improve claimSeller function on DutchAuction

Author: poppyseedDev

hardhat/contracts/dutchAuctionConfidential/DutchAuctionSellConfERC20.sol

@@ -36,8 +36,6 @@ contract DutchAuctionSellingConfidentialERC20 is
     uint256 public immutable startAt;
     /// @notice Timestamp when the auction ends
     uint256 public immutable expiresAt;
-    /// @notice Timestamp when the auction refund claims end
-    uint256 public immutable claimsExpiresAt;
     /// @notice Minimum price per token
     uint64 public immutable reservePrice;
     /// @notice Total amount of tokens being auctioned
@@ -106,7 +104,6 @@ contract DutchAuctionSellingConfidentialERC20 is
         discountRate = _discountRate;
         startAt = block.timestamp;
         expiresAt = block.timestamp + _biddingTime;
-        claimsExpiresAt = block.timestamp + 3 * _biddingTime; // could choose a potentially different design
         reservePrice = _reservePrice;
         stoppable = _isStoppable;
 
@@ -291,17 +288,22 @@ contract DutchAuctionSellingConfidentialERC20 is
 
     /// @notice Claim proceeds for the seller after auction ends
     /// @dev Transfers all remaining tokens and payments to seller
-    function claimSeller() external onlyOwner onlyAfterClaimsEnd {
-        // Get the total amount of payment tokens in the contract
-        euint64 contractPaymentBalance = paymentToken.balanceOf(address(this));
-        euint64 contractAuctionBalance = token.balanceOf(address(this));
+    function claimSeller() external onlyOwner onlyAfterAuctionEnds {
+        // Transfer remaining auction tokens back to seller
+        TFHE.allowTransient(tokensLeft, address(token));
+        token.transfer(seller, tokensLeft);
+
+        // Get current price
+        uint64 endPricePerToken = getPrice();
 
-        // Transfer all payment token and auction tokens to the seller
-        TFHE.allowTransient(contractPaymentBalance, address(paymentToken));
-        paymentToken.transfer(seller, contractPaymentBalance);
+        // Calculate and transfer payment tokens to seller
+        euint64 contractAuctionBalance = TFHE.mul(endPricePerToken, TFHE.sub(TFHE.asEuint64(amount), tokensLeft));
+        TFHE.allowTransient(contractAuctionBalance, address(paymentToken));
+        paymentToken.transfer(seller, contractAuctionBalance);
 
-        TFHE.allowTransient(contractAuctionBalance, address(token));
-        token.transfer(seller, contractAuctionBalance);
+        tokensLeft = TFHE.asEuint64(0);
+        TFHE.allowThis(tokensLeft);
+        TFHE.allow(tokensLeft, owner());
     }
 
     /// @notice Request decryption of remaining tokens
@@ -343,18 +345,8 @@ contract DutchAuctionSellingConfidentialERC20 is
     modifier onlyAfterAuctionEnds() {
         if (!auctionStart) revert AuctionNotStarted();
         if (block.timestamp < expiresAt && manuallyStopped == false) revert TooEarly(expiresAt);
-        if (block.timestamp >= claimsExpiresAt) revert TooLate(claimsExpiresAt);
         _;
     }
-
-    /// @notice Modifier to ensure function is called after refund claim period ends
-    /// @dev Reverts if called before the auction refund claims period end time and not manually stopped
-    modifier onlyAfterClaimsEnd() {
-        if (!auctionStart) revert AuctionNotStarted();
-        if (block.timestamp < claimsExpiresAt && manuallyStopped == false) revert TooEarly(claimsExpiresAt);
-        _;
-    }
-
     /// @notice Get the user's current bid information
     /// @dev Returns the decrypted values of token amount and paid amount
     /// @return tokenAmount Amount of tokens bid for

