Author: ZmnSCPxj 2020-07-20 14:18:10
Published on: 2020-07-20T14:18:10+00:00
An electrical relay is a switch that can be controlled by an electric current passing through its coil. Similarly, a Cryptographic Relay is a hardware electrical component that allows control of some electrical circuit. The Cryptographic Relay has a public key that represents the current owner of the relay. If an electronic device is able to provide proof-of-knowledge of the private key corresponding to the public key that the Cryptographic Relay knows, then it allows the switch to be controlled by that device.An atomic swap operation, Succinct Atomic Swaps, can be used to create an atomic swap between different assets, and those assets do not exist in a single asset-assignment system. A crucial part of the Succinct Atomic Swap is that all timelocks are only on one asset-assignment system. In order for someone to buy a car with a Cryptographic Relay, they would need to set up the Succinct Atomic Swap on the Bitcoin blockchain. The Cryptographic Relay would need to support only three basic operations: Turn on, Turn off, and Transfer ownership to new pubkey. Unfortunately, Succinct Atomic Swaps cannot be transported over the Lightning Network due to their asymmetric setup.To solve this issue, we can give the Cryptographic Relay a notion of time that makes it compatible with PTLCs that can be routed over Lightning. In order to implement timelocks, we can add an `nLockTime` field to ownership-transfer messages for the Cryptographic Relay. The manufacturer of the Cryptographic Relay stores the block header hash of a sufficiently-deep block, its blockheight, and the difficulty target for the adjustment period in unchangeable memory. If the Cryptographic Relay receives an ownership-transfer message with `nLockTime` greater than this recorded block height, it demands a header chain rooted at the prerecorded block up to the specified `nLockTime`. This allows the Cryptographic Relay to validate that time has passed since its manufacture, as a header chain is a cryptographic proof of time passing.The proposed Cryptographic Relay is a simple device that can be used to recognize the owner of an electrical device and ensure it is only used by the owner or their delegated operators. It requires support for only a few operations and its interface is easy to integrate into more complex applications. The intent is that it is easy to implement and manufacture, so risks of backdoors being installed by centralized manufacturers are mitigated by having multiple manufacturers competing and incentivized to discover backdoors and other security failures of their competitors.Adding operators to the Cryptographic Relay would be another useful capability, which allows additional public keys to turn it on or off but cannot authorize a transfer of ownership or the addition of new operators. Practical deployment can be achieved by modifying any existing non-smart electrical device post-warranty into a smart device that knows its owner by adding a Cryptographic Relay hardware device somewhere along the path to its power supply. The proposed Cryptographic Relay provides Lightning-with-PTLCs compatibility while still requiring relatively low resources on the Cryptographic Relay hardware.Giving Cryptographic Relays a notion of time allows them to be used in more complicated contracts such as arranging a collateralized loan on a cryptographic car with `SIGHASH_ANYPREVOUT` and Taproot. In this multi-step process involving multiple PTLC-like constructions, all parties generate fresh keypairs, and the loan shark arranges a loan. If the loan is unable to be paid back, the loan shark can partially recoup losses by reselling the cryptographic car.In a scenario where you have taken a loan against your car and are unable to pay it back, there is a way to reclaim the ownership of your car. You can use the loan-payback Taproot address to pay back the loan. If the loan shark accepts the payback of the loan, the transaction is completed and loan is claimed. With this, you learn the partial signature needed to complete the signature for the collateral-reclaim command, which can be fed to the car to regain ownership. In case the loan shark does not accept the payback, you can still recover the loan and interest through the second branch of the loan-payback Taproot address.However, if you are unable to pay back the loan, the collateral-claim command becomes valid after the due date, and the loan shark takes possession of your car to recoup its losses. These transactions are done using onchain Bitcoins. It is also possible to set up similar scenarios over Lightning without the need of `SIGHASH_ANYPREVOUT`. The loan shark in this case can issue a long-lived invoice that lets you learn its signature share for the collateral-reclaim command signature.
Updated on: 2023-06-14T03:03:07.205429+00:00