Nostr Web Client

Here's my understanding of ARK. I hope nostr:npub18aq8s3z9xl87e74twfk93mljxq6alv4a79yheadx33t9np4g2wkqrtmask can correct me where I mess things up or miss something important :)

Lets ignore getting money into and out of the system for a minute and just talk about what happens once you have money in the system.

In ark, you have a a virtual utxo or a VTXO. The core operation you do is sending a vtxo to someone else

Every 5 seconds the ASP does a coinjoin round. The way you send someone a vtxo is through the coinjoin: you provide an input, they get an output. This happens every 5 seconds so that a mobile user can take out their phone, hit "send" and be done with it. Because coinjoins involve multiple interactive steps for input registration, output registration, and signing, the ASP does them very freqently so that end users dont have to sit there with their phone open for minutes at a time.

At the Ark-layer, the abstraction is that I just send you a vtxo via this coinjoin. Now you have a vtxo and you can hold it, spend it, etc.

What happens at the bitcoin layer is that the ASP created an L1 bitcoin transaction that has one (or more) input and three outputs. The input(s) are provided by the ASP. The outputs are: one for the ASPs change, a "connector output", and a vtxo commitment. the connector output and the vtxo commitment are both CTV commitments to many outputs.

So when I send you vtxos, what that actually means is that in the vtxo-commitment output for that particular coinjoin transaction, there is a spend-path that would let you get your money out onchain after 24 hours (more on this later). This is the unilateral exit path. If I send you money, and you want out of ark, you can reveal a transaction committed to in the vtxo commitment output, and get an onchain payment.

Now, not everyone will want to take onchain payment. Most people will want to take their VTXO and use it in a future pool (coinjoin) transaction to send it to someone else or to self-send it. So, the way that works is when you want to spend your VTXO, you and the ASP sign a 2/2 key path that sends that VTXO to the recipient (via their new VTXO). That transaction also includes an output from the new pools connector commitment. This make the whole thing atomic in a dispute-resolution.

So you have a ton of users who all have VTXOs committed in these outputs. Most want to spend them in ARK. So what happens is the vtxocommitment output can be redeemed onchain by the recipient whenever, can be refunded after two weeks, and can be swept by the ASP after 4 weeks. The idea being that after everyone who is going to claim their onchain funds does, the ASP can sweep that output and use it to fund a new coinjoin/pool round (remember the ASP provides all the inputs, so eventually those inputs should be coming from old pool rounds).

That means that users will need to self-send or move funds every four weeks by creating new vtxos. not a huge deal, but something to build into wallets.

What happens if a user tries to double-spend? well, on the unilateral redeem path, the idea is that if the user has previously signed away that vtxo, then the ASP could reveal that transaction onchain before the user is able to collect their funds.

Because these coinjoins happen every 5 seconds, payment is fast and easy and non-interactive for the receiver. and that coinjoin/pool transaction should end up in the next block. So there is some temporary mempool-doublespend risk where the ASP could double-spend a vtxo between when a payment was sent and when it ends up in a block. You can mitigate that risk by usinga vtxo to pay an LN invoice or something, or just treat it as an unconfirmed transaction and wait for a block.

Overall it's a really interesting design. There are high liquidity requirements (the ASP has to provide onchain liquidity for all the transactions happening in a 4 week perioid until they can sweep old vtxo commitments) and there's the onchain footprint of a 1+ input, 3 output tx every 5 seconds. So we won't have a TON of these, but I think they could be a really interesting way to scale end-user wallets. a hypthetical future might be that end-users use fedimint/cashu type wallets or Ark wallets and then the clearing between ASPs and mints is over lightning.

I think I hit the high-level points. Tell me what I got wrong. Thanks!

Reply to this note

Please Login to reply.

Discussion

Decentony⚡ 2y ago

That's my understanding as well. Thank you for the summary.

Michael Matulef 2y ago

👀

nostr:nevent1qqsvwx0d50p8h0fx8qjalcw839awufh227kwe2p6pyxmr0sefsqc58cppemhxue69uhkummn9ekx7mp0qgsdnpcgf3yrjz3fpawj5drq8tny74gn0kd54l7wmrqw4cpsav3z5fgrqsqqqqqpqvzwc6

Change this if you want 2y ago 💬 2

Why 5 seconds ?

Ryan 2y ago

If I understand the protocol, the ASP does an on-chain transaction for every round. So I guess 5 seconds is fast enough for a payment to be quick on mobile, but slow enough to allow “plenty” of ASPs to operate. Every bit of time you shave is less blockspace available for ASPs.

Tetsu Tamasi 2y ago

By on-chain you mean the ARK chain?

Ryan 2y ago

No. Every five seconds an ASP does a coin join round that results on a transaction on the Bitcoin blockchain.

Tetsu Tamasi 2y ago

But how? Wouldn’t that be tens of thousands of transactions every 10 min? And the costs would be astronomical

Ryan 2y ago

Basically. There’s only room for about 200-300 total ASPs if all of the blocks were taken up entirely with ark transactions.

Tetsu Tamasi 2y ago

I hate and love how you guys make me read more 🤣 GFY

Dimi 2y ago

Customizable default - its so you don’t have to wait 10 mins for a CJ round & can just close the app relatively quickly once you make a payment.

Decentony⚡ 2y ago

There are certain things WabiSabi can't/doesn't solve today such as needing additional blame round to collect signatures after non-cooperative participants. I wonder how Ark is solving that.

Results will definitely benefit wasabi team while providing an off chain alternative.

Dimi 2y ago

What about using JoinMarket?

Decentony⚡ 2y ago

Haven't looked into that yet.

Overall it will be nice to have a proof of concept implementation for testnet.

NCP 2y ago 💬 6

so, if the ASP pushing a new coin join transaction every 5 seconds is the on-chain footprint 1 UTXO per block ie the coinjoin is constantly overwriting from the updated vUTXO info until it confirms, or 120 UTXOs per block ie one for every coinjoin round?

jeff 2y ago

Gonna need a bitcoin.review ep with you and Burak 🤣

Cc #[3]

calle 2y ago 💬 1

Can I ask a million stupid questions?

- what's the connector output?

- why is it a CTV commitment?

- when I send you the vtxo, the ASP updates the vtxo commitment Output such that you can withdraw it?

- what does sending vtxos do with the connector output?

- why does this make the thing atomic and what does it do for dispute resolution (sorry I didn't get that part)

- sending means I do a 2/2 sig with the asp to update the vtxo commitment so it's now yours?

- if I self-send the vtxo to myself every 5 seconds do I DoS the ASP with liquidity requirements?

- double spending: if I double spent a vtxo I've already sent you, by unilaterally exiting, how does the asp prevent that? The asp can sweep my unilateral exit using my vtxo tx that I later did? Do I get punished? Who gets the swept funds?

- if I understand correctly, every pool round must be mined in a block, correct? You can't skip a round, right?

sudocarlos 2y ago

Let's just join Bitcoin Optech Twitter spaces and ask him in a live format

https://twitter.com/i/spaces/1OyJAVeLqraxb

OriginalSize 2y ago

In case these answers are published somewhere by now, is there a link?

simulx 2y ago

This is the first time I understood it thank you so much!

Naruto 2y ago

Why would someone choose Fedi/cahsu over Ark? Better theoretical privacy maybe?