mirror of
https://github.com/seigler/dash-docs
synced 2025-07-27 09:46:12 +00:00
Guide - update contracts section
This commit is contained in:
thephez
parent
57bbb02486
commit
350ccce28f
2 changed files with 44 additions and 40 deletions
|
|
@ -9,14 +9,13 @@ http://opensource.org/licenses/MIT.
|
|||
|
||||
{% autocrossref %}
|
||||
|
||||
Contracts are
|
||||
transactions which use the decentralized Bitcoin system to enforce financial
|
||||
agreements.
|
||||
Bitcoin contracts can often be crafted to minimize dependency on outside
|
||||
Contracts are transactions which use the decentralized Dash system to enforce
|
||||
financial agreements.
|
||||
Dash contracts can often be crafted to minimize dependency on outside
|
||||
agents, such as the court system, which significantly decreases the risk
|
||||
of dealing with unknown entities in financial transactions.
|
||||
of dealing with unknown entities in financial transactions.
|
||||
|
||||
The following subsections will describe a variety of Bitcoin contracts
|
||||
The following subsections will describe a variety of Dash contracts
|
||||
already in use. Because contracts deal with real people, not just
|
||||
transactions, they are framed below in story format.
|
||||
|
||||
|
|
@ -35,18 +34,18 @@ Charlie-the-customer wants to buy a product from Bob-the-businessman,
|
|||
but neither of them trusts the other person, so they use a contract to
|
||||
help ensure Charlie gets his merchandise and Bob gets his payment.
|
||||
|
||||
A simple contract could say that Charlie will spend satoshis to an
|
||||
A simple contract could say that Charlie will spend duffs to an
|
||||
output which can only be spent if Charlie and Bob both sign the input
|
||||
spending it. That means Bob won't get paid unless Charlie gets his
|
||||
merchandise, but Charlie can't get the merchandise and keep his payment.
|
||||
|
||||
This simple contract isn't much help if there's a dispute, so Bob and
|
||||
Charlie enlist the help of Alice-the-arbitrator to create an [escrow
|
||||
contract][/en/glossary/escrow-contract]{:#term-escrow-contract}{:.term}. Charlie spends his satoshis
|
||||
contract][/en/glossary/escrow-contract]{:#term-escrow-contract}{:.term}. Charlie spends his duffs
|
||||
to an output which can only be spent if two of the three people sign the
|
||||
input. Now Charlie can pay Bob if everything is ok, Bob can refund
|
||||
Charlie's money if there's a problem, or Alice can arbitrate and decide
|
||||
who should get the satoshis if there's a dispute.
|
||||
who should get the duffs if there's a dispute.
|
||||
|
||||
To create a multiple-signature ([multisig][/en/glossary/multisig]{:#term-multisig}{:.term})
|
||||
output, they each give the others a public key. Then Bob creates the
|
||||
|
|
@ -72,18 +71,18 @@ keys provided).
|
|||
|
||||
Bob gives the redeem script to Charlie, who checks to make sure his
|
||||
public key and Alice's public key are included. Then he hashes the
|
||||
redeem script to create a P2SH redeem script and pays the satoshis to it. Bob
|
||||
redeem script to create a P2SH redeem script and pays the duffs to it. Bob
|
||||
sees the payment get added to the block chain and ships the merchandise.
|
||||
|
||||
Unfortunately, the merchandise gets slightly damaged in transit. Charlie
|
||||
wants a full refund, but Bob thinks a 10% refund is sufficient. They
|
||||
turn to Alice to resolve the issue. Alice asks for photo evidence from
|
||||
Charlie along with a copy of the redeem script Bob created and
|
||||
Charlie checked.
|
||||
Charlie checked.
|
||||
|
||||
After looking at the evidence, Alice thinks a 40% refund is sufficient,
|
||||
so she creates and signs a transaction with two outputs, one that spends 60%
|
||||
of the satoshis to Bob's public key and one that spends the remaining
|
||||
of the duffs to Bob's public key and one that spends the remaining
|
||||
40% to Charlie's public key.
|
||||
|
||||
In the signature script Alice puts her signature
|
||||
|
|
@ -116,14 +115,16 @@ validates, the two transaction outputs show up in Bob's and Charlie's
|
|||
wallets as spendable balances.
|
||||
|
||||
However, if Alice created and signed a transaction neither of them would
|
||||
agree to, such as spending all the satoshis to herself, Bob and Charlie
|
||||
can find a new arbitrator and sign a transaction spending the satoshis
|
||||
agree to, such as spending all the duffs to herself, Bob and Charlie
|
||||
can find a new arbitrator and sign a transaction spending the duffs
|
||||
to another 2-of-3 multisig redeem script hash, this one including a public
|
||||
key from that second arbitrator. This means that Bob and Charlie never
|
||||
need to worry about their arbitrator stealing their money.
