Why is auditcontract an offline Command?

Question

Why is auditcontract an offline Command?

jmozah opened this issue 6 years ago · 7 comments

According to the readme, after party A "Initiates" the swap, Party B audits the contract and the contract transaction.

What i understand is.. Party A will pass on the entire contract and the contract transaction to party B.
Party B checks the contract contents offline (i.e.) not consulting the block chain.

My question is : What if the party A gives a malicious contract and have a different one on the blockchain? How is this situation avoided?

Answer 1 · 2018-09-11T10:29:20.000Z

Lets say i run a full node and i want to audit the contents on the chain.

The "contract transaction" can be easily pulled from the chain using the gettransaction command.
This gives the value only.

But for other fields like recipients address, we need the contract contents.
Is there a way to get the "contract" contents from the chain?

Answer 2 · 2018-09-18T14:54:45.000Z

The contract has not hit the blockchain at the point it is audited. The contract appears in the redeeming transactions, not the contract payment (which pays to a hash of the contract script).

Answer 3 · 2018-09-20T13:34:47.000Z

understood that it is not in the chain yet. So how can one be sure that the "contract transaction" passed by party A to party B is valid?

Answer 4 · 2018-09-20T14:03:16.000Z

auditcontract is passed both the contract payment transaction and the contract itself, and the command verifies that the contract payment transaction pays to the contract script hash. It's the user's responsibility to ensure that the contract transaction is mined.

Answer 5 · 2018-09-20T14:19:50.000Z

ok. Party B has to make sure that the given "contract transaction" is mined, and then perform the audit.

Answer 6 · 2018-09-20T14:31:58.000Z

Both parties need to audit the other's contract.

Answer 7 · 2018-11-01T14:36:38.000Z

Closing due to age and I believe the question has been answered.