2023-07-06 13:13:19 +00:00
|
|
|
# Adaptor Signature Swap protocol
|
2021-10-18 18:48:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
## WIP
|
|
|
|
|
|
|
|
Relies on a One-Time Verifiably Encrypted Signature (OtVES) to function
|
|
|
|
An OtVES:
|
|
|
|
- Is a valid signature for key (a) encrypted with a public key (B)
|
|
|
|
- Can be decrypted into a valid signature for key (a) with the private key (b) to the encrypting public key (B)
|
|
|
|
- The encrypting private key (b) can be recovered using both the encrypted and decrypted signatures.
|
|
|
|
|
|
|
|
|
2024-10-17 18:40:10 +00:00
|
|
|
Offerer - Sends the offer
|
|
|
|
Bidder - Sends the bid
|
|
|
|
Leader - Sends the first lock tx (ITX)
|
|
|
|
Follower - Sends the second lock tx (PTX)
|
2021-10-18 18:48:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
NOSCRIPT_COIN lock tx:
|
2023-07-06 13:13:19 +00:00
|
|
|
- Sent second.
|
|
|
|
- Is sent to a combined key using a private key from each participant.
|
2021-10-18 18:48:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
SCRIPT_COIN lock tx:
|
|
|
|
- Sent first
|
|
|
|
- Requires two signatures to spend from.
|
|
|
|
- Refund to sender txn is presigned for and can only be mined in the future.
|
2023-07-06 13:13:19 +00:00
|
|
|
- Spending the refund tx reveals the leader's NOSCRIPT_COIN split private key.
|
2021-10-18 18:48:48 +00:00
|
|
|
- Sender withholds signature until NOSCRIPT_COIN lock tx is confirmed.
|
2023-07-06 13:13:19 +00:00
|
|
|
- spending the spend txn reveals the follower's NOSCRIPT_COIN split private key.
|
2021-10-18 18:48:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
Offerer (Leader) | Bidder (Follower) |
|
|
|
|
------------------------------------------------------------------------|-------------------------------------------------------------------------------|
|
|
|
|
o1. Sends offer | |
|
|
|
|
- x SCRIPT_COIN for y NOSCRIPT_COIN | |
|
2023-07-06 13:13:19 +00:00
|
|
|
- Sends smsg OfferMessage | |
|
2021-10-18 18:48:48 +00:00
|
|
|
| b1. Receives offer |
|
2023-07-06 13:13:19 +00:00
|
|
|
| - Validates offer |
|
2021-10-18 18:48:48 +00:00
|
|
|
| b2. Sends bid |
|
2023-07-06 13:13:19 +00:00
|
|
|
| - Sends smsgs XmrBidMessage + 2x XmrSplitMessage |
|
2021-10-18 18:48:48 +00:00
|
|
|
| |
|
|
|
|
o2. Receives bid | |
|
2023-07-06 13:13:19 +00:00
|
|
|
- Validates bid | |
|
2021-10-18 18:48:48 +00:00
|
|
|
o3. Accepts bid | |
|
2023-07-06 13:13:19 +00:00
|
|
|
- Sends smsgs XmrBidAcceptMessage + 2x XmrSplitMessage | |
|
2021-10-18 18:48:48 +00:00
|
|
|
| |
|
|
|
|
| b3. Receives bid accept |
|
2023-07-06 13:13:19 +00:00
|
|
|
| - Validates |
|
|
|
|
| - Signs for lock tx refund |
|
|
|
|
| - Sends smsg XmrBidLockTxSigsMessage |
|
2021-10-18 18:48:48 +00:00
|
|
|
| |
|
|
|
|
o4. Receives bidder lock refund tx signatures | |
|
2023-07-06 13:13:19 +00:00
|
|
|
- Sends smsg XmrBidLockSpendTxMessage | |
|
|
|
|
- Full SCRIPT_COIN lock tx | |
|
|
|
|
- Signature to prove leader can sign for split key | |
|
|
|
|
- Submits SCRIPT_COIN lock tx to network | |
|
2021-10-18 18:48:48 +00:00
|
|
|
| |
|
|
|
|
| b4. Receives XmrBidLockSpendTxMessage |
|
2023-07-06 13:13:19 +00:00
|
|
|
| - Validates SCRIPT_COIN lock tx and signature |
|
|
|
|
| - Waits for SCRIPT_COIN lock tx to confirm in chain |
|
2021-10-18 18:48:48 +00:00
|
|
|
| b5. Sends NOSCRIPT_COIN lock tx |
|
|
|
|
| |
|
|
|
|
o5. Waits for NOSCRIPT_COIN lock tx to confirm in chain | |
|
|
|
|
o6. Sends SCRIPT_COIN lock release. | |
|
2023-07-06 13:13:19 +00:00
|
|
|
- Sends smsg XmrBidLockReleaseMessage | |
|
|
|
|
- Includes OtVES ciphertext signature for the SCRIPT_COIN lock | |
|
2021-10-18 18:48:48 +00:00
|
|
|
spend tx. | |
|
|
|
|
| |
|
|
|
|
| b6. Receives offerer OtVES for SCRIPT_COIN lock spend tx. |
|
2023-07-06 13:13:19 +00:00
|
|
|
| - Submits SCRIPT_COIN lock spend tx to network. |
|
2021-10-18 18:48:48 +00:00
|
|
|
| |
|
|
|
|
o7. Waits for SCRIPT_COIN lock spend tx. | |
|
|
|
|
- Extracts the NOSCRIPT_COIN bidders key using the signature | |
|
|
|
|
o8. Combines the keys to spend from the NOSCRIPT_COIN lock tx | |
|
2023-07-06 13:13:19 +00:00
|
|
|
- Submits NOSCRIPT_COIN lock spend tx to network | |
|
2021-10-18 18:48:48 +00:00
|
|
|
```
|
|
|
|
|
2023-07-06 13:13:19 +00:00
|
|
|
Per swap (including the offer smsg):
|
2024-10-17 18:40:10 +00:00
|
|
|
- Offerer sent 6 smsgs (2 extra from split messages)
|
|
|
|
- Bidder sent 4 smsgs (2 extra from split messages)
|
2021-10-18 18:48:48 +00:00
|
|
|
|