|
||||
|
||||
<!--
|
||||
**Resource:** [BitRated](https://www.bitrated.com/) provides a multisig arbitration
|
||||
service interface using HTML/JavaScript on a GNU AGPL-licensed website.
|
||||
-->
|
||||
|
||||
{% endautocrossref %}
|
||||
|
||||
|
|
@ -133,25 +134,25 @@ service interface using HTML/JavaScript on a GNU AGPL-licensed website.
|
|||
{% autocrossref %}
|
||||
|
||||
<!-- SOMEDAY: try to rewrite using a more likely real-world example without
|
||||
making the text or illustration more complicated -->
|
||||
making the text or illustration more complicated -->
|
||||
|
||||
Alice also works part-time moderating forum posts for Bob. Every time
|
||||
someone posts to Bob's busy forum, Alice skims the post to make sure it
|
||||
isn't offensive or spam. Alas, Bob often forgets to pay her, so Alice
|
||||
demands to be paid immediately after each post she approves or rejects.
|
||||
Bob says he can't do that because hundreds of small payments will cost
|
||||
him thousands of satoshis in transaction fees, so Alice suggests they use a
|
||||
him thousands of duffs in transaction fees, so Alice suggests they use a
|
||||
[micropayment channel][]{:#term-micropayment-channel}{:.term}.
|
||||
|
||||
Bob asks Alice for her public key and then creates two transactions.
|
||||
The first transaction pays 100 millibitcoins to a P2SH output whose
|
||||
The first transaction pays 100 millidash to a P2SH output whose
|
||||
2-of-2 multisig redeem script requires signatures from both Alice and Bob.
|
||||
This is the bond transaction.
|
||||
Broadcasting this transaction would let Alice hold the millibitcoins
|
||||
Broadcasting this transaction would let Alice hold the millidash
|
||||
hostage, so Bob keeps this transaction private for now and creates a
|
||||
second transaction.
|
||||
|
||||
The second transaction spends all of the first transaction's millibitcoins
|
||||
The second transaction spends all of the first transaction's millidash
|
||||
(minus a transaction fee) back to Bob after a 24 hour delay enforced
|
||||
by locktime. This is the refund transaction. Bob can't sign the refund transaction by himself, so he gives
|
||||
it to Alice to sign, as shown in the
|
||||
|
|
@ -164,7 +165,7 @@ future, signs it, and gives a copy of it back to Bob. She then asks Bob
|
|||
for the bond transaction and checks that the refund transaction spends
|
||||
the output of the bond transaction. She can now broadcast the bond
|
||||
transaction to the network to ensure Bob has to wait for the time lock
|
||||
to expire before further spending his millibitcoins. Bob hasn't actually
|
||||
to expire before further spending his millidash. Bob hasn't actually
|
||||
spent anything so far, except possibly a small transaction fee, and
|
||||
he'll be able to broadcast the refund transaction in 24 hours for a
|
||||
full refund.
|
||||
|
|
@ -190,21 +191,22 @@ near the time lock expiry, she could be cheated out of her payment.
|
|||
Transaction malleability, discussed above in the Transactions section,
|
||||
is another reason to limit the value of micropayment channels.
|
||||
If someone uses transaction malleability to break the link between the
|
||||
two transactions, Alice could hold Bob's 100 millibitcoins hostage even if she
|
||||
two transactions, Alice could hold Bob's 100 millidash hostage even if she
|
||||
hadn't done any work.
|
||||
|
||||
For larger payments, Bitcoin transaction fees are very low as a
|
||||
For larger payments, Dash transaction fees are very low as a
|
||||
percentage of the total transaction value, so it makes more sense to
|
||||
protect payments with immediately-broadcast separate transactions.
|
||||
|
||||
**Resource:** The [bitcoinj][] Java library
|
||||
**Resource:** The [dashj][] Java library
|
||||
provides a complete set of micropayment functions, an example
|
||||
implementation, and [a
|
||||
tutorial][bitcoinj micropayment tutorial]
|
||||
tutorial (from bitcoinj)][bitcoinj micropayment tutorial]
|
||||
all under an Apache license.
|
||||
|
||||
{% endautocrossref %}
|
||||
|
||||
<!-- Obsolesced by PrivateSend
|
||||
### CoinJoin
|
||||
{% include helpers/subhead-links.md %}
|
||||
|
||||
|
|
@ -212,28 +214,28 @@ all under an Apache license.
|
|||
|
||||
Alice is concerned about her privacy. She knows every transaction gets
|
||||
added to the public block chain, so when Bob and Charlie pay her, they
|
||||
can each easily track those satoshis to learn what Bitcoin
|
||||
can each easily track those duffs to learn what Bitcoin
|
||||
addresses she pays, how much she pays them, and possibly how many
|
||||
satoshis she has left.
