LiquiDEX v1: solving the rangeproof issue
TL;DR: Not sharing the value blinding factors prevents the Taker from replacing the rangeproof. We can replace the value blinding factors with value blind proofs and a scalar offset.
The post is structured as follow:
- Introduction
- Solving the rangeproof issue
- A working implementation
- Future Improvements
- Conclusions
- Acknowledgements
Introduction
LiquiDEX: 2-steps Atomic Swaps
LiquiDEX is a working protocol to perform 2-steps atomic swaps on Liquid. It requires a single interaction by the swap parties, which drastically improves the UX. It can be used as a building block for implementing more complex systems such as automated OTC desks, auctions or even a decentralized exchange (DEX). See the previous blog post for more details.
The rangeproof issue
With Confidential Transactions, the unblinded information is encrypted in one of the output fields, the rangeproof. When a transaction is received, this unblinded information is decrypted and use for spending. However such field is not covered by the transaction signature. Thus the Taker can replace its value and the Maker won’t be able to unblind the transaction.
In the previous blog post, this was solved by using deterministic blinders, and (ab)use the nonce commitment field to encrypt the amount and (part of) asset id. However this solution is quite complex and does not work with generic wallets (Elements Core or Green).
Solving the rangeproof issue
SIGHASH_RANGEPROOF
A possible solution could be to use SIGHASH_RANGEPROOF,
however it does not work in the LiquiDEX case.
When using SIGHASH_RANGEPROOF, the signature covers the rangeproof,
but it also covers the surjection proof.
The Maker however is not able to create the surjection proof for its output,
since there is no input yet with the same asset.
Another approach
The goal is to prevent the Taker from being able to generate a valid rangeproof for the Maker output.
The Taker must be able to parse and fund the transaction, so the input (and output) assets and values must be shared by the Maker.
The Taker must be able to generate the surjection proof for the Maker output, thus the output asset blinding factor (asset blinder, abf) must be shared too.
The Taker must be able to generate the surjection proofs for its outputs with the asset sent by the Taker, thus the input asset blinding factor must be shared as well.
So we need to replace the input and output value blinding factors (value/amount blinders, vbf) with something that allows the Taker to verify the value commitments and to blind the transaction.
To verify the value commitment we can use blind value proofs. A blind value proof is “An explicit value rangeproof that proves that the value commitment matches the explicit value”. Those are used in PSET.
To correctly blind a Confidential Transaction the last value blinding factor, unlike all the other blinding factor, is not choosen at random,
but so that inputs and outputs “sum up to 0”.
In other words the sum of the inputs scalar_offsets is equal to the sum of the outputs scalar_offsets,
where scalar_offset is defined as follow:
scalar_offset = abf * value + vbf (mod n)
The idea is that the Maker shares its scalar offset:
maker_scalar_offset = abf_o * value_o + vbf_o - (abf_i * value_i + vbf_i) (mod n)
There are some compromises though to avoid to inadvertently revealing the value blinding factor.
Trade-offs
The Maker input must not have been sent from a potential Taker.
Otherwise, the Taker knows vbf_i and can compute vbf_o from maker_scalar_offset.
Instead, vbf_i should have been chosen by the maker and kept secret,
this can be achieved by doing a send-to-self transaction
(which might also create a UTXO of the desired size).
Additionally, this implies that the Maker input should not stem from a LiquiDEX v0 swap.
If the Maker input is unblinded, then the Maker output must be unblinded; and if the Maker input is blinded, the Maker output must be blinded. Otherwise, the Taker knows one of the value blinding factors (which is 0), and can compute the other value blinding factor.
Finally when making multiple proposals with the same input,
it is crucial to draw a fresh vbf_o whenever abf_o or value_o change.
Otherwise, you have two distinct equations
maker_scalar_offset = abf_o * value_o + vbf_o - (abf_i * value_i + vbf_i) (mod n)
maker_scalar_offset' = abf_o' * value_o + vbf_o - (abf_i * value_i + vbf_i) (mod n)
with two unknowns, allowing the taker to compute vbf_o.
LiquiDEX v1
Let’s start from LiquiDEX v0 format to highlight differences and similarities:
{
"version": 0,
"tx": "...",
"inputs": [{
"asset": "...",
"amount": 1,
"assetblinder": "...",
"amountblinder": "...",
}],
"outputs": [{
"asset": "...",
"amount": 1,
"assetblinder": "...",
"amountblinder": "...",
}],
}
LiquiDEX v1 replaces the value blinding factors (value/amount blinder, vbf) with blind value proofs and adds a top level field for the scalar:
{
"version": 1,
"tx": "...",
"inputs": [{
"asset": "...",
"satoshi": 1,
"assetblinder": "...",
"value_blind_proof": "...",
}],
"outputs": [{
"asset": "...",
"satoshi": 1,
"assetblinder": "...",
"value_blind_proof": "...",
}],
"scalars": ["..."],
}
In theory LiquiDEX v0 proposals can be upgraded to LiquiDEX v1, but for the sake of simplicity at this stage it’s best to consider this upgrade a breaking change.
