Author: ZmnSCPxj 2019-08-08 09:35:24
Published on: 2019-08-08T09:35:24+00:00
ZmnSCPxj proposed a solution to identify and punish snitches who report the consolidation scheme to takers. Under a consolidated bond, the backout transaction requires an n-of-n. The participants in the consolidation scheme put up a fraction of the value into revocable bonds. This revocable bond is a Taproot with a known-NUMS point as internal Taproot key. A punishment transaction spends from the revocable bond via the second alternative and divides it equally among the other participants. This is signed using the MuSig above (where all participants except the owner of this revocable bond are part of). The participants provide adaptor signatures to their own participant_snitch_key. If they publish the backoff transaction to the takers, any of their co-participants that masquerades as a taker can find out about this and derive the private key to the participant_snitch_key. In case a participant snitches and reveals a pre-signed backoff to the takers before the end of the bond period, they can only reveal their own version of the signature of the backoff transaction. In that case, their previously-shown adaptor signature can be used to reveal the private key behind their participant_snitch_key. Then any one of the other participants in the consolidation scheme can complete the punishment transaction.
Updated on: 2023-06-13T20:21:36.004814+00:00