From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 395C8C000B for ; Fri, 28 Jan 2022 21:14:29 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 19FD74014C for ; Fri, 28 Jan 2022 21:14:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ri2Xku63VIar for ; Fri, 28 Jan 2022 21:14:27 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) by smtp2.osuosl.org (Postfix) with ESMTPS id 3830240386 for ; Fri, 28 Jan 2022 21:14:27 +0000 (UTC) Received: by mail-lj1-x22b.google.com with SMTP id c15so10755929ljf.11 for ; Fri, 28 Jan 2022 13:14:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=L4+4iQujSCc8aLJ9NDCBGgtDzFAIaAYui/JzUeLS8Rk=; b=mACrPPuhcFNbHcTiyMrEZ1Ll0AEeDWAznIjFtymXoO1h18rx35cNdzx8SJTY9//kq7 wqXnZUd/ldRXz/HU6V5w4jNl/2Kwz8iVYc04C9t1SjIuhC+BLtxiHUPxAnzPoh565sSU IK5BZM1DQOgK7t53AUr0raoHJhYg5KP2hzEgBJO15bWn6uHNQgvQ5P6kCNiSTgQasYQ5 kZicNegepmLPFXZs5bk6VpG97Sg7OIMVW2AvrqMmljteQNLyAVWYuvmFFYcuYV2mqVDY uO6xWXOu2W8O5iL5Ez19GNx5BAzO46OwRxI/R2tbUAY9kATnKDSGb7JdBwqz+SnEB99a 8+UQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=L4+4iQujSCc8aLJ9NDCBGgtDzFAIaAYui/JzUeLS8Rk=; b=1hTFuaXgJZavL0ymAA/R+QM9XJN9fhe0/sgiaW1MWUQ2+QCefUvHMAeXn8EiZtHfEI 9mDiDMwWkvKGJWnxFTbVhA32AZJrRk1VP/l7Ef5oIcIrz0y/DdglOGx0wJ3QkGJCUzcB 7liNFRHw5Ki3fSm5+Nt0KtAgrs3e2Ezynq3S6WihIZwRmdbpVV12t+BUDevDcj4O/azY cpxCjMhD2Td2bvTFG9Rvmw4cxwgpxUftAmxlPjVRTwKZz1NBCA7yVIZLtRUkdnE0KhVN LUwuvW6tZT6S3kpKE0cRfrVVtNGVPs+2Mn1aI6jcKIHBmT6LcoBeR8pVJKqSZGXjrq3X B4Dg== X-Gm-Message-State: AOAM532qVLhw+kfIu0YhGmtnPYw1+Kd5YY4TklLtG+2BkLIVH2LAUw+q 5YN8wpesh0v3SZSAb62gGwEDCtg+rAl6o9E3GvE= X-Google-Smtp-Source: ABdhPJzpR1tllNCYpdOmKJWI9IBIK/2NCZMbxHNlHps1VweLKz6tsT7jrD17PQV8U24wMm7WDt0R4APpuGtb2aiG0U0= X-Received: by 2002:a2e:9055:: with SMTP id n21mr6961654ljg.263.1643404465018; Fri, 28 Jan 2022 13:14:25 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Alex Schoof Date: Fri, 28 Jan 2022 16:14:12 -0500 Message-ID: To: Jeremy , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="0000000000005c21ec05d6aaeb9e" X-Mailman-Approved-At: Sat, 29 Jan 2022 00:20:54 +0000 Cc: dlc-dev@mailmanlists.org Subject: Re: [bitcoin-dev] CTV dramatically improves DLCs X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jan 2022 21:14:29 -0000 --0000000000005c21ec05d6aaeb9e Content-Type: text/plain; charset="UTF-8" > CTV DLCs are non-interactive asynchronously third-party unilaterally creatable. This is super interesting. I think that would make it easier to do multi-party DLCs. With a "normal" DLC, you need to have N parties exchanging and signing CETs and you end up with a combinatorial explosion of signing operations to perform. It sounds like if you did it with CTV, then each party could compute all the outcomes on their own in parallel (to be able to generate commitments for each tapleaf) and then just exchange and sign the single opening transaction for the DLC. Or for devices with limited resources, you could have a coordinator compute the whole TR tree and publish a ZKP to the other signers. Cheers, Alex On Fri, Jan 28, 2022 at 12:21 PM Jeremy via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Lloyd, > > This is an excellent write up, the idea and benefits are clear. > > Is it correct that in the case of a 3/5th threshold it is a total 10x * > 30x = 300x improvement? Quite impressive. > > I have a few notes of possible added benefits / features of DLCs with CTV: > > 1) CTV also enables a "trustless timeout" branch, whereby you can have a > failover claim that returns funds to both sides. > > There are a few ways to do this: > > A) The simplest is just an oracle-free CTV whereby the > timeout transaction has an absolute/relative timelock after the creation of > the DLC in question. > > B) An alternative approach I like is to have the base DLC have a branch > ` CTV` which pays into a DLC that is the exact same > except it removes the just-used branch and replaces it with ` tx)> CTV` which contains a relative timelock R for the desired amount of > time to resolve. This has the advantage of always guaranteeing at least R > amount of time since the Oracles have been claimed to be non-live to > "return funds" to parties participating > > > 2) CTV DLCs are non-interactive asynchronously third-party unilaterally > creatable. > > What I mean by this is that it is possible for a single party to create a > DLC on behalf of another user since there is no required per-instance > pre-signing or randomly generated state. E.g., if Alice wants to create a > DLC with Bob, and knows the contract details, oracles, and a key for Bob, > she can create the contract and pay to it unilaterally as a payment to Bob. > > This enables use cases like pay-to-DLC addresses. Pay-to-DLC addresses can > also be constructed and then sent (along with a specific amount) to a third > party service (such as an exchange or Lightning node) to create DLCs > without requiring the third party service to do anything other than make > the payment as requested. > > > 3) CTV DLCs can be composed in interesting ways > > Options over DLCs open up many exciting types of instrument where Alice > can do things like: > A) Create a Option expiring in 1 week where Bob can add funds to pay a > premium and "Open" a DLC on an outcome closing in 1 year > B) Create an Option expiring in 1 week where one-of-many Bobs can pay the > premium (on-chain DEX?). > > See https://rubin.io/bitcoin/2021/12/20/advent-23/ for more concrete > stuff around this. > > There are also opportunities for perpetual-like contracts where you could > combine into one logical DLC 12 DLCs closing 1 per month that can either be > payed out all at once at the end of the year, or profit pulled out > partially at any time earlier. > > 4) This satisfies (I think?) my request to make DLCs expressible as Sapio > contracts in https://rubin.io/bitcoin/2021/12/20/advent-23/ > > 5) An additional performance improvement can be had for iterative DLCs in > Lightning where you might trade over a fixed set of attestation points with > variable payout curves (e.g., just modifying some set of the CTV points). > Defer to you on performance, but this could help enable some more HFT-y > experiences for DLCs in LN > > Best, > > Jeremy > -- > @JeremyRubin > > > > On Mon, Jan 24, 2022 at 3:04 AM Lloyd Fournier via bitcoin-dev < > bitcoin-dev@lists.linuxfoundation.org> wrote: > >> Hi dlc-dev and bitcoin-dev, >> >> tl;dr OP_CTV simplifies and improves performance of DLCs by a factor of *a lot*. >> >> >> _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > -- Alex Schoof --0000000000005c21ec05d6aaeb9e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
>=C2=A0CTV DLCs are non-interactive asynchronously third-p= arty unilaterally creatable.

