Problem description: Read this or watch this, this for the full mailing list version.
TL,DR: the preimage holder (in our case always the taker) can delay the release of preimage from t0 to t1 and watch the market in the interval [t0, t1] and decide at t1 to execute the swap or not depending if the price agreed in the swap is better than the market at t1 or not. Release preimage if yes, fail the swap if no. This creates a free financial option for the preimage holder and is fatal for the non-preimage holder since her funds are locked up for the interval [t0, t1].
This issue is to collect discussion and research in two different directions
how to reduce exposure to above described free option scenario and
enforce <block (e.g. 10 seconds) timeouts for payment channel atomic swaps and to enforce releasing amounts in the HTLCs of the swap. Enforcing means the protocol can enforce this timeout without the the misbehaving party responding/cooperating. Currently the non-preimage holder can decide between waiting for preimage holder to finalize the trade or cancel the trade by uncooperative channel close and a lengthy 7 days cltv waiting time to get funds back. Both not very nice options.
We are currently aware of the following approaches:
[Direction 1]: @sangaman floated the idea to chop up swaps with new peers we don't have any experience with into smaller chunks and execute these sequentially. If a such peer were to exploit the free option it would only happen for a small amount and we'd stop swapping the rest. Obvious caveat: swaps with these peers are getting slower and some quantity might not be available anymore towards the end.
[Direction 2]: @renepickhardt described a way how to do away with the Free Option with a CFD on LN and having an Oracle constantly providing rates for which the swap would settle. Meaning if I start a swap at t0, but settle only at t1, I will get the rate from t1, not t0. https://hackmd.io/@lpQxZaCeTG6OJZI3awxQPQ/LN-DLC
Moved here from https://github.com/ExchangeUnion/xud/issues/881:
Problem description: Read this or watch this, this for the full mailing list version.
TL,DR: the preimage holder (in our case always the taker) can delay the release of preimage from t0 to t1 and watch the market in the interval [t0, t1] and decide at t1 to execute the swap or not depending if the price agreed in the swap is better than the market at t1 or not. Release preimage if yes, fail the swap if no. This creates a free financial option for the preimage holder and is fatal for the non-preimage holder since her funds are locked up for the interval [t0, t1].
This issue is to collect discussion and research in two different directions
<block(e.g. 10 seconds) timeouts for payment channel atomic swaps and to enforce releasing amounts in the HTLCs of the swap. Enforcing means the protocol can enforce this timeout without the the misbehaving party responding/cooperating. Currently the non-preimage holder can decide between waiting for preimage holder to finalize the trade or cancel the trade by uncooperative channel close and a lengthy 7 dayscltvwaiting time to get funds back. Both not very nice options.We are currently aware of the following approaches: