Enhancing Bitcoin Transactions with Covenants

@inproceedings{OConnor2017EnhancingBT,
  title={Enhancing Bitcoin Transactions with Covenants},
  author={Russell O'Connor and Marta Piekarska},
  booktitle={Financial Cryptography Workshops},
  year={2017}
}
Covenants are Bitcoin Script programs that restrict how funds are allowed to be spent. In previous work [9], Moser et al. implemented covenants with a new Script operation that allows one to programmatically query the transaction. In this paper, we show that covenants can be implemented with a new CHECKSIGFROMSTACK operation that verifies a signature for a message passed as an argument. When the same public key and signature is used together with CHECKSIG, one can recover transaction data… 

Bitcoin covenants unchained

This paper proposes a formal model of covenants, which can be implemented with minor modifications to Bitcoin, and uses it to specify some complex Bitcoin contracts, and discusses how to exploit covenants to design high-level language primitives for Bitcoin contracts.

Bitcoin Covenants: Three Ways to Control the Future

The comparison shows precisely how soft-fork proposals improve the practicality of bitcoin covenants, through non-interactive enforcement and tighter cryptographic assumptions, to enhance custody protocols and enable some adversarial applications such as payment protocols.

BitML: A Calculus for Bitcoin Smart Contracts

We introduce BitML, a domain-specific language for specifying contracts that regulate transfers of bitcoins among participants, without relying on trusted intermediaries. We define a symbolic and a

Renegotiation and Recursion in Bitcoin Contracts

This paper extends BitML with a new primitive for contract renegotiation, and this primitive can be used to write recursive contracts, which was not possible in the original BitML.

Developing secure bitcoin contracts with BitML

The toolchain is based on BitML, a recent domain-specific language for smart contracts with a computationally sound embedding into Bitcoin, and automatically verifies relevant properties of contracts, ensuring that funds do not remain frozen within a contract forever.

Custody Protocols Using Bitcoin Vaults

It is shown that vault-custody protocols enable the wallet owner to specify their desired balance for an inherent trade-off between the security of and accessibility of bitcoin holdings by adjusting the length of time-locks used.

SoK: unraveling Bitcoin smart contracts

This paper presents a comprehensive survey of smart contracts on Bitcoin, in a uniform framework based on a new formal specification language for smart contracts, which also helps to highlight some subtleties in existing informal descriptions, making a step towards automatic verification.

A formal model of Bitcoin transactions

We propose a formal model of Bitcoin transactions, which is sufficiently abstract to enable formal reasoning, and at the same time is concrete enough to serve as an alternative documentation to

Verification of recursive Bitcoin contracts

This work addresses the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion, and implements a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin.

Verifying liquidity of recursive Bitcoin contracts

This work addresses the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion, and implements a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin.

References

SHOWING 1-10 OF 24 REFERENCES

Bitcoin Covenants

It is shown how covenants enable vaults, which disincentivize key theft by preventing an attacker from gaining full access to stolen funds, and how Bitcoin-NG can be implemented progressively as an overlay on top of the Bitcoin blockchain.

Enabling Blockchain Innovations with Pegged Sidechains

Since the introduction of Bitcoin[Nak09] in 2009, and the multiple computer science and electronic cash innovations it brought, there has been great interest in the potential of decentralised

Amortizing Secure Computation with Penalties

This work designs a protocol that implements l = poly}(λ) instances of secure computation with penalties where the total number of calls to FCR* is independent of l, and improves on the efficiency of these constructions by amortizing the cost over multiple executions of secure computations with penalties.

BIP112: Checksequenceverify. Bitcoin Improvement Proposal

  • BIP112: Checksequenceverify. Bitcoin Improvement Proposal
  • 2015

BIP 144 : Segregated witness ( peer services )

  • 2016

Re: Transactions and Scripts: DUP HASH160 ... EQUALVER- IFY CHECKSIG. https://bitcointalk.org/index.php?topic=195

  • Re: Transactions and Scripts: DUP HASH160 ... EQUALVER- IFY CHECKSIG. https://bitcointalk.org/index.php?topic=195
  • 1611

Standards for Efficient Cryptography 2: Recommended Elliptic Curve Domain Parameters

  • Standard SEC2, Certicom Corp., Mississauga, ON, USA
  • 2000

misc changes. https://github.com/bitcoin/bitcoin/commit

  • misc changes. https://github.com/bitcoin/bitcoin/commit
  • 2010

misc changes. https://github.com/bitcoin/bitcoin/commit/ 4bd188c4383d6e614e18f79dc337fbabe8464c82 (Aug 2010), https://bitcoin

  • 2010