Step by step instructions: a pledge for transactions in bitcoin
Bitcoin is very convenient and reliable for storing money, but how to conduct transactions in it? Traditional methods include the involvement of a trusted third party. It turns out that bitcoin is so powerful that it is not at all necessary. Below, I will tell you how two people who do not trust each other turn a deal in bitcoin without involving third parties.
First, consider the existing methods.
')
Using this method, we rely on the existing legal mechanisms to protect the seller and buyer from fraud on the part of each other. The principle of exclusion of third parties is violated, the possibility of anonymity is lost, transfer commissions are added. In addition, it is better for the economy of bitcons that transactions are paid directly into bitcoin.
The guarantor is a third party trusted by both parties to the transaction. The buyer gives the money to the guarantor, the seller gives the goods to the guarantor, after which the guarantor gives the money to the seller, and the goods to the buyer. This scheme is also not particularly good. The reputation of the guarantor depends on the number of successful transactions, and the number of transactions increases as reputation increases. It turns out a system with positive feedback, which leads to a reduction in the number of guarantors and the centralization of the system, which I wanted to get rid of.
I mean that there is no place for third parties in the deal. There is a buyer and a seller, there is a bitcoin system. On this self-sufficient system, banks, exchangers, lawyers, guarantors, etc. parasitize every now and then. But the bitcoin protocol already has everything you need to insure transactions.
The algorithm is very simple: both parties transfer money to the pledge. If the transaction is successful, the deposit is returned, otherwise it disappears.
First we need to get acquainted with the concept of multisig-addresses . To withdraw money from a multisig address, several signatures are required. Multisig addresses 2/2 and 2/3 are popular. In the case of the 2/2 address, two of the two signatures are needed; in the case of 2/3, two of the three signatures.
The buyer and seller create a 2/2 multisig address and transfer the security deposit there. None of them will be able to return the deposit without the consent of the other. After this, the actual transaction takes place (we will assume that this is a purchase of goods or provision of services for bitcoin). If the transaction is completed successfully (the buyer received the goods, the seller received payment), then the participants in the transaction take the deposit. If during the transaction there is a conflict or one of the participants disappears, then both lose a pledge.
The parties to the transaction depend on each other. The risk of losing bail is no less a strong argument than the law on which ordinary transactions are held. Not everyone will stop in violation of the law, but no one wants to lose bail. In my opinion, in the economy money is the most powerful argument. It makes no sense to cheat, if this leads to a loss.
For this scheme to work, the amount of the pledge must exceed the price of the goods. Otherwise, the party that first receives the goods or payment may give up on the bail and disappear. It seems to me that the amount of collateral on each side should be 2 times the price of the goods .
Another pitfall: when one participant transferred the deposit to the multisig-address 2/2, the second participant may disappear. It turns out an ugly situation: on the one hand losses, on the other nothing. Fortunately, bitcoin allows you to insure against such unscrupulous customers or pranksters - transferring money to a 2/2 multisig address must take place in a single transaction, signed by both participants. Either both will pay a deposit, or no one will.
The final scheme looks like this:
Let the goods cost 1 BTC. Deposit: 2 BTC on each side.
This scheme with a pledge is a “wrapper” for any transaction. Note that all overheads are reduced to two bitcoin transactions (deposit replenishment and deposit refund). If we consider two more transactions that replenish the wallets involved in the transaction (see the “Preparation” section below), then all the losses associated with the pledge are equal to the 4th bitcoin commission, that is, 0.0004 BTC (approximately 8 rubles at the current rate). If the transaction requires the personal presence of participants, then the actions related to the pledge can be executed before and after a personal meeting. In addition, participants in the transaction will be more comfortable at a personal meeting if they are already bound by a pledge, and not just outsiders. The described method works even when the transaction does not require a personal meeting (example: a resident of one country transfers an intellectual product to a resident of another country). Multiple consecutive transactions can be protected with one pledge.
Graphic programs that I checked do not provide a user-friendly interface for carrying out the two transactions described above (bitcoin-qt and Electrum programs). I decided to search for web solutions and almost immediately found a coinbin web client based on the BitcoinJS library. The client does not depend on the server of the developer and does not store the keys remotely. In addition, coinbin can be downloaded and used locally or downloaded to your server. E-mail and password are used as seed for generating addresses and are not remembered. To create multiple addresses, you must use multiple pairs (E-mail, password). In order not to lose access to the wallet, it is necessary to make a backup of the E-mail and password, for example, in KeePassX .
I was able to complete the transactions necessary for insuring the transaction. Below I will give step by step instructions.
Now the money is pledged and you can proceed to the transaction as such.
If the deal fell through, then both sides lose the pledge. (This is the main idea - to force the other side to faithfully fulfill the terms of the transaction on pain of losing the pledge.) If the transaction is completed successfully, then the pledge must be returned - this is possible only with the consent of both parties.
The money has been moved from the deposit to the receiving addresses of Alice and Bob. The transaction is completed.
