Published on: 2020-10-03T13:31:58+00:00
The email conversation between Chris and ZmnSCPxj discusses the incentives against post-coinswap-theft-attempt, even with K=0. The extra miner fee paid by Bob acts as a disincentive for theft. In the v2 protocol, each CoinSwap party knows a different version of the contract transactions, allowing Alice to identify the correct fidelity bond. ZmnSCPxj appreciates this observation and will further consider it.A new version of the CoinSwap protocol has been released, offering a secure and private method for exchanging cryptocurrencies. This protocol incorporates staggered timelocks, hash preimages, and anti-DOS features to ensure that parties can retrieve their coins in case of an abort while maintaining privacy. The protocol includes multi-transaction CoinSwaps, routed CoinSwaps, liquidity market, private key handover, and fidelity bonds.Routed CoinSwaps are a feature of the protocol, involving one market taker and two makers, but can be extended to include more makers. Funding transactions pay into 2-of-2 multisig addresses, while contract transactions may spend from the 2-of-2 multisig outputs. To prevent attacks like low miner fees or intentional transaction abortion, parties must refuse to sign a contract transaction if the corresponding funding transaction pays greater miner fees than the attacker's.Collateral payments are suggested to deter post-coinswap-theft-attempts. The v2 design of CoinSwap is explained in detail using three parties: Alice, Bob, and Charlie. The taker (Alice) does not need collateral payments and can fully spend their entire wallet in one set of CoinSwaps. Contract transactions have different versions depending on who knows them. The table of balances before and after a coinswap demonstrates that everyone receives their money back and pays their own miner fees.However, a successful CoinSwap with a post-CoinSwap-theft-attempt results in Bob losing K bitcoins and an extra miner fee, while Charlie gains K bitcoins. The document provides a thorough analysis of possible attacks, deviations from the protocol, miner fees, and vulnerabilities of RBF. Parties must monitor the network and be prepared to respond with their own sweep using a preimage.The reaction of blacklisting both fidelity bonds by Alice may not be the most appropriate approach, as one maker could use it to blacklist another (and themselves). Overall, the CoinSwap protocol aims to offer a secure, private, and efficient means of exchanging cryptocurrencies between parties.
Updated on: 2023-08-02T02:45:36.478735+00:00