dabura667
commented
7 years ago Very interesting, but at the same time difficult to get UX down right.
You would basically have to trust that the BWS server holding the TL tx doesn't go down.
An alternative would be to use a special P2SH script like OP_IF (normal everyday script) OP_ELSE (1 year from now) OP_CLTV OP_DROP (script to other recipient) OP_ENDIF which would then leave the tx on blockchain and recoverable in event of system failure.
isocolsky
This is not urgent, but I wanted to get the idea down. Copay's client-server architecture is uniquely capable of providing for inheritance & business continuity plans extremely well.
The basic idea: every single transaction in a wallet also creates a second “time-locked” transaction, which can sweep the entire wallet according to a sort of “Bitcoin Will & Testament” or “Bitcoin Business Continuity Plan” determined by the wallet settings.
User Interface
From the users perspective, this happens as they’re setting up a higher value wallet (and Copay can prompt them when the balance rises to a significant level – perhaps when the wallets value rises above an ounce of gold).
Each wallet has a “Contingency Plan” setting, which allows the user to add “recipients” from their address book, and determine a percentage of funds that will be swept to the recipient after a period of inactivity (default: 1 year). Each “recipient” could be a single individual or a multisig wallet among close parties.
Future improvements in bitcoin address sharing will also tie nicely into this UI system – if each “recipient” is able to update their address in a Web-of-Trust or PKI based system, the “Contingency Plan” should be able to update itself, and the new address used in the next transaction.
Family
For smaller estates passed down to (non-estranged) family, I imagine this will often simply be an equal split amongst surviving, responsible children.
Those children should receive the funds to a multisig wallet with appropriate safeguards and accessibility to immediate family. This can be done technically (the best way), or with more trust-reliant options. Depending on the family situation, I think the best option would be a regularly-used “family wallet”, where spouses or other responsible (non-estranged) adults all share a high-value
(N-1)-of-Nwallet (with backups, of course). A slightly higher-risk option is to use a wallet composed of a number of shared devices (like family computers and mobile devices).Large Estates & Business Continuity
For larger estates, estates involving estranged parties, and businesses, I imagine the wallets “Contingency Plan” will often need to send all funds to one or more multisig address, requiring signatures from
(N-1)-of-Nparticipants.Each of these multisig wallets might be controlled by a “Will Executor Group” for large estates (a group including attorneys and related organizations) or by “Business Continuity Units” for large businesses (leaders of different departments or business units).
Implementation
This is where the client-server architecture works so well. Every transaction created by a wallet can also create a Contingency Plan Transaction (CPT), which is
Bitcoin locktimetime-locked to the approximate period set in the wallet’s settings. Both the transaction and the CPT are sent to BWS, and BWS broadcasts the transaction as normal.BWS can the save the CPT to the database, linking it to the record for the wallet. Any previous CPTs for the wallet can be garbage-collected, as they are no longer valid. When a new block is found, BWS can check for any valid CPT transactions (given the new block height). If a CPT is valid, it can be broadcast to the network to execute the wallet’s contingency plan.
As an aside, there’s an opportunity for additional notifications and human contact/discussion before a CPT is broadcast, though this is not necessary for everything to work properly.