Author: Chris Belcher 2020-08-21 09:47:31
Published on: 2020-08-21T09:47:31+00:00
ZmnSCPxj and another person discussed the issue of spending a single UTXO in CoinSwap transactions and how it is problematic. They suggested that a single UTXO should be spent to two outputs: the CoinSwap 2-of-2 and the change output. Multipath CoinSwap routes were also discussed, with makers having no incentive to pay any miner fees, leaving takers to pay all the miner fees. To avoid abuse by makers, takers can set limits on the size of the maker's transactions. The definition of contract transactions in CoinSwap was also discussed, with coins being transferred into a contract where they can be spent either by waiting for a timeout or providing a hash preimage value. Relative timelocks were preferred over absolute timelocks as they make private key turnover slightly more usable, but there are dangers associated with this. For this reason, makers are encouraged to indicate a minimum timeout in their advertisements. The article also discusses the risk of theft in CoinSwaps, where a taker can steal funds without any cost or risk. The use of absolute timelocks may solve this problem, but it combines the time period for watchtowers to respond and the period under which private keys must be used. This means that makers may have to wait a long time to get their coins back if the swap fails with the timeout case. To reduce one round trip when two parties are agreeing on a 2-of-2 multisig address, the article suggests using EC tweak. While 2p-ECDSA is intended to be used eventually, regular multisigs with OP_CHECKMULTISIG will be implemented first. The author believes that 2p-ECDSA should be a priority after getting a decent alpha version, as it offers more privacy than PayJoin due to its larger anonymity set.
Updated on: 2023-06-14T03:23:30.812416+00:00