Note that we also replaced "amount" with "satoshi".
A working implementation
We developed a working prototype in BEWallet.
A Swap with BEWallet-cli
Install the wallet:
git clone https://github.com/LeoComandini/BEWallet-cli.git
cd BEWallet-cli
cargo install .
Maker list its coins to choose the one to be swapped:
$ bewallet-cli --testnet --electrum-url blockstream.info:465 --data-root $PWD --mnemonic "$MNEMONIC" get-coins | jq
[
...
{
"txo": {
"outpoint": "[elements]2dfaf9ca94fe817998456f02ab5093f5c1cf35e141efaf80212fe39ec4f6947c:0",
"script_pubkey": "a9144a597f4df12eea440e4e569f6e73b3e3b8794bdd87",
"height": 508358
},
"unblinded": {
"asset": "38fca2d939696061a8f76d4e6b5eecd54e3b4221c846f24a6b279e79952850a5",
"asset_bf": "9810d5b7987be0b2a2fecc3b0eb5e0a47e4386380f81c444659049890e8d0081",
"value": 100,
"value_bf": "f0450ba54ed42f13a56589317cd2fe2d28ce20796dacea8b49a14d806fce87a3"
}
}
]
Then makes the proposal:
$ bewallet-cli --testnet --electrum-url blockstream.info:465 --data-root $PWD --mnemonic "$MNEMONIC" liquidex-make --txid 2dfaf9ca94fe817998456f02ab5093f5c1cf35e141efaf80212fe39ec4f6947c --vout 0 --asset 144c654344aa716d6f3abcc1ca90e5641e4e2a7f633bc09fe3baf64585819a49 --rate 100
{"version":1,"tx":"0200000001017c94f6c49ee32f2180afef41e135cfc1f59350ab026f45987981fe94caf9fa2d00000000171600147e08d0e25f9db9557a4e282d4df6c68b5b075bb8feffffff010ac59b0326344f074f0ac4bd484495cf6f362c67e51295a08fe4dd2fc45b16403e08645256851c1677e5b131a77fe5413a2f0075fc23ef1bc9b34c5d1eb5d40398c203069ff02020da1ade6265b84007a791deea7ae8457a4dd4c5b41bd23c305f365f17a914eb6aa9ca07be006160895efff676cc3daecb955e8700000000000002483045022100e90232ab43924d2a123495da586e83ceeb41f73ab3bcb59454e1887a380fc72402203e1d433b09292325a1dd09d1b418d0e9142dbe05b1caaf0c38653c67c1be9994832102688398fcdba5b4a9debe7d8c057096e24b5f5cfb81da7167cdb4685266096ad80000fd4e1060330000000000000001c8105e017f9cb0d05d00de6c8354fc76b5a5a186fd00a4a2b5a5995c219c152e14ca0232d7cc71fbfcb54450542aff6028157d50853467926cf466eb3f3c3a03762daea7c0fab201ff245902b5309d8411dcbb0a44ac35152aa4c524c77bed65ab593267706ec1014f425f270a2f3d4466240d83c0df27f1e3cadacb4a40adef93c8f2339367f06cbce6a02ed9df8b5b8c8335bf4cb69875d6be49c13322d2f3ab873a092979e27036e94f13ac7e11eb6a18edf25b8e7994060abbb6dce289e0ae468bf364a99e95fd646c220489743a6713693b3dc261e5f77b7b21a0ed2984550dd62b3df6aaf6e1cf9360ad060cfea6540d497573445d5d3d7ad7beefef43ae03bc6d4153fca9e6ec9ceceedb0800a5f1489bcac9a2d2791e414d0b9bbb44916753f8d1c2154e434b8e814082ce75ff40f09c7c2f8138e547c9c7dbbab8bd214375a7a2866a38caf81f99373e04df7d9c0c36491c6e762cd8d6614f85834ac4c64102b7ad51229064f0225787be68b0790f0e3bc2d73e61ae6f635410c529f64e5243c5b3afac9aabc51f3a6032e6b92978aec9b3e79e196a73d4d8ebd6147aa83e4b89fddf8cbd0e47ffecd859f25733047383a3a38850c2565d06f86c44d2e289f8cd2965de2394d118a37613a36b749a8e6cbe90983840671fab3c96bc3bcc276393c97ace3f050aa5e2029a4b2dddbe6aab74366ea6eab0840b89c2c6ec4d8bf2e994b5ecd1173838fb9f0fc1782b73f19c2fa34dca5531776d9685ea12421834e90e620f8df6308b88be16a2c9bfc4630e266fed308f0c2748af6462d01813122393ca82fb1e8edf4dd589ed3fb77fa04b4ffd83a297c34c93fbc3573eee72764a225cca3ad406289faf15588d44aa3c0b0c2f1ccb2f8afcca2176c6f6bcaa590addbadce272d81a9867a342f01c24b22939582040a943aaef9e59c342b2dee184eb8fc234b77e6d1aab1ee9fa318a12c232122888ba12496fff8d5cf073e7be5e54491d4d9bf5d1ae0706c9f83bb8fa3b457363aebc7e6b008d521125c5ba27c41decec48f691cb09841926349b102f7bd9c532991bfe20054d07a7541afc3fe6b06ee23e491bcd2276914581197b03e92302a5df5a6f16486bf47311391f2c12827f9f4d2e90f727cdd987017b91393fd12effb0c627bc4ccc42d79685dc2ccc1a9fec7cf87faf2d47bcdc92f4ab847e00a942fbe67d8298e46534c64f335acbf1013f3b89e25238c40cbd4d01b70c0d05ba84e83d2a2f8ae636e1cc8834b188c91df2a92440a4275492c0ff473fc03ab4411c6891646ac59859c60ba82bc65a41a652baf9a2fb5fdabfaa51c80919fb2f179332bd219c4e696e024a18fc6bd41fe2e8e54108748661c432665dd38742f55d7e2048f7082ec81f9ad9ff2e47c7d3e019516979da4dc69f3c7732ae85fcb4320b3cd87526b93a1ff503d82324b72e9a0918ed90b5a62010c57a6b3c943425d1884597db82ea22d0242d29c5f87ada7ec6f81647718d25e2ad384aed76362c334a8c87d3cf4a18ec3694a153c94ed5f838b4767abc5c6b0c32925e381f48e78a27675d67aa5c0527327418dab0968740074ecb4bfee0d31df937cbe993b28848612d6812b5efd8ddad8a9e8b4e1236ac5df44b03f7c58587bb2c1174009e80fb982431fb50f4a8510ac81bad582957245307f1387e0e4499985b69035e6812ea69e94998ce72fb80cdf8ab663058c258a826d1cd2b5a0dba985f5aca861002480731764024944188fe4aefeb3ef747cd4972f8559ae34babb0f6088c10e1bad78b39952aaed8806083069b16bc2f96fa6cc6f32f5ae1b326d07bd54d82c8d38a3487ff82ab40b3f9e024c2382147a1074d01500a9e25c4b48dfa14f82a02eca3ab80e0da15e5b04e7bc4d7302969ee37cfb63602260a939377f1a6de17d0fb4fed5da7539f3541a728bdcb8bd417e147e2f43d47a5173d27577dc7ec5aa1aa183ece38269cab11ed0348ca360fb8f76841d230e038b43fda14857ed539edfb79886487b43ed233935ad4b27897567fb3a92776e742857a2987589da355a30cca609fd52d0b8b61b8895109317c76a7c683f6938bff41eaf6c1d951cea87779b2fdd32bc095b469a6d7b956df9ced9525b7196d9570ab227499cc2b1e1dc4579b31fb7534703d977a49b3913078cefda8366a5e12df3aca9e99325fed6c1c43c4dd29fab5bb909da4a976afa62f8ea7e810904c5e26062d2c60db97c7a8a915d203b76ef345e80374be1b7fb4a692856a8dd3058d42e2680aef0f5c81726a040969c60e81110a8dc079978d77088a3a8a497ef1bd53a38c2e8edb7c106ca6d5ad26973a978c39244e870d93a3eff32f4a60e13141b8c93f0ef9998d2fbc93a41a02d689cc00141bcfd28b65cd5b52a36b36ba4bbe42fad69ffae0550b441d3be9a2c9da04d6bf2f924cee041aab6326a74f8cb61432250e8bda71eb9f0522c8f7726230d428d432d967f0c905a5056e5a552b3f158f858a73f8b03e43b3505cabaeb059c3d3d8c47a1948230e79cafacf9f17964d2dc01e81c1f4b4a201fe0d39e75809aba0e3db07628fe9bd4e1fa0573599077e0a9b6812289818d93ea51da19a96d886b387e522e20e72677e4e2ecaa7050853d698b58f9a948144d7949e28f4ac8896e68d479ce62f0b3d5b640cfef8c3bcdc8aa5a9bb7a40e96f2260aa59d434de93946a7faa9a52ca1b5c9eb4b3e20ca07cd95b3c7586c62fc209c1660c159476410334a008b3ceac0e640265a370d92bbf2544f823da988a455c66f54a077c48f26b59744cd5ead06985f599b593e9693ef734400cb6e7fc3aea8220dc45fede3c4bcd0ed9c84c742805b57f4c998ba8fa3d071942930c55f9e71ef180630067af81cb0f2edc05f83c8256cb430919c85ffc5f6be9904f10a60c205906cf79d94576f5f79ea6c4102f1b395248009aaaf4cf253d640085a3df36e5c659539747469e94a78467dd3f04c48fbc9f7f4c55a4bdda82d137a4cefbf4e3ed56407bd3a77a3e67374e8c438e3881a6d8fc504521045335744beac7454327b96357ad120fbf52a399c7c1acefc526f2946c918c90d14643f3365390847d86d57165d540a9dbfa5f1aad7ae4f606c19dc4ace1afd9c7294f29e398ed7590e1112d0d46a1798ce74aff27cd285b87825bc8f5dbf72a4f28979bb565732db9e9be82bc4656af5df4660797cd088d7719e1e1f73c9c