Today on the show, we have Charlie Lee from Litecoin, weve got my cohost Austin Williams and Dave Collins whos the lead developer of Decred. Welcome to the show guys. Thanks for coming on. And today on the show were gonna be talking about Atomic swaps and the big news that we had this past week: Litecoin and Decred had the first Atomic swap ever.
I think between the two chains. So weve also got next, tomorrow we actually have another Decred Assembly Show. Were gonna be meeting with Pamela Morgan to discuss estate planning. Were also going to be talking about dowse which is going to be a really fun episode so feel free to jump on and join the show if you can.
More updates, we have a new vote coming up right now actually. So if you can upgrade your nodes And, right now were voting to actually implement all the work that Dave C did on lightning network and maybe he can talk some more about that during the show today. And, last but not least, anything we talked about in the show, is not investment advice. So consult your financial consultants and Yeah, so welcome to the show. Hows it going Charlie?
Good, doing well. And hows it going Dave? Great, thanks for having me.
And just to give you guys a heads up. Austin is, hes in San Francisco right now. At like a, I dont know, Coworking Space Sharing Wifi with a bunch of people.
So hes not gonna be showing, you know. But hopefully, its audio. Yeah, I have terrible internet right now. So no worries.
And Im actually going to try to pass this off to Austin to kick us off on the on the shore. Actually, well ice for everybody knew thats not familiar with Decred. I was hoping that Dave could actually do a quick introduction, maybe Charlie could jump into to explain kind of what Decred is. Sure, so really the, I would Say the fundamental principle of Decred is that we really focused a lot on governance. Thats kind of our core proposition at the current time.
And the idea there is, that we want the stakeholders, the people who actually hold the currency, to be the one who makes the decisions. As opposed to, just the ProofofWork miners . And, most ProofofWork coins, Im sure as everybody is aware, it really its kind of the miners and the developers who make all the decisions. Then but in Decred the way that It works is that the stakeholders actually have all the power through our hybrid system.
And through that mechanism, whenever the developers for example, implement a new feature such as the one that Tyler mentioned that were voting on right now. Its the stakeholders who actually make the ultimate decision as to whether or not that particular implementation is accepted and activated on the network versus a centralized group of developers. There are several other features that I think make it exciting.
But, Thats probably the most important one the sort of get us kicked off here. Yeah, and you talk like maybe roughly or even Charlie talked about how the process of the staking aspect and that hybrid system works. You know, short detail either one.
Okay, do you want to Charlie since I already spoke? Nope, okay! Okay.
Well, the general process is that whenever a new block is produced, it has to have votes from the stakeholders on the previous block that says whether or not that was valid. And, you can kind of think of it in a way that you have sort of a second factor authentication layer, where some of the voters that are or the excuse me, the system is designed such that people buy tickets. These tickets are selected at random, and then those ones that are selected are the ones that actually vote on the validity of the previous block. And through this mechanism it allows this the stakeholders to approve or invalidate the previous block and Ill be the general principle of it.
I can go into more details if you want. But trying to keep it pretty highlevel. There, yeah! sure.
Well, thank you for the introduction to Decred Dave, and So yeah, I guess Austin Ill pass this one off to you, and maybe start us off with one of our first questions regarding the Atomic swaps. Definitely. So Charlie, can you hear me? Yes.
Oh good, excellent! Do you mind giving the explanation for the uninitiated, what is a Cross Chain Atomic Swaps? Sure.
Cross Chain Atomic Swaps, basically means that youre swapping two coins on two different chains. So, in this example, were using Litecoin and Decred. So one person wants to buy Decred with Litecoin that he has, and one person wants to buy Litecoin with the Decred.
Yes, and they agree on a price and now the question is how to do it in a safe way where neither party can defraud or scam the other person. And previously there wasnt a way, and the only way to do it is to have a trusted third party. Maybe create an escrow contract and send the money to the third party and then have the person probably decide when to give the money to the respective parties.
So, then you have to trust a third person. What Atomic Swap allows you to do is to forfeit it to people atomically, by atomically meaning that it happens or it doesnt. So the money, the coins, either change hands or they dont. And when they change hands, one person send secret to the second party, and the second priority since like going to the first person So, thats what It means by an Atomic Cross Chain Atomic Swaps. Thats excellent! and we can, you can separate I think the methods by which we do this in the two very rough categories: and one is like OnChain Atomic Swaps, and weve also heard a lot about Atomic Swaps over Lightning or any later there to Network.
Can you talk about the differences? Yeah, so OnChain Atomic swap means that youre just creating transactions on the chain. So, specifically for what were doing, what weve been doing this past couple weeks is, one person creates a transaction to a contract OnChain too, and then the second person also creates a Contract sent coins to a contract OnChain on the second chain. And then once that everything is confirmed, then they can pull money from those two contracts. So, OnChain Atomic Swaps requires four transactions.
