aljaz/specs
1
1
Fork 0
mirror of https://github.com/bits-wallet/specs.git synced 2025-12-17 13:44:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update 04.md

Browse Source
This commit is contained in:
brqgoo
2023-01-16 17:26:17 +03:00
committed by GitHub
parent ac66e60556
commit 37a08446e0
1 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
04.md
View File

@@ -30,13 +30,11 @@ The sender non-interactively pays the recipient based on their dedicated Nostr p
When a sender wants to pay the recipient, the sender initiates a swap-in payment through a specialized submarine service provided by TBD wallet SSP. Here's how it's done step-by-step: When a sender wants to pay the recipient, the sender initiates a swap-in payment through a specialized submarine service provided by TBD wallet SSP. Here's how it's done step-by-step:
### 1. The sender first generates a preimage and a tweaked destination: ### 1. The sender first generates a preimage and a tweaked destination:
* Where the recipient npub is `R = r*G` , and the sender npub is `S = s*G`.
* The sender generates a 32-byte random element `rand`, and calculates a tweaked pubkey for the recipient: `R' = hash(s*R, rand)*G + R`.
* The sender generates a shared preimage secret for the recipient : `P = hash(rand)*G + R`
* The sender `S` then sends a NIP-04 encrypted DM to the recipient containing rand and payment value.
* The recipient `R` can locally construct his tweaked pubkey `R'` and preimage `P` from the rand value, and the sender's npub `S`.
Where the recipient npub is `R = r*G` , and the sender npub is `S = s*G` ;
The sender generates a 32-byte random element `rand`, and calculates a tweaked pubkey for the recipient: `R' = hash(s*R, rand)*G + R`
And a shared preimage secret for the recipient : `P = hash(rand)*G + R`
The sender `S` then sends a NIP-04 encrypted DM to the recipient containing rand and payment value. The recipient `R` can locally construct his tweaked pubkey `R'` and preimage `P` from the rand value, and the sender's npub `S`.
Although it seems similar to keysend due to the sender generating the preimage, the proof of payment here is not the revealed preimage but the on-chain transaction (swap factory) itself. Although it seems similar to keysend due to the sender generating the preimage, the proof of payment here is not the revealed preimage but the on-chain transaction (swap factory) itself.