Published on: 2020-09-22T09:38:45+00:00
In a forum post, ZmnSCPxj discusses the possibility of merging watchtower and escrow functionality through the use of a Smart Contract Unchained Escrowed Decker-Russell-Osuntokun channel factory. However, there is an issue with the increased complexity of the `(halftxid, encrypted_blob)` scheme with Decker-Russell-Osuntokun. Another user suggests that for eltoo, the watchtower does not need to know the funding outpoint. Instead, any information that allows a watchtower to collate encrypted updates would be sufficient for it to discard earlier ones. The lnd watchtower protocol uses session-based collation as a collation key. Alternatively, Poon-Dryja style encryption with the trigger transaction hash can also be used as the encryption key.The article discusses the potential for collusion in escrow and suggests that trust must exist even if the number of participants increases. It proposes having the escrow be a k-of-n federation to mitigate this. The article also mentions channel factories, which "degrade gracefully" and suggests using them to rebalance channels. Channel factories have the advantage of reducing the onchain footprint. The article suggests merging the escrow functionality with watchtower functionality to improve privacy and increase anonymity set when not colluding with escrows. It also mentions that Decker-Russell-Osuntokun only simplifies watchtowers if they know the funding outpoint.A proposal has been made to simplify update transactions by attaching them only to prior updates. This is done by comparing the state-number committed to in the prevout script with the current timelock through CLTV. The proposal aims to replace ANYPREVOUT with a federation of SCU Escrows, which enforce state updates by generating signatures to spend older states with newer ones. The Lightning Network could be improved by using a threshold condition with many escrow public keys to make it less likely for the federation to be bribed. Traceable attacks would allow attacked parties to prove malicious escrows. The proposal also suggests using Taproot to improve the escrow scheme and avoid giving all information about the channel to the escrow(s). Verification can be done in Zero Knowledge.The author proposes a weak version of Eltoo channels and channel factories without using SIGHASH_ANYPREVOUT by using Smart Contracts Unchained (SCU) escrows. SCU is a participant-chosen federation of escrows that enforce contracts by providing users with signatures of transactions. The proposal replaces ANYPREVOUT with a federation of SCU Escrows to sign older states with newer ones. N parties enter into a multi-party channel through distributed key generation to reach a shared secret x. State(k) represents an agreed-upon commitment of the channel state at update k. A single SCU escrow with public key E is used, but it can be extended to a threshold scheme. Transactions include funding, commitment, state, commitment update, and state update transactions. All parties must sign the commitment State(k) before signing State Transaction k. Settlement includes cooperative and non-cooperative closes.
Updated on: 2023-07-31T23:02:19.842004+00:00