And It takes time for the transactions to get mined and blockchained depending on the speed of the coin that youre swapping. And you obviously have to pay OnChain fees. So, if youre swapping Bitcoin, you step to wait ten minutes for the first transaction and ten minutes for the Second transaction or at Least Ten Minutes. Right, so it could take longer for your transactions to mine. And then you have to pay like the fees depending on what those are for.
The other possibility is an OffChain Atomic Swap. And This is something like using Lighting the earths that weve previously talked about. Where both parties are running Lighting Network nodes on both Chains. And actually, Yeah, theyre really like narrow nodes on both chains and then you have Lighting Network nodes that expose an exchange rate. So, you can go through with their party Lighting there were nodes to exchange your Decred to Litecoin or viceversa.
And This can be the beauty of OnChain or sorry the beauty of Lighting there were Atomic Swaps is. It can be instantaneous, it can be done instantly. You dont do it for transaction confirmation and potentially could have lower fees.
Thats awesome ! And so, theres now a lot of talk about Cross Chain Atomic Swaps happening lately, especially on the twitters all of us about it. And so what was the first of the most recent ones that happened? Was it between It was between Decred and Litecoin, right? Yeah, so Decred, the Decred team done the tools to make it very easy to do an Atomic swap between two chains, and Were testing it Out on your credit. And like, I Mean That and that was the first thing that I did using.
Oh! tools So its a tape. You want to talk a little bit about those tools, like what makes it possible for this to Work? What did What do the the two for what do to Cryptocurrencies have to have in order to be able to perform Atomic swaps with one another? How does the process work?
Okay, so there are basically three main things that the both chains have to have. The first one, is some method of conditional execution And Ill go into some specifics here in a minute but basically, the reason is that you, the way that these things Work, is that you have to make a decision based upon time and whether or not the person actually fulfilled their into the contract. So first, is the brand the branch or conditional execution. The second main thing that you need to have is some way to lock Up the funds for some period of time.
For example, the check lock time verify or check sequence verify, those are the the most common ones. And among the bit among Bitcoin and similar Cryptocurrencies. But it really doesnt have to be those, its just some mechanism to actually time lock the point. And then the third one Is a shared hash function. And technically, and I think will probably go on about this a little bit or talk a little bit about it later on the show.
Technically, it doesnt have to be a shared hash function, you basically have to have some way for both sides to prove that revealing the secret will allow the other one to spend. The way that is currently implemented in our tools that weve done is that its using a hash function. And as a Result, you need that shared hash function. So to recap, you need branched execution or conditional execution you need some way to time lock the coins and a shared hash function. Those are the primary things, and I guess there is one other one.
Its Kind of obvious I guess, but you need some way to verify signatures, because otherwise anybody take the coins but pretty much any Cryptocurrency that deals with sending points one person another, must already have that. So its Kind of move to maintain it so It doesnt have to have Okay, sorry. Go ahead.
Im going, oh! Its gonna say. So, if you have two that the same signature scheme or it doesnt matter as long as there is some No, so thats actually one of the really I think clever trick, clever things about the trick is the fact that it doesnt matter what the signature algorithm is, what addressing scheme youre using.
Everything could be different, you Know. This is probably something else I should mention Ive seen it mentioned a lot of times. You dont need Segwit for this to work. You dont need Lightning Network for it to work with the onchained variant. So those three things that I mentioned are the only things that you actually need.
Do you need malleability fix or all this work OnChain its malleability like Bitcoin cash. Isnt it? It will work OnChains that still have malleability. Now you might have to actually recreate the transaction, because, the reference transaction ID will have changed out from under you, but you dont lose the funds in it. And it can still Work just like you can still deal with malleability on OnChain if have it without with a normal transaction you can deal With other the same method and then just to preempt some confusion that some people may have When you say that both chains have to support the same hash function, youre not referring to the proofofWork Hash functions?
They then, they may or may not use. Right? Correct. Its a shared Hash function within the terms of the contract. So, as a perfect case in point here, you know, Decred uses like 256 and Litecoin uses S Crypt.
So, theyre completely different and were still able to pull it off because we have a shared hash function that we actually use. I would Write within this within the scripting language of Yes. So, Thats a, thats interesting so you would, have you looked at what pairs of coins are compatible?
Like, like currently existing with currently existing coins the way they do now Do you know which coins we can we can perform these sorts of Swaps with already? Like right now today? Ill go over them. I think Charlie might have some ideas too.
Pretty much every Bitcoin derived coin will support these, because they all use the same scripting language. They pretty much have the same Opcodes available. Or they can be added relatively easy. The only one so far or the main one that I that Ive researched that is not easily doable is Monero.
And thats because they dont have the three things that I mentioned. A different scheme. Its not that its impossible to do an Atomics walk with Monero, it is possible but using the specific technique and the structure that we have use for these in this particular instance that wont work with Monero.
Theres another thing as you need you need a time locking, right, so you need a Check Sequence Verified Check long time Verified. So, a lot of coins have not added those via soft works. So, you wont be able to do if those So Charlie, what this is this method that were that the two of you are using now? Are there other methods? Ive heard of, Im not sure the differences between these two a sort of x cat recently on twitter and I think thats what the if Im not mistaken the ZCash team was was using for crossing.
