AuctionRevealCondition
The CDR read condition that releases a vault's ciphertext only when both gates pass:
- Time gate —
block.timestamp >= deadline(the auction's registered deadline). - State gate —
SealedAuction.isTriggered(auctionId) == true(a live cross-contract read intoSealedAuction).
The two gates are independent. Time passing alone does not unseal a vault; someone must
also call SealedAuction.trigger(). A premature (before-deadline) trigger call is
rejected by SealedAuction, so both conditions enforce a real barrier.
This condition applies to both bid vaults and the seller's reserve vault. All CDR
vaults allocated during an auction (bids via allocateBidSlot, the reserve via
createAuction) are registered on the same AuctionRevealCondition instance.
Source: contracts/src/conditions/AuctionRevealCondition.sol
Aeneid address: 0x1A3cCd475CCFb47D1353f62F3bca6DEfAC3D69bC
Storage
address public immutable sealedAuction;
mapping(uint32 uuid => uint256 deadline) public deadlineOf;
mapping(uint32 uuid => uint256 auctionId) public auctionIdOf;
sealedAuction— the one address allowed to callregister. Set in the constructor; immutable.deadlineOf[uuid]— the deadline registered for this CDR vault uuid.auctionIdOf[uuid]— the auction this vault belongs to. Used to look upisTriggered.
Functions
register
function register(
uint32 uuid,
uint256 auctionId,
uint256 deadline
) external;
Binds a CDR vault uuid to its auction and deadline. One-shot per uuid; called
by SealedAuction from within createAuction (for the reserve vault) and
allocateBidSlot (for each bid vault). No other caller may register.
Reverts:
NotRegistrar—msg.sender != sealedAuctionInvalidDeadline—deadline == 0AlreadyRegistered— a deadline is already stored for this uuid
Emits: Registered(uint32 indexed uuid, uint256 indexed auctionId, uint256 deadline)
checkReadCondition
function checkReadCondition(
uint32 uuid,
bytes calldata /* accessAuxData */,
bytes calldata /* readConditionData */,
address /* caller */
) external view returns (bool);
The CDR-callable gate. Returns true only when both conditions are satisfied:
deadlineOf[uuid] != 0
&& block.timestamp >= deadlineOf[uuid]
&& ISealedAuctionState(sealedAuction).isTriggered(auctionIdOf[uuid])
CDR validators call this before contributing a decryption share. As long as
either gate is unmet, the vault stays sealed. The last two parameters
(accessAuxData, readConditionData) are present to satisfy CDR's 4-arg
interface; they are not used.
Error reference
| Error | Thrown by | Meaning |
|---|---|---|
NotRegistrar | register | Caller is not sealedAuction |
AlreadyRegistered | register | uuid already has a registered deadline |
InvalidDeadline | register | Deadline argument is zero |
Integration flow
createAuction(ipId, licenseTermsId, deadline)
└── cdr.allocate(...) ← allocates reserve vault, returns reserveUuid
└── readCondition.register(reserveUuid, auctionId, deadline)
allocateBidSlot(auctionId, deposit)
└── cdr.allocate(...) ← allocates bid vault, returns bidUuid
└── readCondition.register(bidUuid, auctionId, deadline)
-- time passes, deadline elapses --
trigger(auctionId)
└── auction.state = Triggered
-- CDR validators check checkReadCondition: now both gates pass --
-- validators publish decryption shares; orchestrator reconstructs plaintexts --
settle(auctionId, reveals, reserveReveal)
Relationship to TimeBasedReadCondition
AuctionRevealCondition replaced TimeBasedReadCondition, the original deadline-only
condition that was deleted from the repo. The old condition lacked the state gate: a CDR
vault could be decrypted as soon as the clock passed, before anyone called trigger. The
two-gate design means decryption and settlement are intentionally coupled — validators only
release shares once the auction is in its settling state. See
TimeBasedReadCondition for the superseded-page note.