layout: cp
title: "Monero Atomic Swaps research funding"
author: h4sh3d
date: 19 May 2020
amount: 18
milestones:
- name: Work is done
funds: 100% (18 XMR)
done: 26 August 2020
status: finished
payouts:
- date: 27 August 2020
amount: 18Monero Atomic Swaps research funding
From https://github.com/h4sh3d/xmr-btc-atomic-swap:
In blockchains where hashed timelock contracts are doable atomic swaps are already deployed, but when one blockchain doesn't have this capability it becomes a challenge. This protocol describes how to achieve atomic swaps between Bitcoin and Monero with two transactions per chain without trusting any central authority, servers, nor the other swap participant.
Motivation:
Two years ago (Dec 2017), I published a draft to swap between Bitcoin and Monero.
In March 2019 I rewrote the protocol in more details, specifying what kind of zero-knowledge proofs were needed to guarantee the "trustlessness" of the protocol and the known limitations of the scheme, funded by my previous employer.
zkao and I presented the protocol at 36C3 in December 2019 (link here). After discussing it during March and April on #monero-research-lab IRC, andytoshi's idea of using "discrete logarithm equality across groups" that sarang has a write-up here, I changed the zero-knowledge requirements by adapting the protocol, but the protocol, thus on-paper complete, was still not implementable as it used an inactive bitcoin op-code: OP_AND.
Recently I learned some new cryptographic tricks with ECDSA that should make the protocol complete and implementable with today's tools without requiring hash pre-image zero knowledge proofs.
This research will update the draft protocol to completely remove hash pre-image zero-knowledge proof requirement.