How we planned to do our own Flipstarter

14 291

Awesome! The Flipstarter was announced and I can't wait to see it working.

Like I said before, we were doing our own "funding" site section before we learned about the fact that @im_uname and @emergent_reasons were working on Flipstarter, at which point we scrapped the project.

I'm intrigued by their "assurance contract" implementation - we don't have that much experience with contracts, so our way was much simpler.

Just for fun, I'll explain our approach.

We took the "blind escrow" contract as the base.

It has four methods ("ways for money to leave the contract"):

  • "pay the seller, signed by the buyer"

  • "refund, signed by the seller"

  • "pay the seller, signed by the arbitrator"

  • "refund, signed by the arbitrator"

The money enters the contract and can leave it one of two ways: to the seller or to the buyer, and one of three "signers" can sign this transaction (the buyer, the seller or the arbitrator, if the buyer and the seller can't agree).

We kept only the last two methods.

So, imagine the person who wants to donate is the "buyer" and the guy who wants some funding is the "seller". We are the "arbitrator".

If somebody wants to pledge $100 - he/she sends it to this simplified "blind escrow" contract (it looks like sending to a regular cash address) and we immediately sign the "refund" transaction and give the signed transaction back to the person who wants to donate - he/she is free to broadcast it at any time to cancel the pledge.

As soon as the server detects that the total amount has been pledged (i.e. all of the pledges add up to some amount that needs to be collected) - our server just broadcasts all of the "pay the seller, signed by the arbitrator" transactions, thereby completing the funding (completely non-custodial, since we can only forward money to the seller or return to the buyer).

We could have also selected to use "pay the seller, signed by the buyer" (instead of signed by us), but it was a bit harder to implement, so a bit more error-prone. Since we're amateurs in this, we've decided to do it the simpler way ("signed by us").

Here's the full contract for anyone curious (in CashScript, hat tip to @rosco) - uses the new Global covenant variables from 0.3.x:

pragma cashscript ^0.3.1;

contract FundingContract(bytes20 recipientPkh, bytes20 funderPkh, 
                         bytes20 arbiterPkh, string nonce) {

    function donate(string nonce2, int fee, pubkey arbiterPk, sig s) {
        require(int(tx.version) >= 2);
        require(nonce == nonce2);
        require(hash160(arbiterPk) == arbiterPkh);
        require(checkSig(s, arbiterPk));
        
        int amount1 = int(bytes(tx.value)) - fee;
        bytes34 out1 = new OutputP2PKH(bytes8(amount1), recipientPkh);
        require(hash256(out1) == tx.hashOutputs);
    }
    
    function refund(string nonce2, int fee, pubkey arbiterPk, sig s) {
        require(int(tx.version) >= 2);
        require(nonce == nonce2);
        require(hash160(arbiterPk) == arbiterPkh);
        require(checkSig(s, arbiterPk));
        
        int amount1 = int(bytes(tx.value)) - fee;
        bytes34 out1 = new OutputP2PKH(bytes8(amount1), funderPkh);
        require(hash256(out1) == tx.hashOutputs);
    }
                    
}

Warning! This is an unaudited Bitcoin Cash contract. We've tested it and it works, but we can't guarantee it's bug-free.

nonce is just some random bytes to generate a new address each time to avoid replay attacks. (Otherwise if the "buyer" sends another amount next month to this same address - somebody could just replay the "donate" call)

donate can only send the full amount minus the transaction fee (see the amount1 check) to the recipientPkh (pubkey hash), whereas refund can only send the full amount back.

pk = public key, pkh = public key hash, funder = the buyer, recipient = the seller

Small note to @rosco: we need a way to spend only a single UTXO in CashScript library, otherwise if somebody sends two times to the same address - the covenant check of the full amount doesn't work. (Imagine somebody sends 1 BCH and 2 BCH, the covenant sees the output as 3 BCH minus the fee, whereas the input is really 1 BCH for one UTXO and 2 BCH for the other, so the contract can't run correctly. We've implemented it by badly editing the CashScript library source, but I'm sure you could find the better way)

5
$ 5.06
$ 1.00 from @emergent_reasons
$ 1.00 from @im_uname
$ 0.50 from @JonathanSilverblood
+ 10
Sponsors of Read.Cash
empty
empty

Comments

Wonderful project. (Great explanation of the ESCROW too. I had visions of a world class ERC-20 ESCROW platform in my someday-maybe list.)

$ 0.00
4 years ago

hello, sorry for the inconvenience, I mentioned you in my last publication and encouraged you to start a same project, could you observe it and give me your opinion please.

https://read.cash/@Mariam/welcome-to-my-new-project-arquidamia-arqui-my-token-slp-created-for-you-8d173fdb

$ 0.00
4 years ago

It's an interesting project and good luck with that, but I'm not sure what to comment on here :)

$ 0.00
4 years ago

This is one of the designs we considered. The problem is that it introduces trust where trust is not strictly necessary. If we allow introduction of trust, this is one of the good options where the UX is much better. It might be a necessary compromise. I really hope we can work together. We are already making it so that anyone can use the code.

$ 0.00
4 years ago

I don't understand where the trust is? In the fact that the arbitrator can force donate before the full amount is collected? I don't think there's anything else an arbitrator can do...

$ 0.00
4 years ago

Just the fact that there is an arbitrator in the first place who has to make a decision. It's not so huge and it is a very arguably good compromise to get better UX. So yeah - don't stop! Or maybe join forces and convince us to change.

$ 0.00
4 years ago

I think it doesn't make sense for you to change it now and for me to offer my opinion, since like I said - we're amateurs in this (BCH contracts). I think it should be launched now as is and then take the user feedback as the guiding mechanism :) I didn't quite understand the "don't stop" remark though - what should we not stop?

$ 0.00
4 years ago

Yes. We are going ahead with the original plan. I can help you with contracts any time. Looks like you know what you are doing though.

Like I said before, we were doing our own "funding" site section before we learned about the fact that @im_uname and @emergent_reasons were working on Flipstarter, at which point we scrapped the project.

This is what I meant by "don't stop". Flipstarter is a beginning, not an end. I hope readcash will continue to think about a funding mechanism.

$ 0.00
4 years ago

As soon as it's somewhat live we'd be happy to provide the feedback and maybe some help with how it works. But I don't see a point in developing a competing product. We're better off providing exposure to important Flipstarter things via read.cash, rather than building something similar.

$ 0.10
4 years ago

💚

$ 0.00
4 years ago

So, can you guys (kickass UI / UX) team up with Flipstarter (once their backend stuff is proven solid) and form a dream team?

Or integrate their OSS stuff back into read.cash so that any article can become a flipstart? The threaded message system for articles is already at least as good as any kickstarter (haven't used that for a while, but as I remember it from way back then).

And comms with users is one of the key aspects of a successful "kickstarter-like".

dreams on

$ 5.10
User's avatar btcfork
This user is who they claim to be.
We have manually verified this user via some other channel.
4 years ago

Yes. This is definitely a possibility.

$ 3.00
4 years ago

Take all my money.

$ 0.00
User's avatar btcfork
This user is who they claim to be.
We have manually verified this user via some other channel.
4 years ago

Here's your eyePhone, sir :)

$ 0.10
4 years ago