As our work implementing Discreet Log Contracts (DLCs) continues, we slowly get to see all of their fancy features programmatically brought to life (and even the occasional UI) from their white paper homes. Today I would like to discuss and demonstrate the protection built into DLCs against a kind of oracle lying that is dubbed “equivocation”.
Equivocation refers to the act of telling one client one thing, and a another client something else. Seeing as Discreet Log Contracts can be unilaterally executed by users should they come into possession of an oracle signature, it is not hard to see that equivocation poses a challenge as it triggers a race condition, as well as being a form of oracle dishonesty.
Luckily for us, DLC signatures have a built in feature so that if any user acquires two different signatures for the same event (by the same oracle), then they can trivially compute the oracle’s private signing keys! This means that if we require DLC oracles to publicly stake funds (say on a P2PK or P2PKH address) to their signing keys, then victims of equivocation can steal these funds as retribution. This acts as a dis-incentive to lying (as the staked amount should be significantly more than the average contract) as well as a signal to all other users that foul play has occurred and that parties other than the oracle have access to the oracle’s signing keys.
To learn more about the DLC oracle trust model, see this post. To see the math showing why oracle (Schnorr) signatures leak private key information during equivocation, refer to the section on Schnorr signatures in the cryptography appendix.
Without further ado, here is a demonstration which shows these staked funds (being swept by a user) in action!
If you want to get hands on with DLCs and try executing one on testnet, you will have to set up a Bitcoin-S node first. You can find instructions here. You will then need to follow the DLC execution instructions here. If you run into any issues, do feel free to join our slack and ask for help.
If you are interested in reviewing or contributing to the work-in-progress specification for DLCs, please see this repository. We welcome questions in the form of issues or open PRs if you see something that needs changing!
Join our Suredbits Slack community here.
Get in touch with us Suredbits
Get in touch with Nadav Kohen
All of our API services, for both Cryptocurrency APIs as well as Sports APIs, are built using Lightning technology and the Lightning Network. All API services are live on Bitcoin’s mainnet. Our fully customizable data service allows customers to stream as much or as little data as they wish and pay using bitcoin.
You can connect to our Lightning node at the url:
If you are a company or cryptocurrency exchange interested in learning more about how Lightning can help grow your business, contact us at [email protected].