|
||||
duffs she has left.
|
||||
|
||||
Alice isn't a criminal, she just wants plausible deniability about
|
||||
where she has spent her satoshis and how many she has left, so she
|
||||
where she has spent her duffs and how many she has left, so she
|
||||
starts up the Tor anonymity service on her computer and logs into an
|
||||
IRC chatroom as "AnonGirl."
|
||||
|
||||
Also in the chatroom are "Nemo" and "Neminem." They collectively
|
||||
agree to transfer satoshis between each other so no one besides them
|
||||
can reliably determine who controls which satoshis. But they're faced
|
||||
with a dilemma: who transfers their satoshis to one of the other two
|
||||
agree to transfer duffs between each other so no one besides them
|
||||
can reliably determine who controls which duffs. But they're faced
|
||||
with a dilemma: who transfers their duffs to one of the other two
|
||||
pseudonymous persons first? The CoinJoin-style contract, shown in the
|
||||
illustration below, makes this decision easy: they create a single
|
||||
transaction which does all of the spending simultaneously, ensuring none
|
||||
of them can steal the others' satoshis.
|
||||
of them can steal the others' duffs.
|
||||
|
||||
|
||||
|
||||
Each contributor looks through their collection of Unspent Transaction
|
||||
Outputs (UTXOs) for 100 millibitcoins they can spend. They then each generate
|
||||
Outputs (UTXOs) for 100 millidash they can spend. They then each generate
|
||||
a brand new public key and give UTXO details and pubkey hashes to the
|
||||
facilitator. In this case, the facilitator is AnonGirl; she creates
|
||||
a transaction spending each of the UTXOs to three equally-sized outputs.
|
||||
|
|
@ -243,7 +245,7 @@ AnonGirl then signs her inputs using `SIGHASH_ALL` to ensure nobody can
|
|||
change the input or output details. She gives the partially-signed
|
||||
transaction to Nemo who signs his inputs the same way and passes it
|
||||
to Neminem, who also signs it the same way. Neminem then broadcasts
|
||||
the transaction to the peer-to-peer network, mixing all of the millibitcoins in
|
||||
the transaction to the peer-to-peer network, mixing all of the millidash in
|
||||
a single transaction.
|
||||
|
||||
As you can see in the illustration, there's no way for anyone besides
|
||||
|
|
@ -257,19 +259,19 @@ Neminem. If Alice does a few more CoinJoins, Bob and Charlie might
|
|||
have to guess which transactions made by dozens or hundreds of people
|
||||
were actually made by Alice.
|
||||
|
||||
The complete history of Alice's satoshis is still in the block chain,
|
||||
The complete history of Alice's duffs is still in the block chain,
|
||||
so a determined investigator could talk to the people AnonGirl
|
||||
CoinJoined with to find out the ultimate origin of her satoshis and
|
||||
CoinJoined with to find out the ultimate origin of her duffs and
|
||||
possibly reveal AnonGirl as Alice. But against anyone casually browsing
|
||||
block chain history, Alice gains plausible deniability.
|
||||
|
||||
The CoinJoin technique described above costs the participants a small
|
||||
amount of satoshis to pay the transaction fee. An alternative
|
||||
technique, purchaser CoinJoin, can actually save them satoshis and
|
||||
amount of duffs to pay the transaction fee. An alternative
|
||||
technique, purchaser CoinJoin, can actually save them duffs and
|
||||
improve their privacy at the same time.
|
||||
|
||||
AnonGirl waits in the IRC chatroom until she wants to make a purchase.
|
||||
She announces her intention to spend satoshis and waits until someone
|
||||
She announces her intention to spend duffs and waits until someone
|
||||
else wants to make a purchase, likely from a different merchant. Then
|
||||
they combine their inputs the same way as before but set the outputs
|
||||
to the separate merchant addresses so nobody will be able to figure
|
||||
|
|
@ -280,10 +282,11 @@ Since they would've had to pay a transaction fee to make their purchases
|
|||
anyway, AnonGirl and her co-spenders don't pay anything extra---but
|
||||
because they reduced overhead by combining multiple transactions, saving
|
||||
bytes, they may be able to pay a smaller aggregate transaction fee,
|
||||
saving each one of them a tiny amount of satoshis.
|
||||
saving each one of them a tiny amount of duffs.
|
||||
|
||||
|
||||
**Resource:** An alpha-quality (as of this writing) implementation of decentralized
|
||||
CoinJoin is [CoinMux](http://coinmux.com/), available under the Apache
|
||||
license.
|
||||
|
||||
-->
|
||||
{% endautocrossref %}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue