skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Cross-chain Transactions
The value of cryptocurrencies is highly volatile and investors require fast and reliable exchange systems. In cross-chain transactions, multiple parties exchange assets across multiple blockchains which can be represented as a directed graph with vertexes V as parties and edges E as asset transfers. In a simple form, cross-chain transactions are cross-chain swaps where each edge e transfers an asset that the head of e already owns. However, in general, a cross-chain transaction includes a sequence of exchanges at each blockchain. Further, transactions may have off-chain steps and hence may not be strongly connected. Given a transaction, protocols are desired that guarantee the following property called uniformity. If all parties conform to the protocol, all the assets should be transferred. Further, if any party deviates from the protocol, the conforming parties should not experience any loss. Previous work introduced a uniform protocol for strongly connected cross-chain swaps and showed that no uniform protocol exists for transactions that are not strongly connected. We present a uniform protocol for general cross-chain transactions with sequenced and off-chain steps when a few certain parties are conforming. Further, we prove a new property called end-to-end that guarantees that if the source parties pay, the sink parties are paid. We present a synthesis tool called XCHAIN that given a high-level description of a cross-transaction can automatically generate smart contracts in Solidity for all the parties.  more » « less
Award ID(s):
1657204 1942711
PAR ID:
10211633
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)
Page Range / eLocation ID:
1 to 9
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. (, Lecture notes in computer science)
    null (Ed.)
    Recently, there has been a lot of interest in studying the transfer of assets across different blockchains in the form of cross-chain atomic swaps. Unfortunately, the current candidates of atomic swaps (hash-lock time contracts) offer no privacy; the identities as well as the exact trade that happened between any two parties is publicly visible. In this work, we explore the different notions of privacy that we can hope for in an atomic swap protocol. Concretely, we define an atomic swap as a two-party protocol and formalize the different notions of privacy in the form of anonymity, confidentiality and indistinguishability of swap transactions. As a building block, we abstract out the primitive of Atomic Release of Secrets ( ARS ) which captures atomic exchange of a secret for a pre-decided transaction. We then show how ARS can be used to build privacy-preserving cross-chain swaps. We also show that the recently introduced notion of adapter signatures [Poe18, War17] is a concrete instantiation of ARS under the framework of Schnorr signatures [Sch91] and thus, construct a private cross-chain swap using Schnorr signatures. 
    more » « less
  2. ; ; ; (, Schloss Dagstuhl – Leibniz-Zentrum für Informatik)
    Mestre, Julián; Wirth, Anthony (Ed.)
    In his 2018 paper, Herlihy introduced an atomic protocol for multi-party asset swaps across different blockchains. Practical implementation of this protocol is hampered by its intricacy and computational complexity, as it relies on elaborate smart contracts for asset transfers, and specifying the protocol’s steps on a given digraph requires solving an NP-hard problem of computing longest paths. Herlihy left open the question whether there is a simple and efficient protocol for cross-chain asset swaps in arbitrary digraphs. Addressing this, we study HTLC-based protocols, in which all asset transfers are implemented with standard hashed time-lock smart contracts (HTLCs). Our main contribution is a full characterization of swap digraphs that have such protocols, in terms of so-called reuniclus graphs. We give an atomic HTLC-based protocol for reuniclus graphs. Our protocol is simple and efficient. We then prove that non-reuniclus graphs do not have atomic HTLC-based swap protocols. 
    more » « less
  3. ; (, Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing)
    null (Ed.)
    A sore loser attack in cross-blockchain commerce rises when one party decides to halt participation partway through, leaving other parties' assets locked up for a long duration. Although vulnerability to sore loser attacks cannot be entirely eliminated, it can be reduced to an arbitrarily low level. This paper proposes new distributed protocols for hedging a range of cross-chain transactions in a synchronous communication model, such as two-party swaps, n-party swaps, brokered transactions, and auctions. 
    more » « less
  4. ; ; ; (, Financial Cryptography and Data Security)
    Bitcoin, Ethereum and other blockchain-based cryptocurrencies, as deployed today, cannot support more than several transactions per second. Off-chain payment channels, a “layer 2” solution, are a leading approach for cryptocurrency scaling. They enable two mutually distrustful parties to rapidly send payments between each other and can be linked together to form a payment network, such that payments between any two parties can be routed through the network along a path that connects them. We propose a novel payment channel protocol, called Sprites. The main advantage of Sprites compared with earlier protocols is a reduced “collateral cost,” meaning the amount of money × time that must be locked up before disputes are settled. In the Lightning Network and Raiden, a payment across a path of ` channels requires locking up collateral for Θ(`∆) time, where ∆ is the time to commit an on-chain transaction; every additional node on the path forces an increase in lock time. The Sprites construction provides a constant lock time, reducing the overall collateral cost to Θ(` + ∆). Our presentation of the Sprites protocol is also modular, making use of a generic state channel abstraction. Finally, Sprites improves on prior payment channel constructions by supporting partial withdrawals and deposits without any on-chain transactions. 
    more » « less
  5. ; (, PODC'21: Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing)
    In recent years, many different cryptocurrencies have risen in popularity. Since coins vary in fiat value and functionality, it has become important to securely exchange between them. A common exchange method is hashed timelock contracts (HTLC). However, this method did not support brokerage transactions that allow parties to leverage assets they gain during the transaction. We consider HTLC with brokering. The transaction fees for HTLC is a direct function of the size of the leader set. Thus, brokers are interested in finding the minimum leader set of a given transaction graph. We show that finding the minimum leader set on general transaction graphs with brokering is NP-hard. We then introduce flower transaction graphs, a common type of transaction graphs with brokering, and show that finding the minimum leader set of a flower graph is also NP-hard through a reduction from the knapsack problem. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email