I am designing an cross-chain atomic swap in a custom blockchain – Protoblock. I think it can be done as long as Protoblock knows how to parse p2pkh bitcoin transactions. The critical part is being able to “reverse” things when it sees a double spend.
- Alice has 1 Bitcoin
- Bob has 100 Fantasybit
- Alice will swap 1 BTC for Bobs 100 FB
Step1) Bob signs a Protoblock “Swap” transaction(TX1a) that contains an unsigned bitcoin transaction(TX1b) that must have 1. a ScriptSig input with p2pkh from Alice(bitcoin-address) and 2. a p2pkh output to Bob(bitcoin-address)
Step2) 100 FB of Bobs is locked for 24 hours or until…
Step3) a Protoblock transaction(TX2a) is seen that contains the signature for TX1b and TXID(TX1a)
Step4) 100 FB is transferred to Alice and is locked for 24 hours or until…
Step5) a Protoblock transaction(TX3a) is seen that contains a signed bitcoin transaction(TX2b) that has 1. the same ScriptSig input(s) with p2pkh from Alice(bitcoin-address) as TX1b and 2. an output that is NOT a p2pkh output to bob(bitcoin-address)
Step6) 100 FB is sent back to Bob, the same state as before Step1
The reason for Step5 is that, a signed bitcoin transaction is not enough to prove that Bob received the bitcoin from Alice, because Alice could just sign the transaction, but not spend it to bitcoin, and just double spend it.
However, Bob will see that Alice spent the input and will create TX3a that gives him back his 100 Fantasybit. In fact, anyone can be watching bitcoin and create TX3a as a service for Bob.
Question: is there a way that Alice can spend the same inputs from TX1b, that will be undetectable with above algo?
Note: the bitcoin transaction with the outputs for the TX1b inputs, will be created by the wallet software doing the atomic swap. So Alice will first have to send her 1 Bitcoin to herself to make sure its a simple p2pkh. Here is the Protoblock code that creates the p2pkh outputs and bitcoin tx: