you send btc*1 to bob. bob sends BobsBtcToken*1 to you. you go onto the orderbook for BobsBtcTokens and fill a buy order. Nxt appears in your account. Now you find a ltc gateway. Say betty seems the most trustworthy. Fill a sell order for BettysLtcTokens. Receive BettysLtcTokens*X. Send BettysLtcTokens*X to Betty's nxt address with a message containing your ltc address. Wait for ltc to arrive.
It seems overly complicated now but it'll feel natural once it gets rolling and everyone gets used to it. All steps serve their purpose, these extra steps are the cost of decentralization.
If I read this right - 'No escrow' or atomic completion?
so buyer beware....
HOWEVER, I think I might have a way to allow all the gateways to trust each other without any bodily parts being involved. I do need somebody who is familiar with multisig to confirm this, or more likely correct where I am being plain silly.
I do not see a problem with deposits of crypto, the end user sends in the crypto to a deposit address and the gateway sweeps it into an account. The problem is with the withdrawal, eg. since I am proposing all assets that represent BTC be fungible with each other, each gateway needs to have access to potentially all the actual BTC.
So, we have a possible solution where all the gateways sweep into a common account. Wait! If all gateways are able to withdraw from it, then if ANY gateway gets hacked or hypnotized by Evil Bob, all the deposits are gone. Not good at all.
This is where I think multisig comes in. What if the sweep account is a multisig acct. All the gateways can easily sweep into the multisig acct, since it is just a matter of sending coin to the right address. Now on withdraw, if we required the signatures from all gateways to do a withdrawal (or super majority?), then no gateway would be able to take off with the deposits, unless all gateways (or super majority) turn evil at the same time.
No I dont know how multisig works well enough to know if this will work, but IF there is a way to do a safe remote multisig authorization and all the gateways are using the same business logic to approve withdrawals, eg. proper AM was sent with appropriate asset, then I think this could work.
Not totally trustless, but as long as all (or super majority) of gateways dont spontaneously turn evil, I think the community would be able to rely on the federation of gateways.
I hope somebody that knows about multisig and another somebody that knows about secure remote signing will be able to validate this, or fix it so it works
James
P.S. I just figured out that we can use a set of AM's for secure remote signing. Granted it is a lot of AM to send if we had to do it for each withdrawal, so maybe we only invoke this level when the amount is larger than the bond put up by the gateway. I think this is getting close to a real solution. Smart guys, please help!!
just like it only without a central point of weakness
Since nobody that knows exactly how multisig works, I will try to read up on it and see if this really does the trick. If it does, that means we get somewhat decentralized automatic gateways that we can can trust. All the gateway deposits and withdrawals will be publicly viewable, so there are no controversies in that area. If ever anything like lophie is going happened, it would just be a matter of looking in the NXT blockchain, reparse the AM's and find out where it went.
We probably need to have some sort of manual "fix it" mechanism, but this should be a pretty rare event. All the gateways would have to work together to clear this up. Maybe all minus 1, in case one of the gateways goes MIA, wouldn't want all the funds to become inaccessible. Maybe a deadman's switch can be invoked in case one of the gateways goes away and the key delivered to an independent party. I heard about an electronic escrow service that can be setup for this.
Notice that even if one of the gateways goes defunct, nobody loses anything. At that point, the missing gateways passkey would be used one last time to transfer all the funds to a new account with appropriate new multisig signers. So no gateway can withdraw any money that all the other gateways dont approve. It seems safer than any centralized exchange to me, but I hope someone more versed in this stuff will comment.
The more I think about this, the more I think it could work. I just wish I knew more details about how multisig works...
James
Hello guys, I woke up from my slumber
. I had the pleasure to fiddle with multisig a little. What you are suggesting (automatic gateways), are NOT applicable. The closest you can reach to automation is that every stake holder that you require his/her signature must have a signing bot or a signing mechanism that is online 24/7, But then again if it is 100% automated....... which trust 5 and not only one? it would certainly make things faster and easier!If it is about trust then yes, no one can steal and if ONE refused to sign, the coins are as good as burned.