This algorithm helps to protect against fraud, since in the case of it, both of them lose their pledge. This protection does not introduce third parties, in contrast to traditional methods. There are almost no overhead costs, except for the need to understand the long algorithm and teach it the other side of the deal. In fact, nothing complicated there: I needed to make a couple of “deals” with myself in order to fully get used to it.
Suggestions for improving the algorithm and software that automates the algorithm to a greater degree are welcome.
Developer GitHub: github.com/OutCast3k/coinbin
Developer Bitcoin address: 1CWHWkTWaq1K5hevimJia3cyinQsrgXUvg
My bitcoin address is: 1CsfihQGy5kg3nnTJLzfmNDiPGqiQgdeMz
UPD . Translation of this article into English.
UPD2 . The project that implements the exchange of P2P bitcoins: www.coinffeine.com . Description of the algorithm. As I understand it, the translation is split into many small parts, which removes the risk of losing a large amount of money, but has its drawbacks. Article about coinffeine in Russian. Thanks danaki for the link.
First, consider the existing methods.
')
Converting bitcoin to ordinary money for purchase
Using this method, we rely on the existing legal mechanisms to protect the seller and buyer from fraud on the part of each other. The principle of exclusion of third parties is violated, the possibility of anonymity is lost, transfer commissions are added. In addition, it is better for the economy of bitcons that transactions are paid directly into bitcoin.
Attracting a guarantor
The guarantor is a third party trusted by both parties to the transaction. The buyer gives the money to the guarantor, the seller gives the goods to the guarantor, after which the guarantor gives the money to the seller, and the goods to the buyer. This scheme is also not particularly good. The reputation of the guarantor depends on the number of successful transactions, and the number of transactions increases as reputation increases. It turns out a system with positive feedback, which leads to a reduction in the number of guarantors and the centralization of the system, which I wanted to get rid of.
How to make a deal without the participation of a third party
I mean that there is no place for third parties in the deal. There is a buyer and a seller, there is a bitcoin system. On this self-sufficient system, banks, exchangers, lawyers, guarantors, etc. parasitize every now and then. But the bitcoin protocol already has everything you need to insure transactions.
The algorithm is very simple: both parties transfer money to the pledge. If the transaction is successful, the deposit is returned, otherwise it disappears.
First we need to get acquainted with the concept of multisig-addresses . To withdraw money from a multisig address, several signatures are required. Multisig addresses 2/2 and 2/3 are popular. In the case of the 2/2 address, two of the two signatures are needed; in the case of 2/3, two of the three signatures.
The buyer and seller create a 2/2 multisig address and transfer the security deposit there. None of them will be able to return the deposit without the consent of the other. After this, the actual transaction takes place (we will assume that this is a purchase of goods or provision of services for bitcoin). If the transaction is completed successfully (the buyer received the goods, the seller received payment), then the participants in the transaction take the deposit. If during the transaction there is a conflict or one of the participants disappears, then both lose a pledge.
The parties to the transaction depend on each other. The risk of losing bail is no less a strong argument than the law on which ordinary transactions are held. Not everyone will stop in violation of the law, but no one wants to lose bail. In my opinion, in the economy money is the most powerful argument. It makes no sense to cheat, if this leads to a loss.
For this scheme to work, the amount of the pledge must exceed the price of the goods. Otherwise, the party that first receives the goods or payment may give up on the bail and disappear. It seems to me that the amount of collateral on each side should be 2 times the price of the goods .
Another pitfall: when one participant transferred the deposit to the multisig-address 2/2, the second participant may disappear. It turns out an ugly situation: on the one hand losses, on the other nothing. Fortunately, bitcoin allows you to insure against such unscrupulous customers or pranksters - transferring money to a 2/2 multisig address must take place in a single transaction, signed by both participants. Either both will pay a deposit, or no one will.
The final scheme looks like this:
Let the goods cost 1 BTC. Deposit: 2 BTC on each side.
- Alice and Bob create a shared 2/2 multisig address that will be used to store the deposit.
- Alice and Bob together sign a transaction that transfers 2 BTC from Alice’s wallet to a multisig address and 2 BTC from Bob’s wallet to a multisig address.
- Actually deal:
- Alice provides Bob with a cost of 1 BTC.
- Bob translates Alice 1 BTC.
- Alice and Bob take a deposit from the multisig addresses to their wallets.
This scheme with a pledge is a “wrapper” for any transaction. Note that all overheads are reduced to two bitcoin transactions (deposit replenishment and deposit refund). If we consider two more transactions that replenish the wallets involved in the transaction (see the “Preparation” section below), then all the losses associated with the pledge are equal to the 4th bitcoin commission, that is, 0.0004 BTC (approximately 8 rubles at the current rate). If the transaction requires the personal presence of participants, then the actions related to the pledge can be executed before and after a personal meeting. In addition, participants in the transaction will be more comfortable at a personal meeting if they are already bound by a pledge, and not just outsiders. The described method works even when the transaction does not require a personal meeting (example: a resident of one country transfers an intellectual product to a resident of another country). Multiple consecutive transactions can be protected with one pledge.
