Author

Topic: Cryptographic P2P coin exchange possible ? (Read 1061 times)

legendary
Activity: 1232
Merit: 1094
November 11, 2014, 09:50:06 AM
#2
suppose Alice has 200 LTC and would like to exchange it for 2 BTC, and Bob has 2 BTC, and you would like to exchange it for 200 LTC.

This is atomic cross chain transfers.  You can search for it.

It isn't safe at the moment due to transaction malleability.  There are proposals for a BIP that would fix malleability. 

Peter Todd also created a system called OP_CHECKLOCKTIMEVERIFY that allows the same thing.  It seems to be getting more traction.
hero member
Activity: 770
Merit: 629
November 11, 2014, 09:45:09 AM
#1
Hello,

I'm pretty new to cryptocurrencies, and I would like to ask a question which is maybe already answered, but I did some searching and didn't find an obvious answer.

Here's the question: is it cryptographically in principle possible to do P2P exchange of 2 different crypto currencies (say, bitcoin and litecoin) without trusting each other, and without any other kind of escrow mechanism (blocked account, third party...) ?

The naive idea would be something of the kind:

suppose Alice has 200 LTC and would like to exchange it for 2 BTC, and Bob has 2 BTC, and you would like to exchange it for 200 LTC.

Alice can communicate to Bob the LTC address where the 200 LTC are, and Bob can communicate to Alice the BTC address where the 2 BTC are. 

Now, is it possible that Bob sends to Alice an encrypted version of the private key of that BTC address, so that Alice can VERIFY that the encrypted version contains the correct private key for the address, without having access to the key itself ?
If in the same way, Alice sends Bob an encrypted version of the private key for the address containing the 200 LTC, Bob can verify that he has an encrypted version of the right LTC private key ?

And second, is it possible that Alice and Bob exchange incrementally the private encryption keys of the encrypted BTC and LTC private keys, in such a way that they can verify incrementally that these encryption keys are not fake, so that at a certain point, or one of both parties stops sending the pieces of key and then the other party does so too, or both end up sending all of the pieces of key, so that both parties can decrypt the private keys, and submit the corresponding transactions ?

I see the only danger as to submit simultaneously a transaction emptying the address before the other party can submit its transaction.  But that could be solved by slicing up the amount of the exchange in smaller amounts and repeating the action several times.

The point in incrementally exchanging the decryption keys is that in the last step, one party has already sent his entire decryption key, and the other one has still one letter to send, then this is easily solved by a "brute force" attack on only one letter which is not difficult :-)

So, to resume my question: is the above scheme cryptographically feasible in some way, and could it be the basis for a P2P cryptocurrency exchange ?
Jump to: