Open 007harshmahajan opened 1 month ago
I have made the following modification. Let me know if it makes sense.
There is no separate funding and contract transaction now. All together in one transaction via taproot tree. now referred to as the funding tx
.
At the end of the round, instead of privkey handover, they send each other the partial sig for the keypath spend. With this partial sig they can individually construct the musig and spend the funding tx
via keypath.
| Alice | Bob |
|==========================================|========================================|
| send pubkey and pub nonce ----> | |
| |<---- send pubkey and pub nonce |
**************** ALICE FUNDING TXN BROADCAST ****************
***************** BOB FUNDING TXN BROADCAST *****************
| send hash preimage for scriptpath spend ----> | |
| |<---- send hash preimage for scriptpath|
| send partial sig for keypath ----> | |
| |<---- send partial sig for keypath |
********************** SWAP COMPLETE ***********************
Coinswap with taproot and Musig2
Swaping the coins with taproot as scripting and Musig2 key aggregation will improve privacy of swap's as it will look same like any other taproot treansaction
Changes from exixting implementation coinswap
taproot contract Key aggregation for Multi signature Both the parties will supply pub key and single use pub nonce, both are derived from priv key and priv nonce respectivly. Key-path spending 2-2 aggregated key is used as internal key for script less spending of coins. this will require both private keys and private nonce. Script-path spend It contain 2 scripts path, one with timelock and other hashlock Bitcoin's script will be used to code these timelock and hashlock conditions. Diagrams of the transactions:
Message protocol
Transaction construction
Tapscript descriptors