[bisq-network/proposals] Reduce trade protocol to 1 single transaction (#279)
Steven Barclay
notifications at github.com
Sun Nov 8 06:28:32 CET 2020
That's very interesting - I was vaguely thinking of a scheme along similar lines recently, but exchanging 2-of-2 private keys instead of nonces, plus attempting to use some kind of cryptographic technique to reveal Alice/Bob's nonce/private key from the leaking of their public key (in witness data) when they unilaterally spend, rather than using a custom script. But thinking further, that idea probably wouldn't work because the payout public keys are always part of the delayed payout tx signature anyway (so would be known to both parties). I believe there are nevertheless cryptographic techniques to cut down the tx sizes further, if one is determined enough to do so.
One way to help deter nuisance publishing of the delayed payout tx, after the trade, may be to use two alternative (say custom p2wsh) half-way addresses to temporarily hold the disputed funds (so creating staged delayed payouts, a little similar to the ideas in https://github.com/bisq-network/proposals/issues/275). Then after a further mandatory delay, the funds could be unilaterally sent to the donation address. The parties would produce two punishment tx's that would pay the entire deposit from each respective half-way address to the other party, in the event that a party's nonce was revealed, as there would never be any reason to do that while the trade is still open.
One might want 3 nonces for that, in alternating requests starting with the buyer, such that the first two unlock the respective payout UXTOs for normal spending and the last two unlock the punishment tx's. The last tx would just be a "courtesy" nonce sent by the buyer, with no real way of ensuring it's receipt. (Also, the buyer's first nonce could I think be sent as soon as he starts the payment, which has the advantage of not requiring him to be online when the seller releases.)
The purpose of the half-way addresses would be to provide a hard guarantee that the funds are really yours after the trade closes, even in the unlikely event of the refund agent being corrupt/uncooperative after a nuisance delayed payout, plus avoiding the need to go through the refund agent in the first place.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/proposals/issues/279#issuecomment-723532933
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20201107/e70d2f26/attachment.html>
More information about the bisq-github
mailing list