August 16, 2023
How do DLCs Utilize Schnorr Signatures?
DLCs provide a new layer of confidentiality in blockchain transactions, with outcomes only revealed and validated by an external attestor when necessary.
Digital signatures are a cornerstone in cryptography, and Schnorr signatures have become a staple in this domain. They're known for their efficiency and straightforwardness. Discreet Log Contracts (DLCs) enable multiple potential conditional outcomes by building on Schnorr. Let's explore this through the lens of a loan scenario with just two clear outcomes.
Imagine Alice lends some cryptocurrency to Bob. They agree on two possible outcomes for this loan:
1. Repayment: Bob successfully repays the loan, and the value goes back to Alice.
2. Liquidation: Bob defaults on the loan, and as a result, all the value is transferred to Alice as compensation.
To facilitate this, they decide to use a DLC.
In the traditional Schnorr signature process, a one-time use value, a nonce labeled k, is generated. Using this nonce, a value R is determined by interacting with G, a foundational point of the elliptic curve. Another value, s, is derived from the private key, the message, and the nonce k. The signature then consists of (R, s).
DLCs, however, add a twist to this narrative. Both Alice and Bob have their long-term public keys. Let's focus on Alice's key, labeled A. As they set the terms of their loan, a nonce k is generated, leading to the creation of the value R. DLCs combine Alice's long-term key A with the one-time key R, creating the contract's "public key". The signature is just the value s.
Now, why this DLC approach for the loan? This setup allows Alice and Bob to pre-prepare signatures for both potential outcomes. Also, the specifics of their agreement (repayment or liquidation) remain confidential until the outcome is clear. When the time comes, and it's evident whether Bob has repaid or defaulted, the corresponding signature is revealed, and the contract is executed. Also, by using only the s value as the signature, there's less data to record on the blockchain when the contract concludes.
DLC Settlement
Once the loan scenario between Alice and Bob unfolds and the outcome becomes evident, another pivotal actor enters the stage: the attestor. This entity, distinct from a traditional oracle, operates in a more decentralized fashion, ensuring outcomes are validated without a central point of control.
The attestor intervenes to confirm the outcome of the real-world event, be it repayment or default. Take, for instance, a user who has secured a loan through a DeFi protocol on Ethereum, who then repays their loan. The protocol's smart contract, in tandem with its oracle system, announces the the repayment outcome. The attestor then verifies the outcome on Ethereum chain, and computes a discreet log number that cryptographically corresponds to this outcome. This discreet log number is crafted to unlock one of the signatures that Alice or Bob had pre-signed.
With the discreet log number made public by the attestor, either Alice or Bob can use it to unlock the relevant signature. This signature, when paired with the discreet log number, serves as a cryptographic testament to the outcome, initiating the execution of the contract on the blockchain. The decentralized nature of this process is its standout feature. By leveraging the discreet log number, the system ensures a tamper-resistant mechanism that faithfully reflects real-world events, allowing both Alice and Bob to see the contract through to its agreed conclusion without any undue interference.
In summary, Schnorr signatures serve as the bedrock for cryptographic verification. However, DLCs take this a step further by adapting to real-world scenarios, such as our loan example. This adaptation highlights the flexibility and potential of cryptographic tools in the ever-evolving blockchain landscape, emphasizing both security and practicality.
