@@ -25,7 +25,7 @@ The SmoothMPCLib consists in two parts:
2525| Protocol | status | branch | Comment | File|
2626| --------:| ---------| :--:| :----| :----|
2727| Onchain Verifier | OK | main | | libSCL_BIP327.sol |
28- | Musig2-secp256k1 | OK | main | | bip327.mjs/ SCL_Musig2.mjs |
28+ | Musig2-secp256k1 | OK | main | | bip327.mjs or SCL_Musig2.mjs |
2929| Musig2-ed25519 | OK | main | | SCL_Musig2.mjs|
3030| Atomic Swaps | In progress | - | | SCL_atomic_swaps.mjs |
3131| Frost| TBD | - | | |
@@ -119,7 +119,7 @@ res is the final results to push onchain. One can check the correctness in front
119119 console.log("check=", check);
120120```
121121
122- # Performing an atomic swap
122+ # Performing an atomic swap (WIP)
123123
124124The description doesn't include the timelock on both chains, which cancel the deposits if Alice and Bob didn't succeed in their withdrawal.
125125Abortion of one of the participant is the only way the protocol shall fail, which is resolved by the timelock condition of withdrawal.
@@ -139,6 +139,41 @@ The sequencing of a Musig2 based atomic swap session is as follow:
139139- knowing $t, S_A1, S_B1$ A computes $S_ {AB}$ the Musig2 signatures of $m_1$ using ` sign_untweak ` , and broadcast it ** on chain** 1.
140140- B reads the value $S_ {AB}$ on chain 1, learns t, then broadcast ** on chain 2** $S_ {AB}(m_2)$ using ` sign_untweak ` on chain 2 to unlock its token.
141141
142+ To reduce the complexity for developpers, the library provides state machine for the initiator and responder of the swap.
143+ Each of the previous exchange between a message from Alice to Bob.
144+
145+ ```
146+ //generating keypairs
147+ let Initiator=new SCL_Atomic_Initiator(curve, signer.curve.Get_Random_privateKey());
148+ let Responder=new SCL_Atomic_Responder(curve, signer.curve.Get_Random_privateKey());
149+
150+ //the transaction unlocking tokens for Alice and Bob, must be multisigned with Musig2
151+ //Alice want to compute msg1 signed by AB
152+ //Bob wants to compute msg2 signed by AB
153+ const tx1=Buffer.from("Unlock 1strkBTC on Starknet to Alice",'utf-8');
154+ const tx2=Buffer.from("Unlock 1WBTC on Ethereum to Bob",'utf-8');
155+
156+
157+ console.log("Initiator Start session");
158+ let Message_I1=Initiator.InitSession(tx1, tx2); //Initiator sends I1 to responder offchain
159+
160+ console.log("Responder Start session");
161+ let Message_R1=Responder.RespondInit(Message_I1);//Respondeur sends R1 to Initiator offchain
162+
163+ console.log("Initiator Partial Sign and tweak");
164+ let Message_I2=Initiator.PartialSign_Tweaked(Message_R1);//Initiator sends I2 to responder offchain
165+ //At this Point Alice and Bob locks the funds to multisig address on chain 1 and chain 2
166+
167+ console.log("Responder Check and Partial Sign");
168+ let Message_R2=Responder.PartialSign(Message_I2);//Respondeur sends R2 to Initiator offchain
169+
170+ console.log("Initiator Signature Aggregation and Unlock");
171+ let UnlockSigAlice=Initiator.FinalUnlock(Message_R2);//final signature to Unlock chain1 token by Initiator
172+
173+ console.log("Responder Signature Aggregation and Unlock");
174+ let UnlockSigBob=Initiator.FinalUnlock(UnlockSigAlice);//final signature to Unlock chain2 token by Responder
175+ ```
176+
142177Note: the protocol requires to broadcast onchain 4 values (2 locked tokens, then two unlocking signatures).
143178
144179### Improving privacy
@@ -152,6 +187,24 @@ The element $t$ shall be as protected as a secret key, to prevent $B$ from steal
152187
153188
154189
190+ # Testing
191+
192+ ## Musig2
193+
194+ Tests can be ran using the following command :
195+ ```
196+ node test_Musig2.mjs
197+ ```
198+ Tests are run against BIP327 reference vectors to unitary test each function.
199+ Then a full Musig2 session is ran using dynamically generated input for each supported curve.
200+
201+
202+ ## Atomic Swap
203+
204+ ## Bridging (WIP)
205+
206+ The ` file test_atomic_bitcoin.js ` aims to provide a full onchain demonstration of a bridging.
207+
155208
156209# Product Roadmap
157210
0 commit comments