Ive heard of Barter Decks and a handful of others. Are they all fundamentally the same method? or, are there are there different approaches to performing these Swaps? I dont know the details about the specific other methods they are using, I would assume theyre very similar data. Right, so in the case of x cat I have not looked direct in the barter deck so i cant comment on that one, but I do Know that x cat is using the the same structure, yes. Its a and I think its worth pointing out here too, is that this structure has actually been around for quite some time.
I think Thats first mention was sometime in 2012. So, its not a case of This is brand new so much is the fact that we built the tools out to actually implement the idea and make it easy and make it work. Right, so we, you know we did all The testing we built everything we designed the script and the contracts and worked with Charlie and others to make it a reality.
The idea has been around for quite some time, then how long is this, how long has this been in the works Dave? When we first started on I think it was about two weeks when we decided we were gonna do it. Hmm! Nice, great!
Thanks for the great start. Are there any plans for Rod for a like a gui version For the people who are afraid of the command line? Yeah, so we plan to integrate the Decred side of things into our wallet Decrediton. And thats gonna happen in the future. I know that Charlie probably wants to speak on this a little bit too, because there is another approach that I think that in the long run Will probably be better, and and that will be having a probably a separate program or a separate gui, that everybody can Kind Of integrate into and it sort of would work a multi CrossChain Fashion as opposed to having to download specific coins Wallet.
But I think Charlie will probably talk on that, because he mentioned me Oh! Yeah! so, Um Well I guess you can always have all the coins, like a Thomas well capabilities. But the easiest way to do this is to have a way for for the commandline tool that you guys built.
So Just a way that makes it easy for someone to the you I would talk to the two different, the two separate nodes and Help do The t swap Yeah! Alright, so the idea Would like a Im gonna say the idea there would be that you know if you have a basically you can make an API, and if you have an API that everybody conforms to, or that everybody speaks, then you could have that single tool that Charlie talked about, and everybody can just integrate into that. Yeah, thats great! and then you could submit. So the most basic version of the gui would just allow you to perform the Swaps at whatever exchange rate is agreed upon by the two parties.
Are there other, you have any aspirations to handle the automated order booking and matching and stuff like that like a fullblown and distributing exchange or you Just focusing specifically on the crush strain Atomic Swap functionality for now? Currently, were Just focusing on the OnChain Swap, the primitives to get the ball rolling. Effectively, order booking and order matching and all the order book that is quite a different beast I mean on you need some method to basically do some OffChain communication and several other things, and also probably a good time to go into it. You Know the difference, you mentioned it I believe early on the show, the difference between OffChain or Charlie did, excuse me, between OffChain and OnChain Swaps. And so to be clear OnChain Swaps are really much better suited to large OTC trades, and the reason is as Charlie eloquently stated earlier in the show, you have the transactions that are OnChain and you have to wait for those confirmations to go through.
If you in one conformation is enough for you it might only be say 10 minutes in Bitcoin for example. But most the time you want to wait for multiple confirmations specifically if youre dealing with say millions of dollars, you dont want to do it with a single confirmation. So you might be waiting up to an hour or longer to get enough confirmations on one side of the Chain and then you have the iron fees as well. So, in order for a real distributed exchange to come to pass This is my personal opinion, is that it really needs to have the you know use Lightning Network or some other type of OffChain mechanisms layer 2 mechanism. And the reason for that is need them to be instant you need the fees to be lower.
Im pretty sure most traders would shake their head yes when I say that. They like things to happen nearly instantly and very quickly, because It makes a big difference in terms of how quickly the rate changes. So you really in my mind the OnChain Swaps are extremely useful. But to be clear, theyre not really well suited for distributive exchanges, and my opinion MmHmm Yes.
Do you think that if you had a yet a gui easytouse people could match prices however they see fit, whether its just bargaining over twitter or whether its through some sort of decentralized automated booking thing? So, if it were purely on train, OnChain with no layer to functionality, do you think theyd be able to compete? you think that Would be able to compete with current centralized markets? Or do You think it Would require like L2 level efficiency in order to compete with Go Charlie.
Yeah, definitely is gonna require the OffChain solution, where its, isnt and to do order books otherwise Otherwise its not gonna be a very efficient exchange, its not gonna be very user friendly. So I mean like Dave said its good for large OTC trades. So if youre on Slack or RC and you want to do a trade with someone that youve never met before, this is a perf we do it. Yeah, and other than that like if you want to compete with like the exchanges like GDAX or Miss them, then you really need a different Kind of solution more like instantaneous OffChain a cross Atomic Swaps.
And I had a quick question regarding these OnChain Atomic swaps, so I know we talked about ZCASH a little bit earlier when we talked about Monero and the difficulty of that. But, what happens when you introduce a privacy centric coin into the mix and you start swapping like maybe I swapped a ZCash and then ZCash back assuming that ZCash is you know encrypted and anonymous? How does that lend to you know, making my transactions back to Bitcoin or whatever more anonymous or you know introducing more fungibility? Anybody?
