OK. So, using the tick scheme described by Tier a difficulty futures instrument is possible with current script + op_diff; and with taproot + op_diff (ZmnSCPxj) it may even be economical. (I will set aside covenants for now.)
To do it all on-chain, we need a mechanism for selling such an instrument in a trustless way.
That is to say (using ZmnSCPxj's construction), we have now a future where Bob pays Alice a pico-difficulty at next adjustment.
But how does Alice pay Bob his 17.4 sat?
I am trying to figure out a way to do this naively using the base layer. (I really want this with lightning, and eventually hft, but first things first.)
My thinking so far is, Alice and Bob collaborate to create partial versions of
** the difficulty future funded by Bob, spendable by Alice in 1000 blocks
** and a 17.4 sat payment from Alice to Bob, spendable by Bob immediately
When Bob completes and broadcasts the payment from Alice, it should enable Alice to complete and broadcast the difficulty future funded by Bob.
I am thinking a hash lock on the payment, with a preimage secret generated by Bob, could be used to accomplish this. When Bob unlocks and broadcasts the payment, this reveals the preimage, and with the preimage Alice can unlock and broadcast the difficulty future funded by Bob.
Am I correct in thinking something like this could work?