50ea98110228b3675a65cb367f9863072dc86b8fad5c012b132cbd2a792c11bc311538fa5d36d6c3f47fa42a96109157f751a0226fdf0fa7e68837d1cda4bcefae3a79cde0f71f709a2d65e7a9aef5b47347af547361301b55cbb7f9873f725a918acc3eb3eaab2ea3c9a67dff3a0608b9ae5b96fda4f057cca439989e47cee7cb24f2e4d66604f870d424ad97df5b212e710d92a9d13226c831b5f7b63eb813892bc3e2da34a7c9e33b99a8cb76ad6a10212c80101fecea9e952ba55b2a1c60b914c8543663774c085a3123f117cb2333d131a34cc8c6de24341df1e626d04f940e57febf538190fdd88725c4a2729516994543ed210e7aa4004463dcefcdc29e7fb4cebcd9e294792117248647391c455a46327afa13e39390388893e4b32c29339abfb403b3ab17c4885e60047f09f9394b98baa6fed981eed26fa9f64c0b84d437e080d3e526811e4fd968366b59a50fa25219512f3baf767a455439609dce442b47d1a58f8a8ed47d15512f8dff61498013d4252c50e6960799b58b20339fc5837c61e6c31e31749b2d051bad3e76de7cdf4b75c7a08c17de67b06f6e8d939f668a0990f917f739d02eba63471fa6bd6e07f30b5eef45cdd6a10665a2c6d6da6663e1e5635266a89f4ff203f4602d71c7fea1f916717698d8bc4fff6b91afa72a48704d01d1266b51db2077ce58a460873cedb5299c30e3dc0c97dc293553c9b135bf946e79676c1304202ef62c79ea3b3625e41d683eefdd1f536e9c4553f6a3de11df4d4c27474317154bb9d55bbc84d5b8823eaad3d391ae3801a2dc3fca11ea8665298b88849e46095c0a6f2903c7058d556ee46edd68934930db0962fd2b0211c0fe241b1d005d6b72e5d8954b484b42d3d1fbd85356aecd176f9e38878081f368254d3731a60251ab7d7eff688b58de8ce5efa512b34a0dcdc369dfc7decfc7c03a69b47d06abf77d3e66fc5fba817f84baa61cc986ef2e91838a6ec523384a36e1c836460d7ae8d3ddf425d9ec8c504173cdc75278269b58822245560f67861bab549ecf1e43ab4062fd76d889b8d1d167f4204136c51cbfe92c5597ef63c4d982ff54e28223e866dcc62a9cb9a12e3ef5d3e7efa9e0af93b70a4df35c867a267a5a2e84ecb7091cb5d9538e4543c9f0dd94af7646ca9894ad894b06169eead9b1729a246d3a4719205c0ec4777a2ea8f42c285d36c0ca321e691d6015258580b1cc5415f4b39e9a8111efd8f294d12aba6c6b1566cf925e89d707c7fffd535d8669e6d69b89c2fdfc06e403db246d3cdf3c1b96562f8cb7ad9b723ee1a3bf94cf4ffc29772e873312656270ad14943c9893fc1c8876708d7f26c0e5e4b2cde1e408ecc39c5b11785a9d5af83b400a1dee99437b139b3e9c8cf4f10927dddf7d1abd0eb569d0f7a60fcfe2afa32dacbe6c27b088c32af37918d7e2f29bf94c92cf8a5f8ac03e51ec286db4d4490cc2037b76ada6e266f921d1e828a1ff2fc3dd4a7df65b9f039ba52b956d763cd3fe6926ea06b3f4f814fba1d3e4698ff10f3f353d506fc6822dab3fe91ebe17f86969a1092891f9216060e740aed8ef3ef35e38ae3e64e690a5773b5e5472181beda6cfb03464674cb6a10fee0aa69321e16c3945e2ca906bc6a1ddec0e4fda505f6777647aec4311cbb889cbd8d11678d0c0e8426b2b51fb6014d1682cc2998facc71be0af820f8927e53eb5f5bede028290f0738dac73feeb3d962d750584f37aa434fef23a2a3686fe71b271d246295dd5aa48c1476fe5cee82785fc8b2e1655effacef7a16b7ed58809bae6a4cb3996b4dac7c1cfe132d288648718ae143c4a49e7357ba8b5909518458bc98cdfe0a1425eba911b63bc15499e4a1cd3fee3f9cf86d952244b1ed810e3d0eab5bbacbcee51ca1e4b147c242beba865c65ad4c3a55a12c9639597086d3d172d86786eec836e8556e026a6eecb09cfbdb5ed01c346871c38a3413bd09b9344036f62936702559a68ba7b34dad0f6954c2904f46747544a1eb17ef4dfa09c05490cd311fd60548a8affe919e1f9bc59384188977d6cc65497fe54e9a28a17f6ec71f624f57225563aa804ba248f26723895dc104a28cd4504dcf577e3ad42287e470a22ee3e7e86be47ab960bb6860ac7ce12d466e85672e584c1a4cb0c6f56a62ade63c78aad106f9ef4c9f62a1e388ca9bb4ee185d777795af846a4b8b1eff5907ab2de3154111311065d96b5a9c321adc573f4fb6b74e3c3b16f7b36099a3a81300184b3b9c