I'm in the process of trying to code up a toy PathCoin prototype

https://gist.github.com/AdamISZ/b462838cbc8cc06aae0c15610502e4da

No trivial endeavour, even a toy version, but, here's something I realized while doing it: if you have a path A->B->C->D->E, then having B pay D instead of C is pretty feasible, and in quite an elegant way: C runs an external (e.g. in the cloud) service that stores the data that she *would* send to D, if she was paying D. This would be, basically, all of her partial signatures on D's spending path and E's spending path (i.e. further down the line), plus, the adaptor signature on her own spending path, that allows D to claim the penalty if she cheats. (sorry for short version, but you have to read the gist really).

Now, that clump of data she could store in the cloud, *encrypted* to B's key. If B requests to access the encrypted blob, her cloud server sends her a message "this pathcoin is no longer spendable" and she basically deletes it all (she never had it), while B can take that data, decrypt it and send it to D without further interaction.

This way you can hop steps in the path with basically zero interaction, and certainly no signing interaction. (I mused a bit about this in the gist comments, but this is a concrete explanation).

The nice thing is it's very safe to store that data, the only danger is if C somehow doesn't know that B accessed it, then tried to spend the coin after receiving from B, and revealed the adaptor secret, so B could claim C's fidelity bond. But that seems pretty simple to avoid.

Hope that helps the ~ 1-2 people who find this interesting, lol.