Abstract
This BIP mainly describes a script for the generalized off-chain contract negotiation.
conclusion
Hash Time-locked contracts (HTLC) are scripts that allow designated parties (” sellers “) to spend money by exposing the hash’s raw information. In the case of a refund, it also allows a second party (the “buyer”) to spend the funds after the timeout has been reached.
The script takes the following form:
OP_IF
[HASHOP] <digest> OP_EQUALVERIFY OP_DUP OP_HASH160 <seller pubkey hash>
OP_ELSE
<num> [TIMEOUTOP] OP_DROP OP_DUP OP_HASH160 <buyer pubkey hash>
OP_ENDIF
OP_EQUALVERIFY
OP_CHECKSIG
Copy the code
- [HASHOP] stands for OP_SHA256 or OP_HASH160.
- [TIMEOUTOP] stands for OP_CHECKSEQUENCEVERIFY or OP_CHECKLOCKTIMEVERIFY.
Interact with each other
- Victor (” buyer “) and Peggy (” seller “) exchange common hashes and agree on timeout thresholds. Peggy (” Vendor “) provides a hash digest, and both parties can now build scripts and P2SH addresses for HTLC.
- Victor (” Buyer “) sends the funds to the P2SH address.
- Or:
- Peggy (the “seller”) spends the money, and in doing so reveals the original information about Victor (the “buyer”) in the transaction, or
- Victor (the “buyer”) restores funds after the timeout period
Victor (the “buyer”) wanted to reduce the pause time in order to reduce the amount of time that money spent without Peggy (the “seller”) disclosing the original information. Peggy (” seller “) on the hope of reaching the timeout time as soon as possible, because at the time of not reached timeout, you can’t spend the money, or even worse, she spends money deal in Victor (” buyer “) before enter the block chain, but it does to Victor (” buyer “) reveals the original information of it.
motivation
In many off-chain protocols, revealing secrets is used as part of the resolution mechanism. In other cases, the secret itself is valuable. HTLC transactions are a safe and cheap way to exchange money secrets on the blockchain, thanks to the ability to recover funds from uncooperative counterparties, and the secret owner must receive the funds before such a refund can occur.
Lightning network
In lightning Network, HTLC scripts are used to perform atomic exchanges between payment channels.
Alice constructs K and produces L using the hash, and she sends the HTLC payment to Bob to get the original information for L. Bob sends the HTLC payment to Carol to get the same original information and amount. It is only when Alice discloses the original information that K can make the corresponding exchange of value, and all parties are compensated for the disclosure of secrets at each step. If at any time some parties do not cooperate, the process can be halted by refund conditions.
Zero knowledge contingency payment
There are various practical zero-knowledge validation systems that can be used to ensure that hash preimages derive valuable information. For example, zero-knowledge proofs can be used to prove a hash preimage as a decrypted hash for an encrypted sudoku puzzle solution.
HTLC transactions can be used to exchange these decrypted hashes for money without risk, and they do not require large, expensive authentication transactions.
implementation
Github.com/bitcoin/bit…
copyright
The document is dual-licensed under BSD 3 terms and Creative Commons CC0 1.0 Universal.
This article is translated by Ran Xiaolong from Copernicus team.
The original link: mp.weixin.qq.com/s/fqHI9I2LY…