OP-DLC 2: Great truths are always simple.

1. Introduction

In 2018, Tadge Dryja from MIT proposed a contract execution framework based on an oracle – Discreet Log Contract (DLC). This framework allows both parties to make conditional payments based on predefined conditions by pre-determining possible outcomes and pre-signing them, executing payments when the oracle signs the results. DLC not only ensures the security of Bitcoin deposits but also opens up new possibilities for decentralized financial applications.

Previous research summarized the advantages of DLC in terms of privacy protection, complex contracts, and asset risk, while also pointing out the issues it faces such as key risks, decentralized trust risks, and collusion risks. To address these problems, researchers have attempted to introduce solutions like decentralized oracles, threshold signatures, and optimistic challenge mechanisms. However, because DLC involves multiple parties, the defense strategies become complex and do not adhere to the principle of "simplicity is the ultimate sophistication."

In the Bitcoin system, the actions of all participants are realized through UTXO. Therefore, ensuring the correctness of UTXO can defend against any attack. Similarly, in DLC, all actions are completed through CET (Contract Execution Transaction). By introducing an optimistic challenge mechanism to ensure the correctness of CET, various attacks can be effectively prevented. Specifically, oracles need to stake 2BTC to sign CET and incorporate the optimistic challenge mechanism into CET. If CET is not challenged or successfully responds to a challenge, it is considered correct and settled, allowing the oracle to release the stake and earn a fee. Conversely, if the oracle acts maliciously, anyone can successfully challenge, resulting in CET being unable to settle, and the oracle losing the stake and the right to sign that CET. This concise and effective mechanism reflects the design philosophy of 'Simplicity is the ultimate sophistication.'

2. DLC Principles

Alice and Bob entered into a betting agreement: to bet whether the hash value of the ξ-th block is odd or even. If it is odd, Alice wins and extracts the assets; if it is even, Bob wins and extracts the assets. DLC passes the information of the ξ-th block through an oracle, constructs conditional signatures, and ensures that the winning party receives all the assets.

The main steps of DLC include:

1. Capital injection transaction: Alice and Bob jointly create a capital injection transaction, each locking 10BTC in a multi-signature output.

2. Build CET: Both parties create CET1 and CET2 for funding injection transactions.

3. Oracle Calculation: The oracle calculation commits to and relates parameters.

4. Settlement: The oracle signs the corresponding CET based on the hash value of the ξ-th block.

5. Withdrawal: The winning party calculates the new private key and withdraws the locked BTC.

Research has found that all actions in the DLC must be implemented through CET. Therefore, by using the optimistic challenge mechanism to ensure the correctness of CET, it is possible to withstand any attacks. Incorrect CETs will be challenged and prevented from execution, while correct CETs will be executed. In addition, oracles must bear the cost of malicious behavior.

3. OP-DLC 2

OP-DLC includes the following five key provisions:

1. The oracle is composed of a consortium, and any member can sign CET. The oracle needs to stake 2 BTC to publish signatures and earn transaction fees. Malicious actors will lose their stake. Alice and Bob can also become oracles to achieve minimal trust.

2. If the oracle maliciously modifies the results, any participant can initiate a challenge.

3. The honestly signed CET can be correctly settled after a week. The oracle receives a reward of 0.05 BTC as compensation.

4. Anyone can challenge the oracle's signature. Honest signatures will execute settlement after one week, unlocking the stake of the oracle and earning transaction fees. Dishonest signatures will result in the oracle losing its stake and will not be able to initiate a signature with the same result for the DLC contract.

5. The challenge in OP-DLC is that it is permissionless, allowing any participant to oversee the correctness of the contract execution, thereby minimizing trust in the oracle. Unlike the Lightning Network, Alice and Bob can operate offline, as honest signatures are required to settle CET, while malicious oracles will be punished.

The advantages of OP-DLC include:

• High asset control system, users can only trust themselves.
• High capital utilization rate, users do not need to provide an equivalent amount of capital.
• The signable oracle is determined upon deposit, and users can become oracles.

Disadvantages include:

• Withdrawal time takes one week.
• The number of pre-signed transactions has a linear relationship with the number of CET, growing rapidly.

4. Conclusion

The OP-DLC introduces an optimistic challenge mechanism in CET to ensure the correct execution of CET and prevent erroneous CET, while also punishing malicious oracles. This design effectively defends against various attacks and demonstrates a simple yet elegant solution.