mirror of https://github.com/aljazceru/dlcspecs.git synced 2026-01-19 05:54:19 +01:00

Files

Nadav Kohen 5f6c02d882 Merge pull request #34 from AdamISZ/minor-edits-1

typos in Protocol desc

2020-03-24 08:58:08 -06:00

8.1 KiB

Raw Blame History

DLC Transactions

A Note on Key Derivation

There is no strict constraint on how the two keys (Funding and ToLocal) and one address (Final Address) used in a DLC are generated. We do note that absent external considerations, it does seem reasonable to use BIP 44 with three sequential address indices. We think this will usually be the best option for implementing key derivation because it is compatible with normal wallet account discovery.

Funding Transaction

Known Values

Local Funding Inputs: List[TransactionInput]
Local Change Address: BitcoinAddress
Local Funding Public Key: ECPublicKey
Remote Funding Inputs: List[TransactionInput]
Remote Change Address: BitcoinAddress
Remote Funding Public Key: ECPublicKey
Total Local Collateral: CurrencyUnit
Total Remote Collateral: CurrencyUnit
Fee Rate: FeeUnit

Where

The sum of the values of each Funding Inputs value is at least that of its corresponding Total Collateral
Funding Public Keys are both 33-byte compressed public keys

Global

nLockTime is 0

Inputs

Local Funding Inputs
- All should have nSequence of 0xffffffff
Remote Funding Inputs
- All should have nSequence of 0xffffffff

Outputs

P2WSH(DLC Funding Output)
Local Change Address
Remote Change Address

Where

P2WSH(DLC Funding Output)'s value is Total Local Collateral + Total Remote Collateral + Computed CET Fee + Computed ToLocal Closing Fee

DLC Funding Output's script is

OP_2 <Local Funding Public Key> <Remote Funding Public Key> OP_2 OP_CHECKMULTISIG

Each Change Address's value is at most that of its respective Sum(Funding Inputs) - Total Collateral - Computed Fees - (Computed CET Fee + Computed ToLocal Closing Fee)/2 with Computed Fees being proportional to each party's total input weight and Computed CET Fee being the estimated fee for a Contract Execution Transaction and Computed ToLocal Closing Fee being the estimated fee for a Unilateral Closing Transaction

Contract Execution Transaction

Known Values

Oracle Signature Point: ECPublicKey
Local Funding Public Key: ECPublicKey
Local Sweep Public Key: ECPublicKey
Local Payout: CurrencyUnit
Remote Sweep Public Key: ECPublicKey
Remote Final Address: BitcoinAddress
Remote Payout: CurrencyUnit
nLockTime: UInt32
Timeout: UInt32
DLC Funding Output: ScriptPubKey
Fee Rate: FeeUnit

Where

Oracle Signature Point is the 33-byte public key associated with this CET's outcome
Local Funding Public Key is the local key from the funding transaction
Both Sweep Public Keys are 33-byte compressed public keys
Local Payout + Remote Payout = (DLC Funding Output).value
nLockTime is set to the contract maturity time
Timeout is a CSV locktime after which penalty transactions are valid
DLC Funding Output is of the form specified above

Global

nLockTime

Inputs

Input Spending(P2WSH(DLC Funding Output))
- nSequence is 0xfffffffe

Outputs

P2WSH(ToLocalOutput)
ToRemoteOutput

Where

P2WSH(ToLocalOutput).value = Local Payout + Computed ToLocal Closing Fee
ToRemoteOutput.value = Remote Payout

ToLocalOutput's script is:

OP_IF
  <Oracle Signature Point + Local Funding Public Key + SHA256(Local Sweep Public Key)*G>
OP_ELSE
  <Timeout> OP_CHECKSEQUENCEVERIFY OP_DROP
  <Remote Sweep Public Key>
OP_ENDIF
OP_CHECKSIG

Note that the addition in the IF case is elliptic curve point addition

ToRemoteOutput's script corresponds to Remote CET Final Address

Refund Transaction

Known Values

Local Final Address: BitcoinAddress
Total Local Collateral: CurrencyUnit
Remote Final Address: BitcoinAddress
Total Remote Collateral: CurrencyUnit
Timeout: UInt32
DLC Funding Output: ScriptPubKey
Fee Rate: FeeUnit

Where

Unlike CETs in a DLC, there is only one Refund Transaction that both parties share, similar to how there is only one Funding Transaction
Total Local Collateral + Total Remote Collateral = (DLC Funding Output).value
Timeout is a CLTV locktime set well after the contract maturity time
DLC Funding Output is of the form specified above

Global

nLockTime is Timeout

Inputs

Input Spending(P2WSH(DLC Funding Output))
- nSequence is 0xfffffffe

Outputs

ToLocalOutput
ToRemoteOutput

Where

ToLocalOutput's value is Total Local Collateral + RefundFeeDelta/2
ToRemoteOutput's value is Total Remote Collateral + RefundFeeDelta/2
RefundFeeDelta = Computed CET Fee + Computed ToLocal Closing Fee - Computed Refund Tx Fee (note that the Refund Transaction is smaller than any CET)
ToLocalOutput's script is that of Local Final Address
ToRemoteOutput's script is that of Remote Final Address

Mutual Closing Transaction

Known Values

Local Final Address: BitcoinAddress
Local Payout: CurrencyUnit
Remote Final Address: BitcoinAddress
Remote Payout: CurrencyUnit
DLC Funding Output: ScriptPubKey
Fee Rate: FeeUnit

Where

After the contract maturity time, Mutual Closing Transaction is created in cooperation for fee reduction and improvement in privacy
Local Payout = (Contract Execution Transaction Local Payout).value
Remote Payout = (Contract Execution Transaction Remote Payout).value
DLC Funding Output is of the form specified above

Global

nLockTime is 0

Inputs

Input Spending(P2WSH(DLC Funding Output))
- nSequence is 0xffffffff

Outputs

ToLocalOutput
ToRemoteOutput

Where

ToLocalOutput's value is Local Payout + MutualClosingFeeDelta/2
ToRemoteOutput's value is Remote Payout + MutualClosingFeeDelta/2
MutualClosingFeeDelta = Computed CET Fee + Computed ToLocal Closing Fee - Computed MutualClosing Tx Fee (note that the Mutual Closing Transaction is smaller than any CET)
ToLocalOutput's script is that of Local Final Address
ToRemoteOutput's script is that of Remote Final Address