Combine BTX-lock and BTX-refund conditions

Question

Combine BTX-lock and BTX-refund conditions

Norfolks opened this issue 4 years ago · 1 comments

Great work.
Why is not possible to make one transaction script for three possible withdrawals?

Swap as expected
Bob refund by timelock
Alice takes bitcoins after time lock

Smth like?

OP_IF  
   OP_SHA256 <h_a> OP_VERIFY
   OP_SHA256 <h_s> OP_VERIFY
   <B_a> OP_CHECKSIG
OP_ELSE
   <t_0> OP_CHECK
   OP_SHA256 <h_b> OP_VERIFY
   <B_b> OP_CHECKSIG
OP_ElSE
   <t_1> OP_CHECK
   <B_a> OP_CHECKSIG
OP_ENDIF

Answer 1 · 2020-03-26T10:55:32.000Z

Because you introduce an race condition.

In that case Alice can wait on Bob to start a refund with path 2, when she sees <h_b> value she can try to complete the swap on the BTC side (path 1) with higher fees AND get the Monero back with <h_a> and <h_b>.

If she managed to do it, she gets BTC and XMR. (At that point Bob can also race, all values are revealed.)

To be safe Bob needs to:

Broadcast the Refund transaction,
Wait enough confirmations invalidating path 1, and
Complete the refund, reveling <h_b>

No race is possible in that scenario.