So right. So, thats actually a good point mit is something that can be done if you have one coin that offers some type of fungibility, some type of private. The privacy enhancements over another coin you could Atomic Swap over that coin, you could send your coins through a few transactions on the other chain to allow that chain to work its privacy magic on it and then You could Atomic swap back. And that would be a good way to basically remove the link. However your start gonna have some provenance that You have to deal with, and there are a lot of other caveats there.
I mean if you for example, if you Cross Change Swap x coins and then two days later Thats the same amount of coins again. So, there are a lot of caveats and things that you would have to take into account, but it is a potential solution If you have a coin that doesnt have any type of privacy and to gain. You certainly could use it with again with caveats you have to.
But in Andy, I think ZCash is Kind of faced with this predicament constantly, because they Kind of have two separate transactions. They have private transactions and not and transparent transactions. And I think people that you know are trying to add more privacy. If they go through a transparent address, they have to be careful about how much amounts theyre transferring back and forth between Z addresses and T addresses. So, yeah.
That I think thats a really good point to make. Yeah. Austin is hired. Its all its very difficult to achieve like fullblown a minute just from the inherent properties of the Blockchain itself. Theres always these external factors, like are you getting cookies dropped on your web browser while youre purchasing?
Are you Are you making a very specific unique amount disappear and the same amount reappear later? Theres like, theres a, its a little, theres a lot to it. As far as Atomic Swaps press chains go on it, lets just briefly ignore privacy centric coins and just. And, are there any privacy concerns inherent in the swapping itself? Ive heard for example that if Cross Chain Atomic Swap between Decred and Litecoin so that will reveal I do a two passive observers of both chains, that both which wallets are mined on both chains.
Is that the case? Yeah. Well, you will just reveal to the other party which wallets are yours. Right?
And if someone is actually spying on both chains, they will see that the two transactions or four transactions are linked together. But they wouldnt Know whos trading the feu. So, it didnt its sure has normal Bitcoin like liquid transactions. Right?
Okay, so its a pseudonymous lien. It is a linkable but in a pseudonym at a certain level. Okay, right. I think another important factor to mention here when were talking about this link ability is is that you almost dont say You have to know but would make a big difference if you know that it certainly Swap is actually happening between two Chains. I mean right now, if you only have three or four chains it may not be that hard.
But if you know this gets much larger, and all of a sudden You have 200 different coins and everybodys swapping between all. You know you cant, you have to monitor all of those chains in order to figure out which particular Swap pair happened. So it gets increasingly more difficult when you throw more coins into the mix. But that is true, they are linkable as Charlie mentioned.
And so, theyre linkable via Linkable if Im not mistaken I dont fully understand the entire privacy picture, but in part believable because the same preimage is being used on both chains. Right? Correct. So I maybe itll help if I explain the general heart of that trick that happens in these. So the idea is that when the first party sends the coins into a smart contract and that Contract essentially says two things.
Its on the first case that says in order to spin these coins I have to reveal a secret. And that were just talking about a really large number here, but right some piece of information I have to reveal that piece of information and I have to provide a valid signature. Theres the other case of redemption, but Ill be better for this point.
Because its and this signature is basically the proof that the secret that youre providing works or whatever. Right, no? So the signature is this, is the whenever you normally send coins from one party to another party, you send it to their public address or their you know you guys know you have a general like Ill address or a dea address, whatever Chain youre working on. So, when you send it to that Address in order for you to redeem those coins or spend those coins you have to have provide or prove that you have the valid key by signing it.
So, what were talking about here, is those two pieces of information you have the secret you require the secret and you require that signature because that way you If when once the secret is revealed if you didnt require that signature as well anybody could just take the coins. So, youre sending the the coins from party A to party B with the two caveats that one they have to you have to know the secret to spend, and you have to own the address you have to be the owner of that address. So once that happens on the other chain, so lets say for example, so like lets say Charlie and I were doing a Litecoin to Decre swap here. So, Charlie might initiate this by sending creating One of these Litecoin contracts that send the money to one of my Litecoin addresses.
And in order for me to redeem it though, I need the secret and my private key on the Litecoin Chain. Now on the other side of it, I create a contract as well on the Decred Chain that sends Decred to Charlies Decred adress. Along, with also requiring that exact same secret. Now I dont know what that secret is yet, and this is where the hash function the blinding comes in and Ill explain that a little bit.
But the Kind of the principle is that so when Charlie first creates the contract he chooses some secret. So he knows a secret i dont know the secret But he hashes it and he puts that hash into the contract. And so, now When I create the contract I also require that whatever secret piece of information this is provided it hashes to the exact same value, and there and then now that both chains require that same those hashes to match, they both require that same secret. So once that is done, we both audit each others contracts and say yep, you Know youre sending the agreed upon amount of coins to my address the hashes match.
These all look good. Then the, then what happens is because Charlie Knows the secret, Charlie goes ahead and redeems his Litecoin there, and by doing that, he has to reveal that secret because it was one of the required pieces of information. the very act of doing that, now the whole world can see what that original secret was. Which means that I can then take that secret and redeem the transaction that was created on Decred team.