82307abbcfb05553daa708cff74eea4baeeea717421466704973aa1b2baa1f8133c7679e58022e3a0d340b530db322d8064f251a8e878c05e7a9a9be4efbd8970e8ae2f01f0b03693bcd99d81f731de934e43cb5100a2ca0ad59631ad2ee1a4793ad986f26ac689cd2c272271b1358a3314d9eecaa69599f1b880313e11dedec26e6287924b539544c2e54df8d15b679a26aee9b3c76d498903d755599fa4b244185aa6d87b4ac81d3bbbed4034f1c4504fa4efdd77db1ee2d166eeeeb1bf132376ec42c4139d115927291a73a949384d28b17a03fb71e06dc74a761de718439489c457314545b7dd6a7fd3941db1a1977b88ee238451c4462af61dbde2d8c484b719c62d22ff289d0c8201cba5e5c9cb817e","inputs":[{"asset":"38fca2d939696061a8f76d4e6b5eecd54e3b4221c846f24a6b279e79952850a5","asset_blinder":"9810d5b7987be0b2a2fecc3b0eb5e0a47e4386380f81c444659049890e8d0081","satoshi":100,"blind_value_proof":"200000000000000064be856189424eaccb0b9094f65052f1d0ab85ebcc1d8bf3f54ae90b43c7b95228b353e1c1c1a6f7cc9ed4367fbae49e99fa70ba6c0221b8d6c9e13f977fc501fc"}],"outputs":[{"asset":"144c654344aa716d6f3abcc1ca90e5641e4e2a7f633bc09fe3baf64585819a49","asset_blinder":"ec18db07c2c706ba46f539b89e347c036b6f85911f3ae6636a4c029c8a5dc956","satoshi":10000,"blind_value_proof":"2000000000000027109037e3d08ad280de5b38662d44b2f9b4e2ba89dbd106167222d70234dd43ff3aa8464cc82540fe3cff8775c7203473dfdafa8eaae8eadfedecdf5be24c015334"}],"scalars":["e061472f824641a978128d2d9e483c3804e551ed2afc287b24b789284a27682d"]}
And sends it to the Taker, which can accept it:
$ bewallet-cli --testnet --electrum-url blockstream.info:465 --data-root $PWD --mnemonic "$MNEMONIC" liquidex-take --proposal '{"version":1,"tx":"0200000001017c94f6c49ee32f2180afef41e135cfc1f59350ab026f45987981fe94caf9fa2d00000000171600147e08d0e25f9db9557a4e282d4df6c68b5b075bb8feffffff010ac59b0326344f074f0ac4bd484495cf6f362c67e51295a08fe4dd2fc45b16403e08645256851c1677e5b131a77fe5413a2f0075fc23ef1bc9b34c5d1eb5d40398c203069ff02020da1ade6265b84007a791deea7ae8457a4dd4c5b41bd23c305f365f17a914eb6aa9ca07be006160895efff676cc3daecb955e8700000000000002483045022100e90232ab43924d2a123495da586e83ceeb41f73ab3bcb59454e1887a380fc72402203e1d433b09292325a1dd09d1b418d0e9142dbe05b1caaf0c38653c67c1be9994832102688398fcdba5b4a9debe7d8c057096e24b5f5cfb81da7167cdb4685266096ad80000fd4e1060330000000000000001c8105e017f9cb0d05d00de6c8354fc76b5a5a186fd00a4a2b5a5995c219c152e14ca0232d7cc71fbfcb54450542aff6028157d50853467926cf466eb3f3c3a03762daea7c0fab201ff245902b5309d8411dcbb0a44ac35152aa4c524c77bed65ab593267706ec1014f425f270a2f3d4466240d83c0df27f1e3cadacb4a40adef93c8f2339367f06cbce6a02ed9df8b5b8c8335bf4cb69875d6be49c13322d2f3ab873a092979e27036e94f13ac7e11eb6a18edf25b8e7994060abbb6dce289e0ae468bf364a99e95fd646c220489743a6713693b3dc261e5f77b7b21a0ed2984550dd62b3df6aaf6e1cf9360ad060cfea6540d497573445d5d3d7ad7beefef43ae03bc6d4153fca9e6ec9ceceedb0800a5f1489bcac9a2d2791e414d0b9bbb44916753f8d1c2154e434b8e814082ce75ff40f09c7c2f8138e547c9c7dbbab8bd214375a7a2866a38caf81f99373e04df7d9c0c36491c6e762cd8d6614f85834ac4c64102b7ad51229064f0225787be68b0790f0e3bc2d73e61ae6f635410c529f64e5243c5b3afac9aabc51f3a6032e6b92978aec9b3e79e196a73d4d8ebd6147aa83e4b89fddf8cbd0e47ffecd859f25733047383a3a38850c2565d06f86c44d2e289f8cd2965de2394d118a37613a36b749a8e6cbe90983840671fab3c96bc3bcc276393c97ace3f050aa5e2029a4b2dddbe6aab74366ea6eab0840b89c2c6ec4d8bf2