Handshake logo

HIP-0004: Interactive Atomic Name Swaps

Abstract

We define a protocol by which two Handshake users can agree on a price for a HNS domain name, and swap the name itself for payment in HNS using a single transaction. The buyer and seller must be able to interact before and during the protocol, and the final transaction is signed by both parties.

Motivation

HNS users need a decentralized, platform-less way to sell the domain names they’ve acquired form on-chain auctions. They need to be able to engage in trustless commerce without third-party custodians to ensure censorship resistance and protect against weak points of centralization.

Specification

  • Alice owns a name and agrees to sell it to Bob for a certain price (they communicate any way possible, not on-chain)
  • Bob sends Alice an address to receive the name
  • Alice signs and broadcasts a TRANSFER covenant committing to Bob’s address
    • At this point, Alice still unilaterally owns the name
    • Bob can see the TX on the blockchain (so can everyone) and confirm his address is in the covenant
    • At any time before the FINALIZE is broadcast, Alice can CANCEL the transfer
      • Bob can see this CANCEL on chain (back to step 1)
      • No money or name is lost by either party if Alice decides to CANCEL, just the two mining fees so far spent by Alice
  • After 288 blocks a FINALIZE is valid, and is constructed cooperatively by both parties
    • Alice can complete her end of the protocol at any time, but Bob can not broadcast the FINALIZE until after 288 blocks
    • Alice may decide to CANCEL if Bob doesn’t complete the FINALIZE within a certain time
      • This is not enforced by the blockchain, it’s just something Alice can do, and should warn Bob about it in step 1
    • Alice constructs and partially signs a FINALIZE that sends value to her own receive address, and consumes the TRANSFER covenant as an input
      • This requires SIGHASH_ANYONECANPAY | SIGHASH_SINGLEREVERSE so that Bob can still add funds
    • Alice sends the serialized, partially-signed FINALIZE to Bob as a hex string
    • Bob decodes the blob, and verifies what he can
      • His address is in the TRANSFER covenant and the FINALIZE output is valid
      • Alice’s signature is valid, and the value output to her address is the agreed price
    • Bob adds funds to the TX inputs and adds a change output if necessary
    • Bob signs his inputs with SIGHASH_ALL
    • Bob broadcasts the final transaction
      • This action transfers the money to Alice and the name to Bob in the same TX
      • Once this TX is confirmed, no rollback of the swap is possible

Implementation

https://github.com/handshake-org/hsd/pull/500

https://github.com/kyokan/bob-wallet/pull/208

HIP:
0004
Status:
Draft
Type:
Standards Track
Created:
Mon, 08 Feb 2021
Last commit:
Mon, 13 Mar 2023
Author:
Matthew Zipkin <pinheadmz@gmail.com>
Edit on GitHub