So thats nice, thats Kind of the principle of how that works. So, if that makes sense, the reason that that it provides the link is because the hash of that secret is the exact same back and its a unique value. Its a 200 to 256 value about from anywhere between one to three hundred fifty six. So its a very unique value.
So you know the chances of you having the same value in two contracts that arent involved in the same swap, or you know the universal die before you have before that happens. Or the quantum computers take over. So given that this has been talked about since somewhere at least mid2012 perhaps. Im wondering why its not really coming to the fore until now? and I suspect but it has something to do with the availability of Chef Locked on Verify and Check Sequence Verify, and Im wondering what role do those play?
And Whats difficult about doing CrossChain Atomic Swaps if we dont have those things? You want to take that one Charlie? Yeah, so We thought the way to find a way to lock coins so that you cant be, so that it cant be spent. Then you can have the Way we Would using it right now is to lock up a refund transaction. Right, so right now The reason why you need refund transaction is if the trade doesnt happen, both parties should be able to get their money back.
We thought. So the reefing transactions are locked for like 48 hours Or 24 hours after the contract is created so that they cant be used until after the contract is expired. Dave, do you want to add more to that?
Sure. So um, they Kind of a one of the potential problems if you youre following the process that I Just described there. One of the issues you have to think about is like well okay, what if Charlie never revealed that secret. So if he were to never reveal that secret, both of us would have our funds locked up into these contracts, that neither one of you Know there, that we couldnt spend. Right, because he never, well he could spend one of them but I can never Kick, I can never redeem it because he never revealed the secret.
So you can think of that as defaulting on the contract. Right, so because one party didnt live up to their end of the bargain then the swap doesnt happen. But the problem then is that if you didnt have a way to redeem to get those funds back, you wouldnt necessarily have been defrauded in the sense that like you know Charlie wouldnt get the funds. But I still would have lost my funds with no way to get them back.
So the principle of using these, the lock time or check lock time verify or Check requires method of the time out, it says that after a certain period of time I can redeem this transaction regardless of I dont have to know the secret I just to know the private key. But only after you Know this period of time. Gotcha. And then so, and lets say you want to redeem it now like thered like once its in the contract, you basically have to wait.
Theres no way to like revoke and get the funds back? Right? Correct, you have to have the Secret to protect out, or wait for the expiration to revoke without, see. Gotcha. And So I think this probably segues into a good topic Dave, with all the work that you probably just did.
So, what does check sequence verify? Okay, the primary differences between, weve both mentioned, Check lock time verify and Check sequence Verify multiple times. Realistically the primary differences that Check lock time verify deals with absolute times So it would say for example, that you know if this contract has not been executed by tomorrow at UTC Then thats the point at which you can redeem.
What Check Sequence Verify does though as it deals with relative lock times, so in other words that from the moment that this gets funded The x amount of time can pass so say 12 hours for example, between absolute lock times and relative lock times. And the reason thats Kind of important, that distinction is that for these regular type of OnChain Swaps, that were dealing with now, it doesnt make much Of a difference. Because The time t correlation is pretty close.
Right, you Know weve both agreed were both going to make the swap, were probably gonna do it within an hour or two of each other. If having an absolute lock time isnt that big of a deal. However, when you start to talk about Lightning Network and offChain, it really makes a big difference now. Because if You can think of it this Way, I probably should talk a little bit about this so it makes sense. But in the OffChain world, you dont actually send the transactions to the OnChain until a certain point into the future.
So what is really Kind of going on in the mean time, is that all of these transactions are being sent back and forth to each other OffChain. But theyre all valid transactions, and at any point though they can be sent and brought or broadcast out to the network in order to do Whats called closing the channel, or effectively to ratify it. So, the problem there if you can imagine it, is that in the OffChain world, because those transactions are created and not sent to the real Chain for potentially, you know months, weeks, whenever. Then having an absolute lock time really kind of is not efficient, because of the fact that as youre approaching that lock time you would have to send a nutrient or create a whole new contract and create a whole new transaction to avoid the other party being able to provoke those funds before they should be.
With the, with the relative one though its great, because until that transaction is actually sent to OnChain, its actually put into the hock chain, that timer doesnt start because its relative and thats why theyre much better or really a lot more efficient When you start talking about OffChain Atomic swaps. Gotcha, so maybe you could talk a little bit about, or About the Work that You did, because like Id mentioned in the beginning of the show we Actually have a vote right now on the Decred Network. So again, everybody upgrade your nodes that goes for the mining pools and staking pools too. But were actually voting to integrate I think Check sequence by. Is there any other Additional work you had to do?
Make Lightning Network enabled on Decred? The primary one was the check sequence verify, but were also having a vote on Sha256 and that is pretty much what it sounds like. Remember earlier, we talked about having these shared hash functions. Well because Decred is based on Blake and we actually replaced that Op code with a blake Up code, so we didnt have the shot 256 Op code anymore, and the kind of the expectation is that were able to do these OnChain Swaps by using a different shared hash algorithm that we happen to share. Its actually the called ripen Md 160.