hardhat/contracts/dutchAuctionConfidential/DutchAuctionSellConfERC20NoRefund.sol

@@ -36,8 +36,6 @@ contract DutchAuctionSellingConfidentialERC20NoRefund is
     uint256 public immutable startAt;
     /// @notice Timestamp when the auction ends
     uint256 public immutable expiresAt;
-    /// @notice Timestamp when the auction refund claims end
-    uint256 public immutable claimsExpiresAt;
     /// @notice Minimum price per token
     uint64 public immutable reservePrice;
     /// @notice Total amount of tokens being auctioned
@@ -106,7 +104,6 @@ contract DutchAuctionSellingConfidentialERC20NoRefund is
         discountRate = _discountRate;
         startAt = block.timestamp;
         expiresAt = block.timestamp + _biddingTime;
-        claimsExpiresAt = block.timestamp + 3 * _biddingTime; // could choose a potentially different design
         reservePrice = _reservePrice;
         stoppable = _isStoppable;
 
@@ -265,17 +262,22 @@ contract DutchAuctionSellingConfidentialERC20NoRefund is
 
     /// @notice Claim proceeds for the seller after auction ends
     /// @dev Transfers all remaining tokens and payments to seller
-    function claimSeller() external onlyOwner onlyAfterClaimsEnd {
-        // Get the total amount of payment tokens in the contract
-        euint64 contractPaymentBalance = paymentToken.balanceOf(address(this));
-        euint64 contractAuctionBalance = token.balanceOf(address(this));
+    function claimSeller() external onlyOwner onlyAfterAuctionEnds {
+        // Transfer remaining auction tokens back to seller
+        TFHE.allowTransient(tokensLeft, address(token));
+        token.transfer(seller, tokensLeft);
+
+        // Get current price
+        uint64 endPricePerToken = getPrice();
 
-        // Transfer all payment token and auction tokens to the seller
-        TFHE.allowTransient(contractPaymentBalance, address(paymentToken));
-        paymentToken.transfer(seller, contractPaymentBalance);
+        // Calculate and transfer payment tokens to seller
+        euint64 contractAuctionBalance = TFHE.mul(endPricePerToken, TFHE.sub(TFHE.asEuint64(amount), tokensLeft));
+        TFHE.allowTransient(contractAuctionBalance, address(paymentToken));
+        paymentToken.transfer(seller, contractAuctionBalance);
 
-        TFHE.allowTransient(contractAuctionBalance, address(token));
-        token.transfer(seller, contractAuctionBalance);
+        tokensLeft = TFHE.asEuint64(0);
+        TFHE.allowThis(tokensLeft);
+        TFHE.allow(tokensLeft, owner());
     }
 
     /// @notice Request decryption of remaining tokens
@@ -317,15 +319,6 @@ contract DutchAuctionSellingConfidentialERC20NoRefund is
     modifier onlyAfterAuctionEnds() {
         if (!auctionStart) revert AuctionNotStarted();
         if (block.timestamp < expiresAt && manuallyStopped == false) revert TooEarly(expiresAt);
-        if (block.timestamp >= claimsExpiresAt) revert TooLate(claimsExpiresAt);
-        _;
-    }
-
-    /// @notice Modifier to ensure function is called after refund claim period ends
-    /// @dev Reverts if called before the auction refund claims period end time and not manually stopped
-    modifier onlyAfterClaimsEnd() {
-        if (!auctionStart) revert AuctionNotStarted();
-        if (block.timestamp < claimsExpiresAt && manuallyStopped == false) revert TooEarly(claimsExpiresAt);
         _;
     }
 

hardhat/contracts/dutchAuctionConfidential/README.md

@@ -86,8 +86,8 @@ Both implementations follow a Dutch auction mechanism where:
 4. Tokens are transferred immediately upon successful bid
 
 The key difference is in how prices and refunds are handled:
-- DutchAuctionSellingConfidentialERC20.sol adjusts all previous bids to the latest (lower) price
-- DutchAuctionSellingConfidentialERC20NoRefund.sol keeps track of each bid at its original price
+- `DutchAuctionSellingConfidentialERC20.sol` adjusts all previous bids to the latest (lower) price
+- `DutchAuctionSellingConfidentialERC20NoRefund.sol` keeps track of each bid at its original price
 
 ### Immediate Token Transfer on Bid
 Tokens are transferred to buyers immediately upon successfully bidding rather than requiring a separate claim step. This design choice:
@@ -99,31 +99,6 @@ Tokens are transferred to buyers immediately upon successfully bidding rather th
 
 The tradeoff is higher FHE gas costs during bidding, but this is outweighed by the UX benefits and reduced support overhead.
 