e994b5ecd1173838fb9f0fc1782b73f19c2fa34dca5531776d9685ea12421834e90e620f8df6308b88be16a2c9bfc4630e266fed308f0c2748af6462d01813122393ca82fb1e8edf4dd589ed3fb77fa04b4ffd83a297c34c93fbc3573eee72764a225cca3ad406289faf15588d44aa3c0b0c2f1ccb2f8afcca2176c6f6bcaa590addbadce272d81a9867a342f01c24b22939582040a943aaef9e59c342b2dee184eb8fc234b77e6d1aab1ee9fa318a12c232122888ba12496fff8d5cf073e7be5e54491d4d9bf5d1ae0706c9f83bb8fa3b457363aebc7e6b008d521125c5ba27c41decec48f691cb09841926349b102f7bd9c532991bfe20054d07a7541afc3fe6b06ee23e491bcd2276914581197b03e92302a5df5a6f16486bf47311391f2c12827f9f4d2e90f727cdd987017b91393fd12effb0c627bc4ccc42d79685dc2ccc1a9fec7cf87faf2d47bcdc92f4ab847e00a942fbe67d8298e46534c64f335acbf1013f3b89e25238c40cbd4d01b70c0d05ba84e83d2a2f8ae636e1cc8834b188c91df2a92440a4275492c0ff473fc03ab4411c6891646ac59859c60ba82bc65a41a652baf9a2fb5fdabfaa51c80919fb2f179332bd219c4e696e024a18fc6bd41fe2e8e54108748661c432665dd38742f55d7e2048f7082ec81f9ad9ff2e47c7d3e019516979da4dc69f3c7732ae85fcb4320b3cd87526b93a1ff503d82324b72e9a0918ed90b5a62010c57a6b3c943425d1884597db82ea22d0242d29c5f87ada7ec6f81647718d25e2ad384aed76362c334a8c87d3cf4a18ec3694a153c94ed5f838b4767abc5c6b0c32925e381f48e78a27675d67aa5c0527327418dab0968740074ecb4bfee0d31df937cbe993b28848612d6812b5efd8ddad8a9e8b4e1236ac5df44b03f7c58587bb2c1174009e80fb982431fb50f4a8510ac81bad582957245307f1387e0e4499985b69035e6812ea69e94998ce72fb80cdf8ab663058c258a826d1cd2b5a0dba985f5aca861002480731764024944188fe4aefeb3ef747cd4972f8559ae34babb0f6088c10e1bad78b39952aaed8806083069b16bc2f96fa6cc6f32f5ae1b326d07bd54d82c8d38a3487ff82ab40b3f9e024c2382147a1074d01500a9e25c4b48dfa14f82a02eca3ab80e0da15e5b04e7bc4d7302969ee37cfb63602260a939377f1a6de17d0fb4fed5da7539f3541a728bdcb8bd417e147e2f43d47a5173d27577dc7ec5aa1aa183ece38269cab11ed0348ca360fb8f76841d230e038b43fda14857ed539edfb79886487b43ed233935ad4b27897567fb3a92776e742857a2987589da355a30cca609fd52d0b8b61b8895109317c76a7c683f6938bff41eaf6c1d951cea87779b2fdd32bc095b469a6d7b956df9ced9525b7196d9570ab227499cc2b1e1dc4579b31fb7534703d977a49b3913078cefda8366a5e12df3aca9e99325fed6c1c43c4dd29fab5bb909da4a976afa62f8ea7e810904c5e26062d2c60db97c7a8a915d203b76ef345e80374be1b7fb4a692856a8dd3058d42e2680aef0f5c81726a040969c60e81110a8dc079978d77088a3a8a497ef1bd53a38c2e8edb7c106ca6d5ad26973a978c39244e870d93a3eff32f4a60e13141b8c93f0ef9998d2fbc93a41a02d689cc00141bcfd28b65cd5b52a36b36ba4bbe42fad69ffae0550b441d3be9a2c9da04d6bf2f924cee041aab6326a74f8cb61432250e8bda71eb9f0522c8f7726230d428d432d967f0c905a5056e5a552b3f158f858a73f8b03e43b3505cabaeb059c3d3d8c47a1948230e79cafacf9f17964d2dc01e81c1f4b4a201fe0d39e75809aba0e3db07628fe9bd4e1fa0573599077e0a9b6812289818d93ea51da19a96d886b387e522e20e72677e4e2ecaa7050853d698b58f9a948144d7949e28f4ac8896e68d479ce62f0b3d5b640cfef8c3bcdc8aa5a9bb7a40e96f2260aa59d434de93946a7faa9a52ca1b5c9eb4b3e20ca07cd95b3c7586c62fc209c1660c159476410334a008b3ceac0e640265a370d92bbf2544f823da988a455c66f54a077c48f26b59744cd5ead06985f599b593e9693ef734400cb6e7fc3aea8220dc45fede3c4bcd0ed9c84c742805b57f4c998ba8fa3d071942930c55f9e71ef180630067af81cb0f2edc05f83c8256cb430919c85ffc5f6be9904f10a60c205906cf79d94576f5f79ea6c4102f1b395248009aaaf4cf253d640085a3df36e5c659539747469e94a78467dd3f04c48fbc9f7f4c55a4bdda82d137a4cefbf4e3ed56407bd3a77a3e67374e8c438e3881a6d8fc504521045335744beac7454327b96357ad120fbf52a399c7c1acefc526f2946c918c90d14643f3365390847d86d57165d540a9dbfa5f1aad7ae4f606c19dc4ace1afd9c7294f29e398ed7590e1112d0d46a1798ce74aff27cd285b87825bc8f5dbf72a4f28979bb565732db9e9be82bc4656af5df4660797cd088d7719e1e1f73c9c50ea98110228b3675a65cb367f9863072dc86b8fad5c012b132cbd2a792c11bc311538fa5d36d6c3f47fa42a96109157f751a0226fdf0fa7e68837d1cda4bcefae3a79cde0f71f709a2d65e7a9aef5b47347af547361301b55cbb7f9873f725a918acc3eb3eaab2ea3c9a67dff3a0608b9ae5b96fda4f057cca439989e47cee7cb24f2e4d66604f870d424ad97df5b212e710d92a9d13226c831b5f7b63eb813892bc3e2da34a7c9e33b99a8cb76ad6a10212c80101fecea9e952ba55b2a1c60b914c8543663774c085a3123f117cb2333d131a34cc8c6de24341df1e626d04f940e57febf538190fdd88725c4a2729516994543ed210e7aa4004463dcefcdc29e7fb4cebcd9e294792117248647391c455a46327afa13e39390388893e4b32c29339abfb403b3ab17c4885e60047f09f9394b98baa6fed981eed26fa9f64c0b84d437e080d3e526811e4fd968366b59a50fa25219512f3baf767a455439609dce442b47d1a58f8a8ed47d15512f8dff61498013d4252c50e6960799b58b20339fc5837c61e6c31e31749b2d051bad3e76de7cdf4b75c7a08c17de67b06f6e8d939f668a0990f917f739d02eba63471fa6bd6e07f30b5eef45cdd6a10665a2c6d6da6663e1e5635266a89f4ff203f4602d71c7fea1f916717698d8bc4fff6b91afa72a48704d01d1266b51db2077ce58a460873cedb5299c30e3dc0c97dc293553c9b135bf946e79676c1304202ef62c79ea3b3625e41d683eefdd1f536e9c4553f6a3de11df4d4c27474317154bb9d55bbc84d5b8823eaad3d391ae3801a2dc3fca11ea8665298b88849e46095c0a6f2903c7058d556ee46edd68934930db0962fd2b0211c0fe241b1d005d6b72e5d8954b484b42d3d1fbd85356aecd176f9e38878081f368254d3731a60251ab7d7eff688b58de8ce5efa512b34a0dcdc369dfc7decfc7c03a69b47d06abf77d3e66fc5fba817f84baa61cc986ef2e91838a6ec523384a36e1c836460d7ae8d3ddf425d9ec8c504173cdc75278269b58822245560f67861bab549ecf1e43ab4062fd76d889b8d1d167f4204136c51cbfe92c5597ef63c4d982ff54e28223e866dcc62a9cb9a12e3ef5d3e7efa9e0af93b70a4df35c867a267a5a2e84ecb7091cb5d9538e4543c9f0dd94af7646ca9894ad894b06169eead9b1729a246d3a4719205c0ec4777a2ea8f42c285d36c0ca321e691d6015258580b1cc5415f4b39e9a8111efd8f294d12aba6c6b1566cf925e89d707c7fffd535d8669e6d69b89c2fdfc06e403db246d3cdf3c1b96562f8cb7ad9b723ee1a3bf94cf4ffc29772e873312656270ad14943c9893fc1c8876708d7f26c0e5e4b2cde1e408ecc39c5b11785a9d5af83b400a1dee99437b139b3e9c8cf4f10927dddf7d1abd0eb569d0f7a60fcfe2afa32dacbe6c27b088c32af37918d7e2f29bf94c92cf8a5f8ac03e51ec286db4d4490cc2037b76ada6e266f921d1e828a1ff2fc3dd4a7df65b9f039ba52b956d763cd3fe6926ea06b3f4f814fba1d3e4698ff10f3f353d506fc6822dab3fe91ebe17f86969a1092891f9216060e740aed8ef3ef35e38ae3e64e690a5773b5e5472181beda6cfb03464674cb6a10fee0aa69321e16c3945e2ca906bc6a1ddec0e4fda505f6777647aec4311cbb889cbd8d11678d0c0e8426b2b51fb6014d1682cc2998facc71be0af820f8927e53eb5f5bede028290f0738dac73feeb3d962d750584f37aa434fef23a2a3686fe71b271d246295dd5aa48c1476fe5cee82785fc8b2e1655effacef7a16b7ed58809bae6a4cb3996b4dac7c1cfe132d288648718ae143c4a49e7357ba8b5909518458bc98cdfe0a1425eba911b63bc15499e4a1cd3fee3f9cf86d952244b1ed810e3d0eab5bbacbcee51ca1e4b147c242beba865c65ad4c3a55a12c9639597086d3d172d86786eec836e8556e026a6eecb09cfbdb5ed01c346871c38a3413bd09b9344036f62936702559a68ba7b34dad0f6954c2904f46747544a1eb17ef4dfa09c05490cd311fd60548a8affe919e1f9bc59384188977d6cc65497fe54e9a28a17f6ec71f624f57225563aa804ba248f26723895dc104a28cd4504dcf577e3ad42287e470a22ee3e7e86be47ab960bb6860ac7ce12d466e85672e584c1a4cb0c6f56a62ade63c78aad106f9ef4c9f62a1e388ca9bb4ee185d777795af846a4b8b1eff5907ab2de3154111311065d96b5a9c321adc573f4fb6b74e3c3b16f7b36099a3a81300184b3b9c82307abbcfb05553daa708cff74eea4baeeea717421466704973aa1b2baa1f8133c7679e58022e3a0d340b530db322d8064f251a8e878c05e7a9a9be4efbd8970e8ae2f01f0b03693bcd99d81f731de934e43cb5100a2ca0ad59631ad2ee1a4793ad986f26ac689cd2c272271b1358a3314d9eecaa69599f1b880313e11dedec26e6287924b539544c2e54df8d15b679a26aee9b3c76d498903d755599fa4b244185aa6d87b4ac81d3bbbed4034f1c4504fa4efdd77db1ee2d166eeeeb1bf132376ec42c4139d115927291a73a949384d28b17a03fb71e06dc74a761de718439489c457314545b7dd6a7fd3941db1a1977b88ee238451c4462af61dbde2d8c484b719c62d22ff289d0c8201cba5e5c9cb817e","inputs":[{"asset":"38fca2d939696061a8f76d4e6b5eecd54e3b4221c846f24a6b279e79952850a5","asset_blinder":"9810d5b7987be0b2a2fecc3b0eb5e0a47e4386380f81c444659049890e8d0081","satoshi":100,"blind_value_proof":"200000000000000064be856189424eaccb0b9094f65052f1d0ab85ebcc1d8bf3f54ae90b43c7b95228b353e1c1c1a6f7cc9ed4367fbae49e99fa70ba6c0221b8d6c9e13f977fc501fc"}],"outputs":[{"asset":"144c654344aa716d6f3abcc1ca90e5641e4e2a7f633bc09fe3baf64585819a49","asset_blinder":"ec18db07c2c706ba46f539b89e347c036b6f85911f3ae6636a4c029c8a5dc956","satoshi":10000,"blind_value_proof":"2000000000000027109037e3d08ad280de5b38662d44b2f9b4e2ba89dbd106167222d70234dd43ff3aa8464cc82540fe3cff8775c7203473dfdafa8eaae8eadfedecdf5be24c015334"}],"scalars":["e061472f824641a978128d2d9e483c3804e551ed2afc287b24b789284a27682d"]}' --broadcast
f831ae46f28ce47001a7f19b35652506f93815d2884d0de9df4f06b387739e50
Which resulted in this transaction, which can be partially unblinded by the Maker and the Taker.
Future Improvements
Unlike LiquiDEX v0, LiquiDEX v1 does not need to a custom way to unblind the output received by the Maker. Thus it a specific wallet is not strictly necessary. For instance it’s possible to write a small python wrapper using the Elements Core wallet, an approach similar to the first 3 LiquiDEX prototypes described in the previous blog post.
LiquiDEX v1 does not use yet PSET because it does not have a place to store the asset blinding factors. When that will be possible, we will upgrade version and use PSET.
Conclusions
LiquiDEX is a protocol to perform 2-steps P2P atomic swaps. This improves the UX by requiring a single interaction between the Maker and the Taker, with reasonable compromises.
LiquiDEX v0 requires significant efforts on the wallet side to correctly and safely handle blinding and unblinding.
LiquiDEX v1 remove the value blinding factors from the proposal, preventing the Taker from being able to replace the rangeproof. This makes the wallet integration far easier, less intrusive and safer.
There are some compromises though, the Maker input must not have been sent from a potential Taker, and if a Maker is using a (un)blinded input, it must use a (un)blinded output.
Acknowledgements
I’d like to thank Riccardo Casatta and Valerio Vaccaro for the tests and review, and Jonas Nick for providing feedback on the cryptographic design.