Jump to content

Revocable Sequence Maturity Contracts

From Wikiversity

A revocable sequence maturity contract is a special output script within a bitcoin transaction that allows a sender to be able to revoke a payment. The main use case for such a contract is within the Lightning Network in which the revocation of transactions is used in breach remedy transactions to be able to invalidate previously negotiated channel balance and commitment transactions.

The SigScript which encodes a RSMC looks like this:

 OP_IF 
    144 OP_CHECKSEQUENCEVERIFY
    OP_HASH160 <Bob's key>  OP_EQUALVERIFY OP_CHECKSIG 
 OP_ELSE 
    2 <Alice's secret revocation key><Bob's secret revocation key> 2 OP_CHECKMULTISIGVERIFY 
 OP_ENDIF

The semantics of this script are that the output created by the transaction having this Script can only be spend by Bob after 144 blocks. If however if Alice and Bob work together providing their secrete key the output can be spent more quickly. In the case of the lightning network this SigScript will be one output in the. If a new balance is negotiated which means that a news commitment transaction is created the old one is invalidated by Bob sharing his secret revocation key with Alice.

The key alone is of no use for alice. Since she could only claim the output if Bob publishes his old commitment transaction. If he however does so in the frist 144 blocks after publishing Alice will control the unspent output of this commitment transaction.