Practical implementation
Graphic programs that I checked do not provide a user-friendly interface for carrying out the two transactions described above (bitcoin-qt and Electrum programs). I decided to search for web solutions and almost immediately found a coinbin web client based on the BitcoinJS library. The client does not depend on the server of the developer and does not store the keys remotely. In addition, coinbin can be downloaded and used locally or downloaded to your server. E-mail and password are used as seed for generating addresses and are not remembered. To create multiple addresses, you must use multiple pairs (E-mail, password). In order not to lose access to the wallet, it is necessary to make a backup of the E-mail and password, for example, in KeePassX .
I was able to complete the transactions necessary for insuring the transaction. Below I will give step by step instructions.
Training
- Alice and Bob get wallets for coinbin
- Look at the keys, write down their private keys, tell each other public keys and addresses
- Make a deposit amount to their coinbin addresses (0.01 BTC from each)
- Alice creates multisig 2/2 address
- Selects the MultiSig Address menu
This form opens:
- Shakes public keys of themselves and Bob
- Records the received address and Redeem Script and sends them to Bob.
- Bob checks Redeem Script
- Selects the Verify section
- Enters Redeem Script and checks public keys, address and Required Signatures = 2
Explanation : Bob knows his public address, and Alice received the public address in step 2. Bob receives the address of the multisig wallet from Alice simultaneously with the Redeem Script. Required Signatures is the number of signatures required to complete an outbound transaction from the multisig address. In this case, this number is 2 (participants in the transaction 2, we need the signatures of both of them).
Putting money as collateral
- Alice prepares a transaction to the address of multisig 2/2 (deposit replenishment)
- Selects the Transaction menu.
- Comes in additional options, unchecks Clear existing inputs ...
- Puts the first paying address (Alice) into Inputs
- Puts in the Inputs the second paying address (Bob)
- Logs in Outputs the address of the multisig 2/2 and the total amount of the deposit minus the bitcoin commission
- Receives Transaction Script and sends it to Bob for verification.
- Bob checks Transaction Script
- Selects the Verify section
- Enters Transaction Script and finds the multisig address and sum in Outputs
- Alice and Bob take turns signing Transaction Script
- Alice chooses the Sign section.
- Alice enters Transaction Script and her private key
- Alice receives a partially signed transaction and sends it to Bob.
- Bob checks the transaction again and makes sure that the destination address and the amount has not changed
- Bob Signs a Transaction(actions are similar to those of Alice, but enters a partially signed transaction)
- Bob checks the transaction again and makes sure that the Signed column is checked everywhere.
- Bob chooses the Broadcast section
- Bob enters Transaction Script and clicks Submit
Now the money is pledged and you can proceed to the transaction as such.
Return of money from the deposit
If the deal fell through, then both sides lose the pledge. (This is the main idea - to force the other side to faithfully fulfill the terms of the transaction on pain of losing the pledge.) If the transaction is completed successfully, then the pledge must be returned - this is possible only with the consent of both parties.
- Alice prepares a transaction from the address multisig 2/2 (return of the deposit)
- Selects the Transaction menu.
- Removes all entrances and exits from the previous transaction
- Puts Redeem Script into the first field (see the Preparation section)
- Logs Outputs Alice and Bob addresses and sums to Outputs
- Receives Transaction Script and sends it to Bob for verification.
- Bob checks Transaction Script (finds its receiving address and amount)
- Alice signs the Transaction Script and sends it to Bob
- Bob checks Transaction Script again (finds his receiving address and amount)
- Bob signs Transaction Script and the result is broadcast.
The money has been moved from the deposit to the receiving addresses of Alice and Bob. The transaction is completed.
findings
This algorithm helps to protect against fraud, since in the case of it, both of them lose their pledge. This protection does not introduce third parties, in contrast to traditional methods. There are almost no overhead costs, except for the need to understand the long algorithm and teach it the other side of the deal. In fact, nothing complicated there: I needed to make a couple of “deals” with myself in order to fully get used to it.
Suggestions for improving the algorithm and software that automates the algorithm to a greater degree are welcome.
Developer GitHub: github.com/OutCast3k/coinbin
Developer Bitcoin address: 1CWHWkTWaq1K5hevimJia3cyinQsrgXUvg
My bitcoin address is: 1CsfihQGy5kg3nnTJLzfmNDiPGqiQgdeMz
UPD . Translation of this article into English.
UPD2 . The project that implements the exchange of P2P bitcoins: www.coinffeine.com . Description of the algorithm. As I understand it, the translation is split into many small parts, which removes the risk of losing a large amount of money, but has its drawbacks. Article about coinffeine in Russian. Thanks danaki for the link.
Source: https://habr.com/ru/post/245791/
All Articles