DLCs are typically thought to be used for betting. Alice & Bob want to speculate on an event, and have bitcoin payouts rewarded to them if they bet correctly. The oracle determines what event occurred and produces attestations representing that outcome.

Recently I had a conversation with a friend about implementing recurring subscriptions with Discreet Log Contracts. At a high level, you should think about this working like ACH. If you are purchasing a subscription from Netflix, they will deduct $20 from your bank account every month. To do this, you give them your credit card information.

You can do this with Discreet Log Contracts. It requires a slightly modified DLC setup. Netflix would create an oracle representing a monthly subscription. They require that users setup DLCs to them that will be executed at the end of the month. Alice, a subscriber to Netflix, creates a unilaterally funded DLC to Netflix. She creates adaptor signatures for her payment and sends them to Netflix.

No bitcoin transaction is required to create this subscription since the DLC is unilaterally funded. Alice can “cancel” the subscription at any time by spending from the utxo she is using to fund the DLC.

At the end of the month, Netflix attests that it is time to charge Alice for her subscription. Netflix takes its own attestation and decrypts Alice’s adaptor signature to get her signature to send funds to Netflix. Netflix publishes the settlement transaction for the DLC which pays Netflix it’s subscription fee for the next month. Netflix also publishes a new announcement for next month so that Alice can create a new DLC subscription.

The information Alice is required to send Netflix is

  1. Her utxo used to fund the DLC
  2. Her adaptor signature representing her monthly subscription to netflix.

Netflix must verify the adaptor signatures are correct and the utxo exists.

Here is an image of the flow courtesy of @lunaticoin

Why is this useful?

It’s very convenient for a user to give access to withdraw a certain amount of money from a bank account at a given time in the future. This is how recurring payments work in tradfi. This brings the same principle to bitcoin payments.

DLCs also give you the power to specify how much the service can withdraw. For instance, with Netflix, they shouldn’t have the ability to withdraw thousands of dollars worth of bitcoin. The monthly service fee is $20. With DLCs, you can cryptographically enforce that they will only receive $20. They cannot withdraw more or less money than they are authorized to.

There may be concerns about Netflix being both the oracle and the entity receiving a monthly payment. I would argue this is mitigated by the fact that the service provider could steal at most one months worth of service fees for users of the subscription. After users get scammed once, they will cancel their future subscription and distrust the service. The key feature is the amount of money in the subscription is predetermined, thus the oracle cannot withdraw excess funds if they are evil.

Q&A

Does the DLC use a 2 of 2 multisig between Netflix and Alice?

No, the DLC is unilaterally funded by Alice. This allows her to create the subscription without an onchain transaction, and also allows her to cancel the subscription at any time. She cancels the subscription by spending the utxo.

Can Netflix steal all the money in the funding output?

No, Alice’s adaptor signatures allow Netflix to withdraw a specific amount of bitcoin. The change is sent back to an address Alice controls. Both of these outputs are protected by the adaptor signature.

Is there a perverse incentive for Netflix to be the oracle and receive the subscription?

The most Netflix can steal in this setup is one months worth of subscription fees across the entire customer base. In this setup, Alice is accepting that risk for the convenience of auto withdrawals from her bitcoin wallet. Remember, Alice can cancel the subscription at any time she wants by spending from the funding utxo.

 

 

 

Post comment