Hi,
I was reading the paper written by Kuramesan and Bentov with title "How to use Bitcoin to Design Fair Protocols".
Source:
https://eprint.iacr.org/2014/129.pdfSpecifically, the sender creates a transaction which can be redeemed the following way:
1) By providing the Sender's signature AND the Receiver's signature
2) By Receiver's signature and a witness/proof which will make a circuit/function valid
Whichever of the conditions comes claims the transaction. My problem in understanding is what this circuit/function should be. Can it a random secret chosen by so if we pass through a hash function that is the circuit it can easily be verified since the receiver has to reveal this secret through it's claim transaction?
Is my assumption correct?
Furthermore, about the fair reconstruction protocol, it says in page 10 of the paper, a Sender may use tags to specify a Fcr transaction with the guarantee that its deposit can be claimed by a receiver if only he provides the corresponding token. As I guess this in the fair reconstruction protocol, is represented through the circuit functionality, but when the authors design the naive approach they declare Ti as Token(ai) where a I guess it is a secret since on the footnote they declare that it should contin some randomness. Any thoughts on this?