payeeSaltseperately and then keep them as secrets.
payeeSaltHash(the keccak256 hash of
payeeSalt) and her address
payeeAddr, to the payer. And they negotiate to decide the following parameters:
dueTime: a 64-bit timestamp, after which time this payment cannot take effect on chain
sep20Contract: the address of the SEP20 token, which is used in this payment
amounthow many coins the payee may possibly get. It must be less than
proba 32-bit integer.
prob/(2**32)is the probability that payee get the
payerAllowance, his allowance of the SEP20 token to the stochastic payment agent contract, before he signs the following parameters using the EIP712 standard:
payeeAddr_dueTime64_prob32: concatenation of
sep20Contract_amount: concatenation of
v. All the above parameters and this signature are sent to the payee, who must provide the service to the payer and may call the stochastic agent contract's
payfunction with following arguments:
payeeSalt_vis the concatenation of
payeeSalt(bit 255-8) and
v(bit 7-0). The other arguments' meaning has been described above.
amounttokens from payer to payee if and only if the following expression holds:
payeeSalt, so no single party can control it. And because the payer never knows
payeeSalt, he does not know the result beforehand. The payee knows every argument and infer the result before her sending transaction to call the agent contract: if the result is "not paying", she never broadcasts the transaction, which is meaningless.
payerAllowanceexactly equals the payer's current allowance to the agent. If it is not, the payment must fail. Once the payee get paid, the payer's allowance to the agent is deducted. Thus the payee cannot call the agent again with the same argument to get the coins again.
block.number << 192, where
block.numberis the latest block height. Using this method, the his allowance value to the agent will never have duplicated values, since the maximum amount paid in each time is less than