Easy escrow (atomic contract swap)


Nothing could be easier now than to make guaranteed, escrow-like exchange contracts. With the help of batch contracts, it became a rather trivial and straightforward task.

Lets suppose, Bob has 0.1 uETH and it wants to buy 500 UTN from Alice.

Procedure

Step 1. Bob starts the deal.

Bob creates a split from his uETH token (for example, initially he has 1 uETH), then he creates a payment contract (split) with amounts of 0.1 for Alice and 0.9 (the rest) for himself. The trick is: Bob does not sign these coins, but sets his creator addresses in it.

Then, he wraps it into a contract batch and sends it to Alice, still not signed. We often name this contract type (batch) a compound contract or just the compound.

Step 2. Alice receives the Bob’s compound

Alice check the Bob’s payment in it — the amount, the address (is the address really belongs to herself?), and, if it is ok with her, she adds her coin: 500 UTN for Bob. It could be a token of 500 UTN or a split with some rest back to her, no matter.

Now she puts the 500 UTN for Bob to the compound without signing it! It is just present to the compound contract, so noone can’t extract the token from it and register it — because it is still not signed, Bob can do nothing with it without Alice key.

But Alice signs the compound contract. It is completely safe to her, because the compound also contains payment from Bob, so Bob could not able to register the compound without signing it with his key (otherwise the Universa network will decline it). And if Bob properly signs it, only then he could register it; but he therefore will also register and confirm his payment to Alice.

Step 3. Bob checks the Alice addition to the compound.

Bob examines what Alice just send him back and checks whether she has added what he actually wanted to buy. He also checks the owner address of it (does it really belongs to him?). At this point Bob can not alter any part of the compound without ruining Alice’s signature, so if something is wrong, he can only return to step 1 and send the compound back to Alice for further negotiations.

If everything is OK Bob sign it with his key and registers it with the Universa network (or sends it to Alice for registration; or somehow else registers it with the Universa network). As soon as the network approves the compound, it will approve their new possessions as well, in the same atomic operation.

So we have a real escrow out of the box without any service or line of code: either both them exchange their property the way they had signed in the contract, or nothing changes at all.

Key points of the escrow deal

  • neither Bob nor Alice can cheat and get the asset of their opponent while not providing their asset;
  • if either of them skips signing the compound, the Universa network will reject it. In this case they can reclaim their original assets and use it in any way they like;
  • if they will both sign the compound, they can register it, but the registration will transfer ownership of both items at once in a single atomic operation;
  • both them are guaranteed to have a copy of their purchases. Alice’s new assets are delivered to her during the step 2: in the compound she had signed, there was a valid copy of her future purchase, so when the compound is mutually signed and registered, it will become approved. Bob in turn will receive his piece in the contract returned by Alice.

Further explanations

This has been made possible since Universa v3.7 (and newer) release, as the network now recognises the containing contract signatures for the new items included in it.

In fact, if the Bob would have to sign his token for Alice, then Alice could just register it and leave him holding the bag! the same is true for Alice — she should not sign the token for Bob or he could double-cross her by extracting and registering his token.

Now both them can put the unisigned contracts as new items, and sign only the base contract (the compound). It is safe as the compound requires all its new items to be OK, e.g. signed either directly or the corresponding signatures should appear in the containing contract, the compound. Noreover, while adding signatures to the compound contract effectively alter its ID, it does not change new items include into it, so their IDs are remain valid and same after the registration of the compound contract.

You can look the working sample of the idea in the UUTN service, where the purchasing contract is added just to the payment contract the same way as described above.

See also batch contracts for more details.