Bitcoin Forum
March 19, 2024, 03:00:39 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: A decentralized anonymous exchange between chains  (Read 4613 times)
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
July 25, 2011, 07:04:15 PM
Last edit: August 29, 2011, 08:28:50 AM by jtimon
 #1

EDIT: it seems that there's a better solution.

EDIT2:
It seems the better solution was already proposed here:
https://bitcointalk.org/index.php?topic=22581.0

I've been asking myself lately whether if a chain for exchange blockchain crypto-currencies would need modifications on bitcoin or not.
To simplify, we just want to trade bitcoins and namecoins.
You have to read this:

https://en.bitcoin.it/wiki/Alternative_Chains#Paying_for_resources_on_alternative_chains_with_Bitcoins

Of course you could modify bitcoin (and namecoin) to allow conditional transactions that are valid or not depending on what appears in this other network (and namecoin's chain), but that's not very scalable and modify bitcoin rules to build an exchange is ask for too much.
My solution requires another currency, middlecoin or exchangecoin.
You can have atomicity to exchange bitcoins or namecoins for middlecoins just as described in the link.
Well, an example.
I set a buy order of 1 btc for 10 middlecoins.
A seller accepts and creates a conditional transaction "send 10 middlecoins to the address in the buy order MDC address only if this BTC address receives 1 btc within the next X btc blocks".
The same would apply to trade nmc/mdc.
Now say you want to trade 1 btc for 10 mdc and those 10 mdc for 3 nmc, that is 1 btc for 3 nmc.
And another person wants to do the opposite thing. One can send his nmc but not receive the btc. In that case you still have the 10 mdc and the other part could be punished by losing an additional escrow (also in mdc). That last part would be equivalent to agree a higher price than the market's for both linked transactions.

What do you think?
What problems do you see with it?

EDIT: In this thread I propose to separate middleCoin and exchangeChain.
If either bitcoin or namecoin adapts, there would be no need for middleCoin.



2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
1710817239
Hero Member
*
Offline Offline

Posts: 1710817239

View Profile Personal Message (Offline)

Ignore
1710817239
Reply with quote  #2

1710817239
Report to moderator
1710817239
Hero Member
*
Offline Offline

Posts: 1710817239

View Profile Personal Message (Offline)

Ignore
1710817239
Reply with quote  #2

1710817239
Report to moderator
Even if you use Bitcoin through Tor, the way transactions are handled by the network makes anonymity difficult to achieve. Do not expect your transactions to be anonymous unless you really know what you're doing.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1710817239
Hero Member
*
Offline Offline

Posts: 1710817239

View Profile Personal Message (Offline)

Ignore
1710817239
Reply with quote  #2

1710817239
Report to moderator
1710817239
Hero Member
*
Offline Offline

Posts: 1710817239

View Profile Personal Message (Offline)

Ignore
1710817239
Reply with quote  #2

1710817239
Report to moderator
1710817239
Hero Member
*
Offline Offline

Posts: 1710817239

View Profile Personal Message (Offline)

Ignore
1710817239
Reply with quote  #2

1710817239
Report to moderator
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
July 26, 2011, 06:34:16 AM
 #2

Of course, if bitcoin is modified to look into this change and make conditional transactions, the issuance of that middlecoin wouldn't be necessary and exchanges between bitcoin and any other chain cryptocurrency could be completely atomic.

2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
July 27, 2011, 11:01:07 AM
 #3

I've opened a related thread here:

http://forum.bitcoin.org/index.php?topic=32258

In that thread, the middlecoin generation is decoupled from the exchange chain, that relies only on fees.
Again, if bitcoin or namecoin adapts to work like middlecoin, there's no need for middlecoin.
But middlecoin must be changed every time you want to add a new currency to the exchange.

2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
August 19, 2011, 04:25:27 PM
 #4


A design for the protocol would be something like this:

message Bid {
 required unsigned tradeId;
 required float price;
 required float maxAmount;
 required Address exchangeCoinsTo;
 required Address bitcoinsFrom;
 optional unsigned exchangeCoinExpiryBlock;
 optional unsigned bitcoinExpiryBlock;
}

message AcceptBid {
 required unsigned tradeId;
 required float amount;
 required Address bitcoinsTo;
 repeated required Input exchangeCoinPayment; 
}

message Ask {
 required unsigned tradeId;
 required float price;
 required float maxAmount;
 repeated required Input exchangeCoinEscrow; 
 required Address bitcoinsTo;
 optional unsigned exchangeCoinExpiryBlock;
 optional unsigned bitcoinExpiryBlock;
}

message AcceptAsk {
 required unsigned tradeId;
 required float amount;
 required Address bitcoinsFrom;
 required Address exchangeCoinsTo;
}

The commit for the trade is always the bitcoin transaction. When it is done, the exchangeCoins are moved automatically by the exchangecoin network. That is, to know the balance of a given nmc address, the system has to take this messages and the bitcoin chain into account.
That could be applied to alternative currencies like namecoin too. This feature could be added to bitcoin or namecoin too. But a change in the protocol is needed every time you want to accept a new currency.

