Roughly describe the new deposit NFT mechanism

The state diagrams, and fee and redemption documentation need to be updated to reflect this change. Refs #293.
keep-network · Sep 22, 2019 · c6e1f6b · c6e1f6b
1 parent a44eee5
commit c6e1f6b
Show file tree

Hide file tree

Showing 3 changed files with 92 additions and 15 deletions.
diff --git a/docs/deposits/index.adoc b/docs/deposits/index.adoc
@@ -60,7 +60,7 @@ key generation protocol that results in a public ECDSA key for the group, which
 is used to produce a wallet address that is then published to the host chain.
 This completes the signer selection phase.
 
-==== Bonding
+==== Signer bonding
 
 Before the selected members of a signing group can perform distributed key
 generation, they must agree to become members of the signing group by putting up
@@ -89,13 +89,13 @@ The distributed key generation protocol should result in three properties:
    signed version of a given transaction to be performed on behalf of the
    signing group.
 
-=== Proof of deposit
+== Making a deposit
 
 Once the tBTC system has a wallet address available for a given deposit request,
-the _depositor_ can issue a Bitcoin transaction sending BTC from a wallet they
-control to the wallet address for the signing group. Once the transaction has
-been sufficiently confirmed by the Bitcoin chain, the depositor has to issue a
-transaction to the host chain proving that the _Deposit_ has been funded.
+the _depositor_ can broadcast a Bitcoin transaction sending BTC from a wallet
+they control to the wallet address for the signing group. Once the transaction
+has been sufficiently confirmed by the Bitcoin chain, the depositor has to issue
+a transaction to the host chain proving that the _Deposit_ has been funded.
 
 The only link between the Bitcoin chain and the host chain is the tBTC system,
 which runs as a set of smart contracts on the host chain. As such, the Bitcoin
@@ -107,16 +107,16 @@ proof is not received within a given timeout window, the signing group will
 disband and the system will seize the bond's value, making it available to the
 signing group members to reclaim.
 
-To prove a deposit, the depositor submits proof the transaction has been
-confirmed and accumulated sufficient work on the Bitcoin chain. The proof is
-verified by an on-chain simple payment verification (SPV) contract on the host
-chain. A more complete discussion of cross-chain SPV systems and their security
-properties <<{root-prefix}/appendix/spv/index#,is included in the appendix>>.
-
 // TODO What is "sufficient"? Defined as a system property? Dynamic?
 
 === Light Relays
 
+To prove a deposit, the depositor submits proof the transaction has been
+confirmed and accumulated work on the Bitcoin chain. The proof is
+verified by an on-chain simple payment verification (SPV) contract on the host
+chain. A more complete overview of cross-chain SPV systems and their security
+properties <<{root-prefix}/appendix/spv/index#,is included in the appendix>>.
+
 Light relays are a new variant of on-chain SPV developed for tBTC. They seek to
 take advantage of the compact and efficient stateless SPV proofs while relaying
 enough information to provide each stateless proof with some recency guarantee.
@@ -150,8 +150,6 @@ SPV proofs when used as an additional validation step, as even entities with
 significant mining resources have a greatly reduced chance of creating fake
 proofs.
 
-include::./mispayment.adoc[leveloffset=+2]
-
 == Lots
 
 :lot-size: 1.0
@@ -165,4 +163,8 @@ requests and fund multiple deposits. This allows each deposit to be backed by
 a different signing group, both simplifying the bonding of signing groups and
 improving the resilience of the system to signing group failure.
 
+include::./mistakes.adoc[leveloffset=+2]
+
+include::./minting.adoc[leveloffset=+1]
+
 include::./economics.adoc[leveloffset=+1]
diff --git a/docs/deposits/minting.adoc b/docs/deposits/minting.adoc
@@ -0,0 +1,75 @@
+= Minting
+
+:signer-fee-withheld: 0.005 TBTC
+:additional-depositor-redemption-rebate: 0.001 TBTC
+
+Minting is split into two distinct phases to balance system security and user
+experience.
+
+After a deposit has been requested and a signing group formed, a depositor may
+submit proof of their funding transaction. This initial proof has no work
+accumulation requirement -- a single qualified confirmation on the Bitcoin
+network will suffice
+
+Minting and distributing a liquid, fungible token from a single confirmation,
+however, would open up the peg to short reorg attacks. For this reason, the
+fungible token's minting is delayed. Instead, the depositor is granted a
+non-fungible token that's unique to the deposit.
+
+// TODO third-party proof flow in the appendix
+
+== Non-fungible deposit token
+
+The non-fungible deposit token grants the exclusive right to redeem its matching
+deposit. The owner of the transferrable token can request redemption, and after
+paying any outstanding fees, be guaranteed the smae UTXO backing the deposit, or
+recompense from the signing group's bonded collateral in case of fraud.
+
+// TODO link to the redemption process
+
+Before a particular Bitcoin deposit accumulates confirmations, a depositor is
+free to transfer their NFT, trading it or perhaps using it as collateral
+elsewhere. Anyone receiving a deposit NFT should verify they are comfortable
+with the state of the matching deposit.
+
+// TODO can a deposit be challenged if its proof is re-orged?
+
+== Fungible TBTC and the nonfungible deposit beneficiary token
+
+// TODO be specific with the deposit timeout
+
+If a proof showing enough accumulated work is submitted before a timeout, the
+deposit NFT becomes eligible for minting fungible TBTC. Minting TBTC is optional
+-- depositors can stick with their NFTs, which will be valid for the lifetime of
+a maintained deposit.
+
+// TODO NB if a deposit is liquidated, the NFT can stick around and be backed by
+// the liquid token
+
+The holder of a qualified deposit NFT may exchange that NFT for 1 newly minted
+TBTC, less a requisite {signer-fee-withheld} signing fee.
+
+If the deposit NFT holder would like to maintain the exclusive right to redeem
+the deposit, ensuring they maintain future access to the backing UTXO, they can
+pay the signing fees immediately. Their right will be exclusive for the term of
+the deposit, excepting any liquidation event due to fraud or price movements.
+
+If the deposit NFT holder instead opts to waive their right to exclusive
+redemption, they receive 1 TBTC less the requisite {signer-fee-withheld} due to
+signers, and take on the role of "deposit beneficiary". The deposit beneficiary
+role is designated by a different non-fungible token, granting the right to a
+fee rebate when a particulate deposit is redeemed, plus an additional reward of
+{additional-depositor-redemption-rebate}, paid by the redeemer of the deposit.
+
+This mechanism rewards depositors who cede their exclusive right to redeem a
+particular deposit (and thus backing UTXO) by moving the cost of the system to
+eventual redeemers.
+
+// TODO update the signer fee section
+
+== Burning TBTC to lock an unlocked deposit
+
+At any time, an anyone-redeemable deposit can be locked by paying the
+outstanding TBTC represented by the depoist, plus the requisite
+{signer-fee-withheld} to signers and the additional depositor redemption rebate
+of {additional-deposit-redemption-rebate}.
diff --git a/docs/deposits/mispayment.adoc → docs/deposits/mistakes.adoc b/docs/deposits/mispayment.adoc → docs/deposits/mistakes.adoc
@@ -1,4 +1,4 @@
-= Mispayment
+= Mistakes making a deposit
 
 The system is designed to function with a predefined lot size for all _Deposits_
 which is given as a system parameter. **Depositors should send the exact lot