But kind of in the future, the idea and pretty much everybody has Kind of agreed that Sha 256 is Kind of gonna be the standard between the Cross Chain Swaps. So that you know, every chain that implements Sha 256 will be able to participate in these swaps. And so, thats why were having that vote, to be able to implement the Sha 256 Out code, so in the future we can continue to work on different chains.
Exceeds verify like I mentioned, or those relative lock times and thats really not just for Atomic swaps but they, theyre really kind of required for Lightning Network. For essentially the same reason. Its not directly for The Atomic swaps but it all has to do with the fact that you need to be able to have timeouts in a relative fashion, such that they dont start, the time doesnt start to take Until the transaction actually gets broadcast to OnChain. Gotcha, and so and then with Lightning Network like still whatever coin wants to do these Cross Chain Atomic Swaps is going to, like he said, going to need these Shared Hash Functions. So, right.
Yeah! Gotcha, thats awesome! Yeah Austin, I think Austin had to step away, but Im sure hes What about, are there, are there any odd race conditions we need to be aware of? Like if I Can I steal your money for example, if were in the middle of a Cross Chain Swaps?
I think I keep you off line somehow to do those attacks, or I just you know, close it or something? Or is that not an issue because of Check longtime verify? Its yours Charlie. I can answer, but I spoke for a while.
So you know with the, with the lock time basically, its staggered where the first contract. I mean, you can you can decide how to, how long before you can do the redeem right. Its a matter of security versus like convenience. Right, so the first contract I think the Decred tool is set to 48 hours for two days.
And the second contract is set for 24 hours. So after After, you The party A takes his coins, Party B has about that at least 12 hours to take his coins. I believe Decred is dismissive about it. So Yeah, additional 24 hours.
Here so you do set if you have some time to make sure that you get your coins also. But if you forget to take your side of the coins then its up for grabs. So, I simply send a risk.
But its Yeah Yeah definitely So thats a yes. Youd have to keep me offline for well in the Example you gave. Youd have to keep me offline for 12 hours in order to steal my coins.
Yeah, quite a task, yeah. If you can convince all The miners to not mine your transaction. Its definitely, theres definitely an attack vector. Right, like anything else There. Sure.
And what are the attack vectors when you implement Lightning Network on top of this? Is it, is it so then the risk only becomes when you broadcast the transaction to the network? Isnt that where the Lightning Network has its own like a tack surface. I dont know the full details probably or if a full broaodcast on this too. So theres, if like, if the the transaction, if the Network is jammed and theres not a lot of block space, then potentially theres a tech right there where you can prevent someone from closing their channel and then you can steal the funds.
I dont know how how big of a tech surface that is, but thats probably more for the night lightning there were teams to you to explain Yeah, maybe Dave might have some insight on that. Yeah, its like Charlie said thats probably an entire show. But I think the you know basically what Charlie said is certainly the case, that you know the the real I guess major sort of or the biggest attack vector, the most obvious attack vector, is that if you can prevent the transaction from being broadcast to the network then you know it will never do. However, I do want to point out that like if youre this is another reason were that, those relative lock times that Check Sequence verify Is so important.
It is because It is a much bigger problem if youre dealing with an absolute lock time. So, if you have an absolute lock time that says that you Know this thing can be redeemed by the original party by tomorrow at noon and if I can prevent your transaction from being broadcast until that point, then I can steal the funds. However, if youre using the relative lock times When Check Sequence Verify it doesnt matter how long you delay the transaction. You can just annoy me because eventually its going to go, and once it actually gets OnChain from that point it actually gets mined, I then have the 24 hours. So that actually really kind of solves this away solves, but it really mitigates that particular attack back it Yeah, thats fantastic.
And I actually had you know theres obviously a lot of debate in Bitcoin especially With integrating Lightning Network. Because a lot of people think, hey! this is you know the scaling solution here. I was wearing one of your thoughts are because If youre doing a lot of Lightning transactions and youre not just actually using the Lightning Network you can actually generate a lot more transactions on train.
Because youre, if youre opening a channel to participate and then youre closing a Channel to you Know transfer funds. So I mean, until we have like everybody on Lightning Network Or some form of Lightning, or I mean, this could just essentially lead itself to being more of a scaling issue. Do you guys, Are you guys thinking about that?
Maybe Charlie? Talk about. Whats the, whats the concern again?
Trigger. So, Youre opening a channel and youre closing a channel and that requires two transactions. You know, like, lets say Im just participating in the Lightning Network for a little bit, and then Im closing my channel so i had to create two transactions to. but you wouldnt need to close your channels. Right, so to participate with the lane there where you have to have a payment channel open with one party thats part of Lightening Network.
Once youre connected to allKnower Alright, so you open the transaction, you open a Channel and I believe you can have that channel open indefinitely. So, you basically put however if much Money you want in that Channel that you want to spend and receive right for for small transactions. And you can keep using that Channel, you dont need to close it. Its kind of just like account open its like a Checkin cut you put them in there and you can use a Debit Card to buy stuff.
