Git-Mirrors/xmr-btc-swap
1
0
Fork 0
mirror of https://github.com/comit-network/xmr-btc-swap.git synced 2024-10-01 01:45:40 -04:00
Code Issues Packages Projects Releases Wiki Activity
Bitcoin–Monero Cross-chain Atomic Swap
468 Commits 72 Branches 27 Tags 73 MiB
Rust 99.8%
Shell 0.2%
485220929e
Go to file
bors[bot] 485220929e
Merge #127 
127: Deterministic peer id for alice and bob r=da-kami a=da-kami

The first commit introduces a seed file similar to Nectar. Note, that the parameter --database was changed to --data-dir where the database is stored in the sub-folder database inside that data directory. This is breaking change, run commands will have to be adapted.
I opted for keeping the structure of generating an overall seed and then deriving the network seed from it (as in Nectar, where we use the seed for wallet creation as well). I feel this is cleaner than just using the seed for the network only.

The second commit applies the deterministic peer id to Bob as well. We don't have to do this because in the current setup Bob can have a new identity every time. I would still harmonize this to avoid confusion in the future. I don't see a reason why Bob's setup should be different from Alice here.

Co-authored-by: Daniel Karzel <daniel@comit.network>
2021-01-11 03:07:11 +00:00
.github/workflows Merge xmr_btc crate 2021-01-08 12:34:33 +11:00
docs/research/user-experience Merge pull request #58 from comit-network/feature-anonymity 2020-12-07 11:57:17 +11:00
monero-harness Enable tracing in monero-harness 2021-01-11 12:55:19 +11:00
swap Create network::Seed from swap::Seed instead of abstracting over byte array 2021-01-11 12:03:29 +11:00
.gitignore Push cargo lock to git as we are building a binary 2020-12-01 09:31:41 +11:00
.mergify.yml Add Mergify rule to delete merged branch and bors+ 2020-12-21 16:09:21 +11:00
bors.toml Update bors with the current jobs 2020-12-10 16:46:02 +11:00
BTC_XMR_atomic_swap_protocol.svg Fix embedded image 2020-10-09 09:45:48 +11:00
Cargo.lock Enable tracing in monero-harness 2021-01-11 12:55:19 +11:00
Cargo.toml Merge xmr_btc crate 2021-01-08 12:34:33 +11:00
LICENSE Change license to GPLv3 2020-10-12 17:13:25 +11:00
README.md Fix typo 2020-10-09 09:49:39 +11:00
rust-toolchain Swap Monero for Bitcoin 2020-09-28 17:15:57 +10:00
rustfmt.toml Swap Monero for Bitcoin 2020-09-28 17:15:57 +10:00

README.md

XMR to BTC Atomic Swap

This repository is a proof of concept for atomically swapping XMR for BTC.

We define:

  • Alice to be the actor that initially holds XMR.
  • Bob to be the actor that initially holds BTC.

In the best-case scenario the protocol looks like this:

  1. Alice and Bob exchange a set of addresses, keys, zero-knowledge proofs and signatures.
  2. Bob publishes Tx_lock, locking up his bitcoin in a 2-of-2 multisig output owned by Alice and Bob. Given the information exchanged in step 1, Bob can refund his bitcoin if he waits until time t_1 by using Tx_cancel and Tx_refund. If Bob doesn't refund after time t_1, Alice can punish Bob for being inactive by first publishing Tx_cancel and, after t_2, spending the output using Tx_punish.
  3. Alice sees that Bob has locked up the bitcoin, so she publishes Tx_lock on the Monero blockchain, locking up her monero in an output which can only be spent with a secret key owned by Alice (s_a) and a secret key owned by Bob (s_b). This means that neither of them can actually spend this output unless they learn the secret key of the other party.
  4. Bob sees that Alice has locked up the monero, so he now sends Alice a missing key bit of information which will allow Alice to redeem the bitcoin using Tx_redeem.
  5. Alice uses this information to spend the bitcoin to an address owned by her. When doing so she leaks her Monero secret key s_a to Bob through the magic of adaptor signatures.
  6. Bob sees Alice's Tx_redeem on Bitcoin, extracts Alice's secret key from it and combines it with his own to spend the monero to an address of his own.

BTC/XMR atomic swap protocol

The repository is structured as a library and a single test function that executes the swap. The library has the following modules:

  • alice: Defines the state machine that describes the swap for Alice. This includes the messages sent to/from Alice.
  • bob: Defines the state machine that describes the swap for Bob. This includes the messages sent to/from Bob.
  • bitcoin: Keys, signing functions, transactions etc. for Bitcoin. Also includes a test wallet (see below).
  • monero: Keys, signing functions, transactions etc. for Monero. Also includes a test wallet (see below).

Currently we have a single test function that proves the following:

  • Interaction with both block chains and their respective wallets works.
  • The messages required are correct and can manually drive the state transitions to execute a swap.
  • It is possible to interact with, and watch, the monero blockchain using monero-wallet-rpc.
  • It is possible to watch a bitcoind instance using bitcoin-harness (we already knew this :)

Currently we do not do:

  • Actual network communication.
  • Verification that the UI is acceptable. Since we do everything in a single test function there is no user interaction, this is unrealistic for a real product.

Testing

We wrote a few additional libraries to facilitate testing:

Wallets

  • bitcoin module contains a test wallet by way of bitcoind.
  • monero: module contains a test wallet by way of monero-wallet-rpc.

Blockchain harnesses

We have written two harnesses for interacting with bitcoin and monero.

These harnesses wrap interaction with bitcoind and monerod/monero-wallet-rpc.

We use testcontainers-rs to spin up bitcoind, monerod, and monero-wallet-rpc in docker containers during unit/integration testing.