-### Two-phase Auction Conclusion
-The auction uses a two-phase conclusion process:
-
-1. Bidding Phase (`startTime` to `expiresAt`):
-   - Active bidding period
-   - Price decreases according to discount rate
-   - Immediate token transfers on successful bids
-
-2. Claims Phase (`expiresAt` to `claimsExpiresAt`):
-   - No new bids accepted
-   - Users can claim refunds using `claimUserRefund()`
-   - Duration is 3x the bidding period
-
-3. Seller Claim Phase (`claimsExpiresAt` onward):
-   - Users cannot claim refunds any longer
-   - Seller claims remaining funds and tokens using `claimSeller()`
-
-This design:
-- Ensures users have adequate time to claim refunds
-- Prevents the seller from withdrawing funds before users can claim
-- Provides clear timeframes for all participants
-- Maintains fairness for all participants
-
-The extended claims period (3x bidding time) could be adjusted based on specific needs, but provides a reasonable window for users to act while not indefinitely locking seller funds.
-
 ## Mathematics of Refunds
 
 **Basic formula for price calculation:**

hardhat/test/confidentialDutchAuction/confDutchAuctionNoRefund.ts

@@ -446,8 +446,6 @@ describe("DutchAuctionSellingConfidentialERC20NoRefund", function () {
 
       // Claim potential refunds
       await this.auction.connect(this.signers.bob).claimUserRefund();
-      // Wait for refunds to process
-      await time.increase(15 * 24 * 60 * 60 + 1);
       await this.auction.connect(this.signers.alice).claimSeller();
 
       // Get final balances
@@ -496,6 +494,12 @@ describe("DutchAuctionSellingConfidentialERC20NoRefund", function () {
         this.paymentTokenAddress,
       );
 
+      // Verify that the auction state hasn't changed
+      await this.auction.connect(this.signers.alice).requestTokensLeftReveal();
+      await awaitAllDecryptionResults();
+      const endAuctionTokensLeft = await this.auction.tokensLeftReveal();
+      expect(endAuctionTokensLeft).to.equal(0);
+
       // Verify auction token balances
       expect(decryptedInitialAuctionTokenAlice).to.equal(0n); // Alice transferred all tokens to auction contract
       expect(decryptedFinalAuctionTokenAlice).to.equal(TOKEN_AMOUNT - bidAmount);
@@ -617,9 +621,6 @@ describe("DutchAuctionSellingConfidentialERC20NoRefund", function () {
       // Claim refunds (this will now handle the refund for both bids at once)
       await this.auction.connect(this.signers.bob).claimUserRefund();
 
-      // Wait for claims period to end
-      await time.increase(15 * 24 * 60 * 60 + 1);
-
       // Claim seller proceeds
       await this.auction.connect(this.signers.alice).claimSeller();
 
@@ -726,9 +727,6 @@ describe("DutchAuctionSellingConfidentialERC20NoRefund", function () {
       // Verify final balance after refund
       expect(decryptedInitialBalance - decryptedFinalBalance).to.equal(expectedFinalCost);
 
-      // Move time to after claims period
-      await time.increase(15 * 24 * 60 * 60 + 1);
-
       // Seller claims proceeds
       await this.auction.connect(this.signers.alice).claimSeller();
 
@@ -863,9 +861,6 @@ describe("DutchAuctionSellingConfidentialERC20NoRefund", function () {
         this.paymentTokenAddress,
       );
 
-      // Move to after claims period
-      await time.increase(15 * 24 * 60 * 60);
-
       // Seller claims
       await this.auction.connect(this.signers.alice).claimSeller();