This is super interesting. I think that would make it easier = to do multi-party DLCs. With a "normal" DLC, you need to have N p= arties exchanging and signing CETs and you end up with a combinatorial expl= osion of signing operations to=C2=A0perform. It sounds like if you did it w= ith CTV, then each party could compute all the outcomes on their own in par= allel (to be able to generate commitments for each tapleaf) and then just e= xchange and sign the single opening transaction for the DLC. Or for devices= with limited resources, you could have a coordinator compute the whole TR = tree and publish a ZKP to the other signers.=C2=A0
=
Cheers,

Alex
On Fri, Jan 28, 2022 at 12:21 PM Jeremy via bitco= in-dev <bitcoin= -dev@lists.linuxfoundation.org> wrote:
Lloyd,

This is an excellent write up, the idea and benefits are clear.<= /div>

Is it correct that in the case of a 3/5th threshold it is a tot= al 10x * 30x =3D 300x improvement? Quite impressive.

I have a f= ew notes of possible added benefits / features of DLCs with CTV:

1) CTV also enables a "trustless timeout" branch, whereby you c= an have a failover claim that returns funds to both sides.

The= re are a few ways to do this:

=
A) The simplest is just an oracle= -free <STH(timeout tx)> CTV whereby the timeout=C2=A0transaction=C2= =A0has an absolute/relative timelock after the creation of the DLC in quest= ion.

B) An alternative approach I like is to have the base DLC = have a branch `<STH(begin timeout)> CTV` which pays into a DLC that i= s the exact same except it removes the just-used branch and replaces it wit= h `<STH(timeout tx)> CTV` which contains a relative timelock R for th= e desired amount of time to resolve. This has the advantage of always guara= nteeing at least R amount of time since the Oracles have been claimed to be= non-live to "return funds" =C2=A0to parties participating
<= div class=3D"gmail_default" style=3D"font-family:arial,helvetica,sans-serif= ;font-size:small;color:rgb(0,0,0)">

2) CTV DLCs are non-int= eractive asynchronously third-party unilaterally creatable.

Wha= t I mean by this is that it is possible for a single party to create a DLC = on behalf of another user since there is no required per-instance pre-signi= ng or randomly generated state. E.g., if Alice wants to create a DLC with B= ob, and knows the contract details, oracles, and a key for Bob, she can cre= ate the contract and pay to it unilaterally as a payment to Bob.

This enables use cases like pay-to-DLC addresses. Pay-to-DLC addresses ca= n also be constructed and then sent (along with a specific amount) to a thi= rd party service (such as an exchange or Lightning node) to create DLCs wit= hout requiring the third party service to do anything other than make the p= ayment as requested.


3) CTV DLCs can be composed in interesting ways

Options ove= r DLCs open up many exciting types of instrument where Alice can do things = like:
A) Create a Option expiring = in 1 week where Bob can add funds to pay a premium and "Open" a D= LC on an outcome closing in 1 year
B) Create an Option expiring in 1 week where one-of-many Bobs can pay the= premium (on-chain DEX?).

=C2=A0See=C2=A0https= ://rubin.io/bitcoin/2021/12/20/advent-23/ for more concrete stuff aroun= d this.

There are also opportunities for perpetual-like c= ontracts where you could combine into one logical DLC 12 DLCs closing 1 per= month that can either be payed out all at once at the end of the year, or = profit pulled out partially at any time earlier.

4) This satisf= ies (I think?) my request to make DLCs expressible as Sapio contracts in = https://rubin.io/bitcoin/2021/12/20/advent-23/

5) An additi= onal performance improvement can be had for iterative DLCs in Lightning whe= re you might trade over a fixed set of attestation points with variable pay= out curves (e.g., just modifying some set of the CTV points). Defer to you = on performance, but this could help enable some more HFT-y experiences for = DLCs in LN

Best,

<= /div>
Jeremy


On Mon, Jan 24, 2022 at 3:04 AM Ll= oyd Fournier via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org&= gt; wrote:
Hi dlc-dev and b=
itcoin-dev,

tl;dr OP_CTV simplifies and improves performance of DLCs by a factor of *a =
lot*.

_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev


--


Alex Schoof
--0000000000005c21ec05d6aaeb9e--