Escrow module #5249
dpc
started this conversation in
Fedimint Modules
Escrow module
#5249
Replies: 1 comment 1 reply
-
@m1sterc001guy has a detailed escrow proposal, and Open Source Justice Foundation would love to see running code implementing it! Is there anyone else who would be willing to work on a project like this? |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Status: Just an initial draft, starting point for discussion and design.
An escrow system is very useful for facilitating online exchange of goods over Internet.
The most basic overview is:
B
uyer wants to buy something fromS
eller online and pay with Bitcoin/ecash. SinceB
andS
can't trust each other, it's impossible to prevent fraud without introducing an intermediary of some kind, that should also be trust minimized as much as possible.That's where the
E
scrow comes into place. The role ofE
is to handle disputes betweenB
andS
. They intentionally should not have any power or even knowledge of the transaction until dispute is triggered, and can't act on the funds in ways that were not pre-agreed byB
andS
beforehand.A
andB
would need to agree onE
beforehand. PossiblyE
could consist of multiple entities, or just one person.Instead of paying directly
B
would deposit funds in an "escrow contract" involvingB
,S
,E
. Note that all parties are determined and locked in the contract upfront, thought possibly the identity ofE
, all even everyone could be blinded by using a preimage or some other crypto like that.On a happy path (goods delivered),
B
will just release the funds toS
, andE
is not involved, and possibly not even aware of the transaction. In case of a dispute, after certain time period passedB
orS
would be able to trigger an arbitration:E
would get involved, contact the parties, examine evidence, etc. and trigger one of: revert the funds toB
(S
fault, e.g. goods not delivered) , or send the funds toS
(B
s fault). For their effort they would substract a fee that they keep.E
scrow's identity should typically be persistent over time, to allow building reputation. However this can happen outside of Fedimint's consensus: advertising escrow services, building review system, etc.The escrow service should optionally support multiple
E
s with a threshold. Unclear how needed it is, but could be useful when dealing with low-trust environment.B
could pick own preferredE_b
,S
its own preferredE_s
and then some very_expensive and reputable neutralE
could be added to the mix to break the ties betweenE
s, etc. Or possibly 2E
s with a threshold 1 are used for redundancy and to speed up the process, etc. Again - unclear if needed or good idea. Typically 1E
would be good enough.On a happy path instead of one Fedimint tx (like re-minting notes from
B
byS
), there would be deposit txmint notes -> contract
byB
and thencontract + release-funds-hash + sig -> mint notes
byS
, whererelease-funds-hash
can be passed fromB
toS
out-of-band. So the overhead would be quite minimal. Though the exact design needs to be thought through end to end (end-user-app to end-user-app).Beta Was this translation helpful? Give feedback.
All reactions