Cross chain atomic swaps using a private transaction only chain like PIRATE jl777 Follow Apr 22, 2019 · 3 min read

Even I had said that doing atomic swaps on a blockchain with only private transactions is not possible. At first (and second and third) look, this seems an obvious thing as in a private transaction only sender and receiver know the details. How could it be that some external chain can monitor for the secret that unlocks the hashlock? or enforce the timelock?

It just sounds like it isnt worth trying to solve.

Then I was reminded about the viewkeys that the zcash devs will hopefully someday get working with sapling. Yes, I did see how using some deep zero knowledge math, it is possible to do some amazing things, but I am not a mathematician and such complex things are not my style.

I like simple solutions to complex problems.

Instead of some massively arcane deep math based whitepaper, I will describe in this post using common english how this can be done!

The viewkey allows anybody with the viewkey to see the transaction details. So what if everybody got the viewkey? This can be achieved by simply putting the viewkey into the opreturn for the hashlocked zaddr transaction. Of course the details of the hashlock and timelock are also needed, but that is for a bit later.

If you are not aware of how cross chain atomic swaps work, look up Tier Nolan writings on the subject. The following will assume you know about that.

Using the opreturn, we can prove to the network that we sent funds to some address. this is one part of the atomic swap. The other part is the enforcing of the hashlock and timelocks. The reason why the other proposed solution requires making fancy new snarks that few mathematicians understand the details of, is that they assume the consensus rules cant be changed in a freeform way.

Welcome to Custom Consensus (CC) way of thinking! With CC, the assumption is that anything can be done, just a matter to solve the details.

What we have with a globally accessible viewkey is the 512 bytes of data that can be included with any zaddr transaction, along with the opreturn. Maybe there is some crosschecking hash value on the full contents of the 512 bytes data in the opreturn, but such details are implementation details. We can now assume that the specific zutxo is not having a hashlock/timelock added to it via a change to the consensus rules that simply says that if there is a ztransaction that has an opreturn with a viewkey, the extra constraints must be followed.

What that means is that we now can have a zaddr utxo (zutxo) that implements a hashlock and a timelock (and whatever else is needed) to implement a cross chain atomic swap. Granted still some details like having a destination address specified that is acceptable to the other party is needed to be determined, but presumably the destination address is one that is negotiated during the atomic swap ordermatch.

Anyway, I had this flash of insight the other day and wanted to write it down so people who are anxiously waiting for using an atomic DEX for PIRATE, will have some hope it will actually be possible. And since it is a matter of decoding opreturn and 512 data packet, it should also be possible via zSPV.