A stateless program that is bound to the main core and token bridge contracts to provide dynamic storage spaces addressable as a raw blob of bytes. See `local_blob.py`. This will be referred as _TmplSig_ in this document.
+* **Dynamic storage stateless program ([`TmplSig.py`](./TmplSig.py))**: A stateless program that is bound to the main core and token bridge contracts to provide dynamic storage spaces addressable as a raw blob of bytes. See [`local_blob.py`](./local_blob.py). This will be referred as _TmplSig_ in this document.
Helper utilities and code include support PyTEAL code, deployment tools and tests.
@@ -24,31 +24,27 @@ Helper utilities and code include support PyTEAL code, deployment tools and tes
### _TmplSig_ details
--------------------
-This stateless program code is parametrized with several values that give different output address. The stateless code will check for several transaction group parameters accordingly.
+This stateless program code is parameterized with several values that give different output address. The stateless code will check for several transaction parameters accordingly.
-|Text |Replaced by |
-|------|------------|
-|`TMPL_ADDR_IDX`| Where storage starts interpreting the space as a raw array of bytes |
-|`TMPL_EMITTER_ID` | Concatenation of chain Id + emitter Id in VAAs to be processed, or a hardcoded string identifying the type of information stored e.g `guardian` utf8 string stored in hex. |
-|`TMPL_SEED_AMT` | The amount that is paid in Gtxn[0] transaction group fee |
-|`TMPL_APP_ID` | Application Id of _CoreContract_, _TokenBridge_, etc that is specified in Gtxn[1] for **opt-in** transaction |
-|`TMPL_APP_ADDRESS`| Escrow address of the stateful contract specified in `APP_ID`. Used for **rekey transaction** in Gtxn[2]|
+| Text | Replaced by |
+|--------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `TMPL_ADDR_IDX` | Where storage starts interpreting the space as a raw array of bytes |
+| `TMPL_EMITTER_ID` | Concatenation of chain Id + emitter Id in VAAs to be processed, or a hardcoded string identifying the type of information stored e.g `guardian` utf8 string stored in hex. |
+| `TMPL_APP_ID` | Application Id of _CoreContract_, _TokenBridge_, etc that is specified as the **opt-in** target transaction
+| `TMPL_APP_ADDRESS` | Escrow address of the stateful contract specified in `APP_ID`. Used for **rekey** target in the transaction
-* Local-state associated with the _Tmplsig_ accounts are used as dynamic storage. The technique is to access this local storage as a plain array of bytes instead of the typical key/value structure. With the current Algorand parameters, we have 127 * 15 ~ 2K of storage to be used random-access-like.
-* The contract accounts addresses are generated by compilation of a stateless code parametrized by several parameters. In the system, the following contract accounts are generated:
- * Account (`seq_addr`) for storing verified sequence number bits based on chainId,emitter,`int(vaa.sequence / MAX_BITS)` where MAX_BITS = 15240. This allows the system to reject duplicated VAAs for the last 2K sequence numbers.
+* Local-state associated with the _TmplSig_ accounts are used as dynamic storage. The technique is to access this local storage as a plain array of bytes instead of the typical key/value structure. With the current Algorand parameters, we have 127 * 15 ~ 2K of storage to be used random-access-like.
+* The contract accounts addresses are generated by compilation of a stateless code parameterized by several parameters. In the system, the following contract accounts are generated:
+ * Account (`seq_addr`) for storing verified sequence number bits based on `chainId`,`emitter`,`int(vaa.sequence / MAX_BITS)` where MAX_BITS = 15240. This allows the system to reject duplicated VAAs for the last 2K sequence numbers.
* Account (`guardian_addr` and `new_guardian_addr`) for storing total guardian count , the guardian public keys and guardian set expiration time.
* Once generated, the accounts are opted-in and rekeyed to the core application.
-Briefly, this is the transaction group when _TmplSig_ is "attached" to a stateful app:
-
-|Tx#| Semantics |
-|-|-|
-|0 | Payment Txn of `TMPL_SEED_AMT` ALGOs to fund operation |
-|1 | Optin of LogicSig to target stateful contract `TMPL_APP_ID` for the app to use Logicsig account local storage |
-|2 | Rekey of LogicSig to escrow address for the smart contract to become the sole "governor" of the Logicsig account address |
+Briefly, the semantics of the transaction when _TmplSig_ is "attached" to a stateful app is:
+1. Optin of LogicSig to target stateful contract `TMPL_APP_ID` for the app to use LogicSig account local storage
+2. Rekey of LogicSig to escrow address for the smart contract to become the sole "governor" of the LogicSig account address
+> NOTE: A more detailed overview of _TmplSig_ can be found in [MEMORY.md](./MEMORY.md).
## Core Contract: Functional Description
----------------------------------------
@@ -80,11 +76,11 @@ A governance request packed in a VAA must be verified by a `verifyVaa` call in t
The VAA verify call will work by design *only* in a transaction group structured as:
-| TX | args | accounts | sender |
-| ---------- | ------------------------------------------------------- | ----------------------- | -------------------- |
-| verifySigs | [sigs0..n, keyset0..n, digest] | seq_addr, guardian_addr | vaa_verify_stateless |
-| verifySigs | ... | seq_addr, guardian_addr | vaa_verify_stateless
-| verifyVAA | vaa | seq_addr, guardian_addr | foundation |
+| TX | args | accounts | sender |
+|------------|------------------------------------------------------|-------------------------|-----------------------|
+| verifySigs | [sigs0..n, keyset0..n, digest] | seq_addr, guardian_addr | vaa_verify_stateless |
+| verifySigs | ... | seq_addr, guardian_addr | vaa_verify_stateless |
+| verifyVAA | vaa | seq_addr, guardian_addr | foundation |
Keep in mind that depending on the number of signatures to verify there can be one or several _verifySigs_ calls working in tandem with the _VaaVerify_ stateless program. This depends on how many signatures we can verify on a single TX. At time of this writing, considering the opcode budget limitation of AVM 1.1, a total of nine (9) signatures can be verified at once, so for the current 19 guardians three _verifySigs_ calls would be needed for verifying signatures 0..8, 9..17, 18.
@@ -93,6 +89,7 @@ A successful call must:
* Retrieve the guardian keys from the proper local dynamic storage
* Validate if the VAA passed in Argument #1 has enough guardians to be verified
* Check that it's not expired.
+* Check that each guardian signed at most once
* Verify that each _verifySigs_ TX is validated by the correct stateless _VerifyVaa_
* Verify that each _verifySigs_ TX is verifying the expected signature subset.
* Verify that each _verifySigs_ TX is verifying against the same guardian keys.