Sure. And I guess my point was Lets say the person I need to send the money to now I have all my Money on Lightning Network I mean, you know like Maybe new people getting into Bitcoin. They just have like 20 bucks or whatever they put on a Lightning Network, and now they need to you Know give so many funds whos not online a Network.
Obviously the Smarter thing to do, would be like aim in joining the Lightning Network and basically be free. But you know, lets just assume maybe theyre a merchant or somebody like that, that hasnt integrated. This is where I could see the concern of OnChain transactions Kind of increasing if this were to happen more than the not. But, I dont know.
Yeah, I guess we wont really know until people start using it. Right? Yeah, yeah. This is all theoretical because this is, this has never existed.
So, And, will there be more than one Lightning Network or will it just kind of be a ubiquitous thing? But, yeah Thats probably more of a political question as opposed to a technical. And I think, So one thing I did one and were talking about the opening and closing of Channels.
Personally I mean it of course, thats one of those thought experiments, right, where you can say like oh! but this could happen. But if We look at it realistically, Lets look at it like well, why would you ? if I wanted to send a Lightning Network transaction, right, why would I want to do that. Well I probably want to do it because I want low fees and instant transactions. Thats my goal. Well, if I dont already have a Channel open, I cant do that.
I have to wait for the channel to be open. Which means I have to wait for the Onchain transaction to go through. And then if I want to close the Channel, guess what? I have to wait for that to happen too. So I went from wanting to do something instantly and cheaply to doing something that takes twice as long as just a regular OnChain transaction would have been, and paid twice as much for it.
So, you Know youre disincentivize from doing that. Like, so is it a possibility? Sure. What would happen?
I highly doubt it. Because it, just you know, it doesnt make sense what user is purpose theyre gonna pay twice as many funds or twice as many fees. Wait twice as long to stick it to the network I guess. I dont know, it doesnt make sense.
Right? But then so lets say we have two different like Lightening Wallets. Like we have you know, a A Lightning Wallet and B Lightning wallet, and for whatever reason they are not connected.
Like Which is multiple Bitcoin like one, like the Lightning Kings are have agreed were gonna say write protocol so thats interoperable. There are a few other teams that are Working on incompatible protocols. So, potentially they if those are both successful then you have multiple Lightning Networks That dont talk to each other, and I assume one of them Would win out with Bt network effects. Right.
But theres also going to be different Lightening Networks on different coins. Right? Like when will have its own Lightning Network Bitcoin has its own.
So theres gonna be multiple networks running. And ideally, they all talk to each other and be what to choose that committing them. Yeah, and I think Dave point daves point is valid and people with those concerns wont use it for the reason, all the reasons that you described. But I The ones who will, will be the people for whom the savings on the amortized cost of those small transactions are worthwhile.
And I think it really remains to be seen and its, thats part of the exciting part about this experiment is that we dont know how many people are gonna benefit from those memos amortized costs, Im using the Lightning Network and how many wont. So, its really an experiment to see like how much it takes off. Its its so the vast majority of Crypto users today are using online services like Coinbase or Sappal.
So, for those users if Coibase has like a light in there, we know that talks to the light Network. Then they can take advantage of all the benefits of Lightning Network without having to create their own OnChain transaction to the Network because theyre already OffChain. Yeah. Just bring it back All right.
Say thats probably point two is that I think its Kind of important to keep in mind here is that the construction of the Way that the Lightning Network works is that you dont have to directly communicate with the recipient. Right? You have a whole bunch of nodes in between there and this is all done in a safe method.
So as charlie mentioned, if you have large players like Coinbase, maybe later in the future, maybe you have Amazon you have these really big players. pretty much everybody has an Amazon account. So, if you have an Amazon account or you have a payment Channel open with Amazon and Amazon have one open say with coinbase and then the person that you want to transact with had one open with either Amazon or coinbase It will find a route and it will be able to actually complete that. So, a lot of the concerns that Ive read about that I think are kind of moot, because of the fact that you know that you are gonna have these centralized services that doesnt mean Lightning Network is going to be centralize Dont misread that. It just means that you are gonna have these large spokes, these large companies.
Its sort of inevitable you eat these large corporations, and if theyre participating in the Lightning Network It kind of solves the vast majority of those concerns. Because these hubs they can have as many Channels open as they want and then you can you Know you might be forced to actually route through them. Yeah, its very inches. Its very similar to the topology of the internet. It would be Very difficult to have two distinct separate internets.
All it takes is one link between them and then you have one internet again its The default. The topology is pretty robust. Yeah!
Correct. So Dave I wanted to, you know maybe you can touch on this. But, you Know, I know theres been a lot of talk about adding privacy via Lightning Network to coins. maybe you can you know briefly touch on some ways that you can actually add some more fungibility to a currency via Lightning Network, maybe. Well, sure. I wont go too much into detail here, but I think one of the sort of obvious things is that if you can prevent the transaction from ever making it OnChain then theres no crew.
