Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How Bob gets his money in NTumbleBit #3

Open
osagga opened this issue Oct 3, 2017 · 2 comments
Open

How Bob gets his money in NTumbleBit #3

osagga opened this issue Oct 3, 2017 · 2 comments

Comments

@osagga
Copy link
Owner

osagga commented Oct 3, 2017

  • After Bob finishes the Promise Protocol here, he gets a puzzle that needs solving.

  • He passes the puzzle to the Solver protocol (Alice) here.

  • Alice runs the Solver protocol to get the solution for the puzzle here.

  • Now the Solver protocol can end in two ways:

    • If the Tumbler is cooperative (The Tumbler sends the solutions k_j For all j in R before it closes the channel):
      • Alice gets the solution keys from the Tumbler directly here
    • Else if Tumbler is not cooperative (Tumbler disconnects right after Alice posts the T_puzzle):
      • Alice gets the solution keys from the Blockchain (From the tumbler's fulfillment transaction with the pre-images) here

  • Alice runs "CheckSolutions(solutionKeys)" to find at least one working solution from the obtained keys here.

  • Bob takes the solution key from Alice and runs "GetSignedTransaction(solutionFromAlice)" (here).

    • This function takes the signature (solution) and applies it to the hash of the cashout transaction and returns a transaction that is ready to be posted on the blockchain.
    • This function works as follows (from here):
- puzzle = Unblind(blindedPuzzle)
- epsilon = solutionFromAlice
- for i in range(RealTransactionsCount): #Mu
  - h = RealTransactionsHashes[i]  # equivalent to h_t_i from paper
  - if (i == 0): quotient = 1, otherwise: quotient = QuotientValues[i-1] #From step 10 in the paper
  - epsilon = epsilon * quotient mod(N)
  - signature = MGF1(epsilon) XOR promiseOfPuzzle_i
  - if (ECDSASignature_Verify(TumblerKey, signature, h)): 
       - Add signature to transaction T_cash
       - Return T_cash 
  - else: continue

Now after Bob gets the signed transaction, he posts it to the Blockchain here and here (depending if tumbler is cooperative or not).
@goldbe
Copy link
Collaborator

goldbe commented Oct 3, 2017

Ok. Wow.

For the q version of the protocol we have a LOT more work to do, unfortunately. I wonder if maybe we should just build the cooperative version of the protocol during your internship and defer the noncooperative version for later.

@osagga
Copy link
Owner Author

osagga commented Oct 6, 2017

@goldbe
Hopefully we can finish this in time. I think we will have to start by designing a Q version of the Solver protocol. Then maybe decide how would Bob spend the puzzles. What do you think?

@osagga osagga mentioned this issue Mar 15, 2018
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@goldbe @osagga