bodymindarts / bisq-v2-proposal Goto Github PK

Thanks for looking into the concept for an off chain trade protocol.

For reference I refer to the preliminary concept with the version in that document:
https://docs.google.com/document/d/1sTbm7SuIGQ5HWCwbxYfnklyMHB_-jIr7kAM9-ZSzzH8

Here a few comments and feedback:

A bond (or slice thereof) cannot be associated with more than 1 trade at a time

This statement sounds a bit confusing to me. I think you refer eith bond to a conceptual "slice" of a bond which is allocated to only 1 trade. The bond itself (I interpret bond as the amount locked up in the bond tx) should be reusable for multiple trades.

rely on attestations from 3rd parties that witnessed the announcement for verification

Can you specify that? I am not aware of a 3rd party in the preliminary concept needed for verification. The peers are doing it.

This is equivilent to accepting 0-conf transactions that have been anounced to the bitcoin mem-pool as final

I do not see the direct equivalence to a 0-conf transaction.

Though I share the sentiment that the current idea might be not secure as we only rely on P2P network (beside the initial bond tx) and there is no guarantee for the order and availibility of delivered messages. It still would be interesting to find out in which part(s) of the current protocol the security is flawed.

the single-use seals concept put forward by Peter Todd to construct per-bond mini-ledgers that document the allocation of bond-slices to trades

I discussed that with @sqrrm as well but I did not had time to look closer into the single-use seals concept. I agree that this feels like an interesting path forward but would like to find out first what is broken in the preliminary concept to understand our problem space better.

The Anchor continuation output is initially the BTC change output of the bond TX and subsequently identified via OP_RETURN

The lockup tx does not require a mandatory change output. See
https://docs.bisq.network/dao-technical-overview.html#lockup-tx
This could be changed if required but changes in the DAO consensus should be avoided as long not absolutely needed (or for bug fixes).

per bond ledger

The proposed solution lacks of details for me to make it possible to think through it. I understand that this is probably intended as a first step and that is fine...

Some challenges with the single-use seals concept migh be:

• Who is doing the tx (mentioned in your doc), we need to avoid to introduce a centralized entity. If traders are doing it, do we achieve the scaling properties we want?
• When is a commitment tx needed? Trade-offs between security/speed/tx costs and potentially privacy.
• Is it possible to only use those commitment txs for the edge cases which might introduce security weaknessed in the preliminary proposal? That way we might get 99% of the time the benefits of not requiring a BTC tx and just in case an edge case occurs (e.g. timeout, disputes,..) the commitment tx is needed to guarantee security. Might be a bit like in Lightning Network as well as the dispute case in relation to privay (usually only the 2 traders know about the trade but in case of a dispute which should be rare the mediator/arbitrator will get involved as well).