I mean, if somebody is out there passively monitoring it, sure they might have seen it. But, you know the Thats kind of like one of the major benefits that you can get is that, I think, you can probably liken it to, there are some more advanced techniques that Ill go into a little bit, Im gonna go too much in detail but Kind of the idea is that if you have Think of it in terms of math, in the sense that if I have a plus B and then if I multiply that by two on one side or On both sides. Really then I dont change anything.
Right, you know its that you have this property. So, the way this works is in the math and the Cryptography you can actually do some tricks like this, where you dont actually change the end result by changing the terms. And by doing this you can sort of add a whole bunch of things together and subtract a whole bunch of things and do it on both sides of the equation, and the end result is provable that it came out to the same result, but you dont know what every individual term was.
I know thats a little bit high level and maybe slightly convoluted to follow but, they cuz I dont want to get too heavy into the math. But, thats kind of the principle that you can effectively do like a CutThrough, where you see the start state and you see the end state. Yeah!
But you cant prove what happened in between. Well, you can prove it and thats you kind of see what happened between. Exactly, and thats, and thats really the heart of the Nimble Wimbledon is raised cut through both in the transaction level and also at the entire block action level. Its brilliant, it really is. Yeah! and, so you know by basically if youre not tied to the, basically if youre not tied to the rules of any given Chain or whatever, youre open to do pretty much anything you want.
So I want to, if we cant bring it back to Atomic Swaps just for a minute, and I first of all just say thank you both for working on this. Its Its fantastic to see this stuff actually you realize and become real and not just be a shower thought in 2012. I appreciate that. Lets maybe just take a moment, like I, like to hear what your, for both of you, What your vision is?
Like this is the first step towards something and Im wondering what the something is? and in 10 years from now What has this move us closer to? Whats the ideal that Im doing? But the vision I have is that in like in 10 years from now, people will be using money, not carrying the underlying Network. Right, similar to how people use internet right now, and they dont care that how the packets get to them whether its tcp IP udp or any other protocol.
So, today like when Im using Bitcoin or Litecoin like were were like early adopter, so we know exactly whats going on. Like most of us know like what happens when you send Bitcoin transactions. Right, what, which, like how it gets validated? how it gets verified? and what happens with the whole network? So ten years from now, when people are using Bitcoin Litecoin Decred and you know cryptocurrencies, I think they just dont, they wouldnt Know, theyre just like swiping a card or doing something right putting Their thumb with something and paying. Something we just happen to background waiter, its like saying big boy way to speaker in converting to Litecoin Atomic swap using Atomic swap and or whatever, so it just happens.
So, Atomic Swap is kind of something that really makes everything that much more powerful by combining the different networks so that they can all interoperate. Right, so right now, like youre holding Ether to power some decentralized apps but in the future you dont have to. You can hold Bitcoin or Litecoin or whatever and it would just convert automatically to Ether when you need to use it The example I like to give is right now, you have a car but you dont have barrels of Gasoline in your house. In case your car runs out of gas, you go to a gas station and use your dollar to buy gas and put in your car when you need to.
Right, you dont have to speculate or just hold a large amount of something that you may need to use in the future. When you can easily convert between the different currencies or commodities or whatever you want to call them. So I think Atomic Swap just brings about the ability to get to the vision I envisioned. So more interoperability. Yeah! and Dave, uh?
Yeah, What were your thoughts on? I was gonna say I agree with charlie. I think getting that interoperability is key.
I think another part of it, I mean of course, thats kind of the end result is getting the interoperability but one of the things that Im most excited for about, it is the fact that Im pretty big on trust with systems, you know, we removing the intermediaries and removing the trusted third parties. And one of the really incredible things I think here, is the fact that these allow you to do something that you that is impossible to do with fiat. Theres really no Way that you can for example, change US Dollars in Euros without a trusted third party.
Intermediary, its just impossible. Whereas in the Crypto world, with especially with these OnChain and even later OffChain Swaps, that is really going to open the door for so many more things. The envision of course, is like Charlie said.
I think thats an excellent one and Id love to see that to pass too, but I think that primitive that allows you to do something that is completely impossible in the world of fiat is really powerful. Its awesome, yeah! awesome. Do you have any final thoughts on this, no thats it. I just want to say thanks again. Take it real.
Its you know, people have been been talking about, maybe building these tools. Its great! I hope you keep working on it, I know that I think its the ideal Collab has some Theres grant money somewhere So that the collab division of thats like their RampampD Division of ideo the top design firms in the US to help out in the cryptocurrency space I think it might be specifically related to Ui design our UX design. So if youre, if youre interested in some UX help possibly for free, I would encourage you to look towards them.
I know that theres a handful of groups taking them up on that. I hope to see more of this in the future, and again thank you both. This is really cool move forward. yeah!
Thank you, thank you so much for coming on the show guys, and thank you to all of our viewers out there for joining in on the show. Hopefully we gave you some cool tidbits and informations to scratch your heads on. So, Hey, all right everybody, say bye Charlie, say bye Dave.p