aljaz/dlc-intro
1
1
Fork 0
mirror of https://github.com/aljazceru/dlc-intro.git synced 2025-12-17 05:54:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix a few typos

Browse Source
This commit is contained in:
Gregor Pogačnik
2021-09-16 21:12:01 +02:00
parent 7a26661212
commit 9f23f6a29e
2 changed files with 15 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
dlc.md
View File

@@ -1,6 +1,6 @@
## Discreet Log Contracts
is a wordplay on the "discrete logarithm problem" and the fact that contracts are discreet. There is no sign of a smart contract on the blockchain. Also the oracle is not aware of who is using his data. The scheme was presented in the paper [Discreet Log Contracts](https://adiabat.github.io/dlc.pdf) by Thaddeus Dryja who is also one of the creators of lightning network.
is a wordplay on the "discrete logarithm problem" and the fact that contracts are discreet. There is no sign of a smart contract on the blockchain. Also the oracle is not aware of who is using his data. The scheme was presented in the paper [Discreet Log Contracts](https://adiabat.github.io/dlc.pdf) by Thaddeus Dryja who is also one of the creators of Lightning network.
[Alternative expanation](https://atomic.finance/blog/a-laypersons-guide-to-discreet-log-contracts-atomic-yield-series-part-3/)
@@ -35,11 +35,11 @@ so
R is the published value, O is Olivias public key
this s values are also called "encryptors"
this values (points on the eliptic curve) are called **encryptors**
### Channel
For Alice and Bob it is very similar to lightning channel: they create a 2-of-2 multisig.
For Alice and Bob it is very similar to opening a lightning channel: they create a 2-of-2 multisig.
#### Bailout
@@ -49,7 +49,7 @@ Before that block is transmitted to the blokchain Alice and Bob make sure each p
Alice bets on "heads" and creates an output from that UTXO that can be spent using the private key for some public key Ai that is defined as A + sHEADS * G
That is her public key but skewed with (sHEADS * G) which is publicly known (depending on R from Olivia). She signs the transaction, but without Bob's signature that can't be broadcasted to the network.
That is her public key but skewed with an encryptor (sHEADS * G) which is publicly known (depending on R from Olivia). She signs the transaction, but without Bob's signature that can't be broadcasted to the network.
Bob verifies that the value is correct and signs the transaction Alice gave him (since he knows Alice can't possibly know the private key and will know it just if she won).
@@ -83,14 +83,13 @@ She must use a random k each time. Using the same k twice - she loses her privat
If must be possible to enumerate all possible outcomes in advance (for price this can get messy). You can then use a certain discretization.
Only one outcome can win (or none), if there are combinations you need to create a power-set. (User can still bet on multiple outcomes, but care has to be taken by peers if that creates a sure bet). Like Bob woudn't sign Alice
a bet on "heads" and then also "tails", since he knows this way he will just
lose his money.
Only one outcome can win (or none), if there are combinations you need to create a power-set. (User can still bet on multiple outcomes, but care has to be taken by peers if that creates a sure bet).
E.g. Bob woudn't sign Alice a bet on "heads" and then also "tails", since he knows this way he will just lose his money.
#### Usages
- [Atomic.Finance](https://atomic.finance) uses DLCs to implement covered calls to yearn income on your Bitcoin without giving up custody
- [SuredBits](https://suredbits.com) - they have [oracles](https://oracle.suredbits.com/)
- [Discrete Log Contract for Difference](https://suredbits.com/settlement-of-dlcfd/) on SuredBits blog
- [Atomic.Finance](https://atomic.finance) uses DLCs to implement covered calls to earn income on your BTC without giving up custody
- [SuredBits](https://suredbits.com) - they also have [oracles](https://oracle.suredbits.com/) and presented something called [Discrete Log Contract for Difference - DLCFD](https://suredbits.com/settlement-of-dlcfd/)
[Previous - Schnorr](./schnorr.md)

7
schnorr.md
View File

@@ -1,6 +1,9 @@
## Schnorr Signature Scheme
It was invented by german mathematician Claus-Peter Schnorr ![Claus-Peter Schnorr](./Claus-Peter_Schnorr.jpg).
![Claus-Peter Schnorr](./Claus-Peter_Schnorr.jpg).
(Image: Claus-Peter Schnorr - from Wikipedia)
It was invented by german mathematician Claus-Peter Schnorr.
Unfortunately he patented the scheme in 1988 (patent expired in February 2008). So during the creation of Bitcoin it was "free", unfortunately the space lacked good libraries. Therefore ECDSA scheme was used (which is more complicated on purpose to not violate the patent).
@@ -61,7 +64,7 @@ k is called nonce since it must be used exactly once
If it isn't you can factor out d - which is your private key!
### MuSig (n/n)
### MuSig (n-of-n)
Unlike ECDSA Schnorr signatures are linear and can be combined. It is possible to "compress" multiple public keys into one and then also signers can cooperate and produce "master" private key corresponding to the master public key for spending the funds.