Accepted currencies can also be traded directly (not through exchangeCoins) for every other accepted currency if they extend their protocol with the following messages:

message FundTrade {
 required unsigned exchangeCoinBlockNumber;
 required unsigned tradeId;
 repeated required Input otherCoinEscrow; 
}

When AcceptBid or Ask messages are funded through an external accepted chain, instead of including the Inputs, it is necessary to indicate in what chain are those funds.
To save traders and external chains the task to watch all the accepted currencies chains looking for commits, the exchange chain miners must report all committed trades at the beginning of the block.

2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
d'aniel
Sr. Member
****
Offline Offline

Activity: 461
Merit: 251


View Profile
August 20, 2011, 05:18:17 PM
 #5

Does this just require nLockTime to be enabled?
https://bitcointalk.org/index.php?topic=22581.msg305475#msg305475

I heard Mike Hearn say he wanted to wait until valid use cases were presented before enabling scripts, so here's yet another AFAICS.
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
August 20, 2011, 05:42:10 PM
 #6

Does this just require nLockTime to be enabled?
https://bitcointalk.org/index.php?topic=22581.msg305475#msg305475

I heard Mike Hearn say he wanted to wait until valid use cases were presented before enabling scripts, so here's yet another AFAICS.

I've read the contracts page but I'm not sure I've understood well the oracles part.
Could a bitcoin transaction have the condition "if there's a transaction from x to y in namecoin's block chain". Do you need a server to answer that question?

If this is possible, then atomic trades could take place within distributed exchanges like dark exchange without the need to fork bitcoin. Maybe the exchange can be build with conditional transactions in both chains without the need of dark exchange.
A valid use case for contracts in my opinion.

I will ask Mike to answer this doubt.

2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526
Merit: 1078


View Profile
August 21, 2011, 05:53:53 PM
 #7

There's a slick protocol that allows for atomic trades between chains. It was described elsewhere on the forum. It does not require oracles or modifications to bitcoin beyond a new whitelisted script. I haven't had time to put it on the wiki yet.
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
August 21, 2011, 06:53:18 PM
 #8

There's a slick protocol that allows for atomic trades between chains. It was described elsewhere on the forum. It does not require oracles or modifications to bitcoin beyond a new whitelisted script. I haven't had time to put it on the wiki yet.

Cool. Then my proposal is worthless, but it's better this way.
Can you link me to the post if you find it or to the wiki if you add it?

Thank you.

2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526
Merit: 1078


View Profile
August 22, 2011, 08:25:37 AM
 #9

The post was already linked, by d'aniel. The proposal was by luxgladius:

Quote
A generates Tx1 with an output that can be unlocked by either (keyA and keyB) OR (secretA, secretB, and keyB). He does not broadcast it. He then generates Tx2 with Tx1 as the input with sequence number 0, an output that can be unlocked by keyA, and an nLockTime of sometime in the future. Because the sequence number of the input is 0, the transaction won't be finalized until the time encoded in nLockTime. He then signs Tx2 with keyA and sends it to B. B signs it and sends it back. A now broadcasts Tx1 and Tx2. After making sure a similar scheme is conducted on the other crypto network, he reveals secretA to B. B now reissues Tx2 using secretA, secretB, and keyB, but with nLockTime of 0, finalizing it, and an output of his choosing. A sees secretB in the broadcast transaction, and uses it to unlock the coins on the other network.

However now I read it again, I think there are some bugs in this proposal. I'll analyze it further at some point and write something up for the wiki.
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
August 22, 2011, 08:50:10 AM
 #10

Thank you, Mike!
Well, thank you d'aniel and luxgladius too.

I have to read more about scripts though.

2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
jtimon (OP)
Legendary
*
Offline Offline

Activity: 1372
Merit: 1002


View Profile WWW
August 29, 2011, 08:28:25 AM
 #11

It seems the better solution was already proposed here:
https://bitcointalk.org/index.php?topic=22581.0

2 different forms of free-money: Freicoin (free of basic interest because it's perishable), Mutual credit (no interest because it's abundant)
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!