Author: Lloyd Fournier 2019-10-11 00:41:34
Published on: 2019-10-11T00:41:34+00:00
In a Lightning Network mailing list, Nadav Kohen proposed using payment points and ECDH to create complex access structures for lightning contracts such as multi-signature, escrow, and Discreet Log Contracts (DLCs). He suggested that AND functionality can be achieved by adding two conditions together while OR functionality can be achieved through multi-party key exchange protocols. To make this work, he proposed using verifiable encryption/secret sharing and provided links to Camenisch-Shoup and Camenisch-Damgaard schemes as possible options. Nadav also presented two ideas for using these lightning contracts, namely "MultiSignature" Lightning Contracts and DLCs routed over Lightning. The former is based on a combination of AND and OR operations, while the latter uses payment points and ECDH to pay out depending on which oracle is broadcasted – S_A or S_B. However, there are still some trust issues with setting up the payments simultaneously.In a discussion on the Lightning-dev mailing list, Nadav suggested a scheme for two parties, Alice and Bob, to engage in a Discreet Log Contract (DLC) without fully trusting each other. The solution involves both parties agreeing to trust an escrow entity that generates a point E for their payment. Alice's payment point to Bob becomes B + S_B + E and Bob's to Alice becomes A + S_A + E. The escrow waits to hear from both parties that they have incoming payments set up. Only once both parties have attested to this using signatures does the escrow release the scalar to E to them both. This system moves trust from counter-party to trustworthy escrow, with the escrow learning nothing about the contract itself. The scheme can be extended to more events through multiple payments being set up, but this is complex. DLC oracles can be composed using this scheme, potentially even supporting threshold multi-oracles.
Updated on: 2023-06-02T20:53:20.629020+00:00