Getting your Trinity Audio player ready...
|
This post was first published on Medium.
In our previous article, we presented a cross-chain atomic swap implementation using Hash Time Locked Contracts (HTLCs). Today, we introduce an alternative approach for implementing it without HTLCs. This extends atomic swaps to blockchains lacking hash locks and time locks.
Using SPV to prove a transaction is mined
Let us swap Alice’s BTC coins with Bob’s BSV coins, at an agreed-upon rate.
In a previous article, we showed a BSV smart contract is capable of validating a transaction is included in a blockchain. Importantly, this is achieved without relying on external oracles. The basic idea is using proof of work difficulty to validate a block header trustlessly. Using Merkle proof, we can then validate a transaction is included in that block, similar to SPV done off chain.
This means that smart contracts on BSV can be programmed to execute specific actions based on the confirmation of a particular transaction on a blockchain such as BTC.
In the context of the atomic swap, the smart contract essentially says:
If you send X BTC to Y address, you can acquire the BSV asset currently held in this contract.
This functionality is made possible because BSV contracts possess the ability to verify whether a specific transaction has been successfully mined on the BTC blockchain. The contract can perform verification on the specific BTC transaction, ensuring that the intended BTC amount has been sent to the correct address.
To initiate an offer, Bob secures BSV coins in a smart contract and specifies the desired address for receiving BTC. Once Alice sends the BTC, she can claim the BSV locked in the contract. This process does not involve any trusted intermediaries.
Full Protocol Sequence
An atomic swap protocol between BSV and BTC can be executed following these steps.
- Contract Deployment: Bob deploys a smart contract on the BSV chain. This contract holds the BSV funds Bob intends to swap with Alice. The contract also contains a fail safe time lock.
- Payment and Proof: Alice sends the agreed amount of BTC to Bob on the BTC chain. She gets a Merkle proof of this transaction after it is mined into a block. Note this is a simple payment transaction, without HLTCs.
- Verification and Release: Alice submits the Merkle proof to the BSV contract. The contract verifies the proof and confirms the inclusion of Alice’s BTC transaction to Bob. If the proof is verified, Alice can unlock and claim the BSV funds in the contract.
If Bob does not receive payment in time, he can take back his coins after the time lock expires.
Note that the smart contract is deployed before the payment on BTC is broadcast. This is so that Alice has a guarantee that she will get payed the correct amount of BSV after she pays Bob. This lock time must also be long enough for a payment transaction to be mined on BTC.
With slight modification, Alice can be even unknown at the time of Bob’s contract deployment. Bob’s offer is public and anyone pays him the right amount of BTC can unlock his locked BSV.
Compared to HTLC-based atomic swaps
A key advantage of this method is it enables atomic swaps even for a blockchain without a hash lock or time lock. As long as there is a mechanism to prove the inclusion of a transaction on it trustlessly (e.g., using a Merkle proof), the other chain with smart contract capability to verify the proof can swap with it.
Implementation
In BSV, the smart contract can be implemented in sCrypt as below.
The smart contract has two public methods:
- swap(): called by Alice to take the funds if she provides a proof that she paid Bob the adequate amount of BTC.
- cancel(): called by Bob to withdraw the funds after the specified amount of time has passed.
The full code along with tests can be found on GitHub.
Watch: sCrypt makes smart contracts possible on the BSV blockchain