mirror of https://github.com/comit-network/xmr-btc-swap.git synced 2025-01-25 23:06:00 -05:00

Go to file

170: Cancel and refund commands r=da-kami a=da-kami

I plugged the cancel and refund logic into the current state/state-machine logic of the swap.

## Follow ups  (out of scope)

We might want to record issues to be tackled later, since we are on a tight time budget :)
Please let me know what you think @D4nte @rishflab 

### Problems with `ack` after sending a message

Alice was waiting forever when awaiting the `ack` from bob when sending the lock proof in case she runs into a dial error. It seems the `acks` can cause the program to hang. This is a severe problem that we most probably will encountered in production at some point. For this PR I wrapped the `ack` of Alice upon sending the `encsig` in a timeout to work around this problem, see 7463081f88 - but **we might want to consider to remove all `ack` message. I don't see much value in them if we don't have a resilient retry strategy.**

### Do not require Monero wallet for cancel/refund

The cancel/refund commands don't require a monero wallet.
In this PR we re-uses the builder which requires the monero wallet as well - and we check for the monero balance upon wallet initialization, so the command will fail if no monero wallet is started.

### Save Alice connection info in Bob DB

Save Alice's peer-id/address in DB: It's cumbersome for the user to lookup those details again.




Co-authored-by: Daniel Karzel <daniel@comit.network>

2021-02-09 02:40:47 +00:00

.github/workflows

Add --force flag for cancel and refund

2021-02-08 21:19:38 +11:00

docs

Implement new behaviour for execution setup

2021-02-05 16:42:46 +11:00

monero-harness

Upgrade toolchain

2021-02-04 15:18:33 +11:00

swap

Give finding the refund tx priority over waiting for the punish transaction to be finalized.

2021-02-09 12:13:43 +11:00

.gitignore

Push cargo lock to git as we are building a binary

2020-12-01 09:31:41 +11:00

.mergify.yml

Add Mergify rule to delete merged branch and bors+

2020-12-21 16:09:21 +11:00

bors.toml

Updates bors to include all docker tests

2021-01-29 15:41:49 +11:00

BTC_XMR_atomic_swap_protocol.svg

Fix embedded image

2020-10-09 09:45:48 +11:00

Cargo.lock

Cancel command

2021-02-08 21:11:39 +11:00

Cargo.toml

Merge xmr_btc crate

2021-01-08 12:34:33 +11:00

LICENSE

Change license to GPLv3

2020-10-12 17:13:25 +11:00

README.md

Fix typo

2020-10-09 09:49:39 +11:00

rust-toolchain

Upgrade toolchain

2021-02-04 15:18:33 +11:00

rustfmt.toml

Upgrade toolchain

2021-02-04 15:18:33 +11:00

README.md

XMR to BTC Atomic Swap

This repository is a proof of concept for atomically swapping XMR for BTC.

We define:

Alice to be the actor that initially holds XMR.
Bob to be the actor that initially holds BTC.

In the best-case scenario the protocol looks like this:

Alice and Bob exchange a set of addresses, keys, zero-knowledge proofs and signatures.
Bob publishes Tx_lock, locking up his bitcoin in a 2-of-2 multisig output owned by Alice and Bob. Given the information exchanged in step 1, Bob can refund his bitcoin if he waits until time t_1 by using Tx_cancel and Tx_refund. If Bob doesn't refund after time t_1, Alice can punish Bob for being inactive by first publishing Tx_cancel and, after t_2, spending the output using Tx_punish.
Alice sees that Bob has locked up the bitcoin, so she publishes Tx_lock on the Monero blockchain, locking up her monero in an output which can only be spent with a secret key owned by Alice (s_a) and a secret key owned by Bob (s_b). This means that neither of them can actually spend this output unless they learn the secret key of the other party.
Bob sees that Alice has locked up the monero, so he now sends Alice a missing key bit of information which will allow Alice to redeem the bitcoin using Tx_redeem.
Alice uses this information to spend the bitcoin to an address owned by her. When doing so she leaks her Monero secret key s_a to Bob through the magic of adaptor signatures.
Bob sees Alice's Tx_redeem on Bitcoin, extracts Alice's secret key from it and combines it with his own to spend the monero to an address of his own.

The repository is structured as a library and a single test function that executes the swap. The library has the following modules:

alice: Defines the state machine that describes the swap for Alice. This includes the messages sent to/from Alice.
bob: Defines the state machine that describes the swap for Bob. This includes the messages sent to/from Bob.
bitcoin: Keys, signing functions, transactions etc. for Bitcoin. Also includes a test wallet (see below).
monero: Keys, signing functions, transactions etc. for Monero. Also includes a test wallet (see below).

Currently we have a single test function that proves the following:

Interaction with both block chains and their respective wallets works.
The messages required are correct and can manually drive the state transitions to execute a swap.
It is possible to interact with, and watch, the monero blockchain using monero-wallet-rpc.
It is possible to watch a bitcoind instance using bitcoin-harness (we already knew this :)

Currently we do not do:

Actual network communication.
Verification that the UI is acceptable. Since we do everything in a single test function there is no user interaction, this is unrealistic for a real product.

Testing

We wrote a few additional libraries to facilitate testing:

Wallets

bitcoin module contains a test wallet by way of bitcoind.
monero: module contains a test wallet by way of monero-wallet-rpc.

Blockchain harnesses

We have written two harnesses for interacting with bitcoin and monero.

These harnesses wrap interaction with bitcoind and monerod/monero-wallet-rpc.

We use testcontainers-rs to spin up bitcoind, monerod, and monero-wallet-rpc in docker containers during unit/integration testing.