ERC-2266: Atomic Swap-based American Call Option Contract Standard

Metadata
Status: Last CallStandards Track: ERCCreated: 2019-08-17
Authors
Runchao Han (runchao.han@monash.edu), Haoyu Lin (chris.haoyul@gmail.com), Jiangshan Yu (jiangshan.yu@monash.edu)
Links
GitHub pageDiscussion on Ethereum Magicians

Simple Summary

A standard for token contracts providing Atomic Swap-based American Call Option functionalities.

Abstract

This standard provides functionality to make Atomic Swap-based American Call Option payment. The Atomic Swap protocol based on Hashed Time-Locked Contract (HTLC) 1 has optionality 2, and such optionality can be utilised to construct American Call Options without trusted third party. This standard defines the common way of implementing this protocol. In particular, this EIP defines technical terms, provides interfaces, and gives reference implementations of this protocol.

Motivation

Atomic Swap allows users to atomically exchange their tokens without trusted third parties while the HTLC is commonly used for the implementation. However, the HTLC-based Atomic Swap has optionality. More specifically, the swap initiator can choose to proceed or abort the swap for several hours, which gives him time for speculating according to the exchange rate. A discussion2 shows that the HTLC-based Atomic Swap is equivalent to an American Call Option in finance. On the other hand,thanks to such optionality, the HTLC-based Atomic Swap can be utilised to construct American Call Options without trusted third party. A paper3 proposes a secure Atomic-Swap-based American Call Option protocol on smart contracts. This protocol not only eliminates the arbitrage opportunity but also prevents any party from locking the other party's money maliciously. This EIP aims at providing the standard of implementing this protocol in existing token standards.

Specification

The Atomic Swap-based American Call Option smart contract should follow the syntax and semantics of Ethereum smart contracts.

Definitions

  • initiator: the party who publishes the advertisement of the swap.
  • participant: the party who agrees on the advertisement and participates in the swap with initiator.
  • asset: the amount of token(s) to be exchanged.
  • premium: the amount of token(s) that initiator pays to participant as the premium.
  • redeem: the action to claim the token from the other party.
  • refund: the action to claim the token from the party herself/himself, because of timelock expiration.
  • secrect: a random string chosen by initiator as the preimage of a hash.
  • secrectHash: a string equals to the hash of secrect, used for constructing HTLCs.
  • timelock: a timestamp representing the timelimit, before when the asset can be redeemed, and otherwise can only be refunded.

Storage Variables

swap

This mapping stores the metadata of the swap contracts, including the parties and tokens involved. Each contract uses different secretHash, and is distinguished by secretHash.



initiatorAsset


This mapping stores the detail of the asset initiators want to sell, including the amount, the timelock and the state. It is associated with the swap contract with the same secretHash.




participantAsset


This mapping stores the details of the asset participants want to sell, including the amount, the timelock and the state. It is associated with the swap contract with the same secretHash.




premiumAsset


This mapping stores the details of the premium initiators attach in the swap contract, including the amount, the timelock and the state. It is associated with the swap contract with the same secretHash.




Methods


setup


This function sets up the swap contract, including the both parties involved, the tokens to exchanged, and so on.




initiate


The initiator invokes this function to fill and lock the token she/he wants to sell and join the contract.




fillPremium


The initiator invokes this function to fill and lock the premium.




participate


The participant invokes this function to fill and lock the token she/he wants to sell and join the contract.




redeemAsset


One of the parties invokes this function to get the token from the other party, by providing the preimage of the hash lock secret.




refundAsset


One of the parties invokes this function to get the token back after the timelock expires.




redeemPremium


The participant invokes this function to get the premium. This can be invoked only if the participant has already invoked participate and the participant's token is redeemed or refunded.




refundPremium


The initiator invokes this function to get the premium back after the timelock expires.




Events


SetUp


This event indicates that one party has set up the contract using the function setup().




Initiated


This event indicates that initiator has filled and locked the token to be exchanged using the function initiate().




Participated


This event indicates that participant has filled and locked the token to be exchanged using the function participate().




PremiumFilled


This event indicates that initiator has filled and locked premium using the function fillPremium().




InitiatorAssetRedeemed/ParticipantAssetRedeemed


These two events indicate that asset has been redeemed by the other party before the timelock by providing secret.






InitiatorAssetRefunded/ParticipantAssetRefunded


These two events indicate that asset has been refunded by the original owner after the timelock expires.






PremiumRedeemed


This event indicates that premium has been redeemed by participant. This implies that asset is either redeemed by initiator if it can provide the preimage of secrectHash before  asset timelock expires; or refunded by participant if asset timelock expires.




PremiumRefunded


This event indicates that premium has been refunded back to initiator, because of participant doesn't participate at all, by the time of premium timelock expires.




Rationale


    

  • To achieve the atomicity, HTLC is used.
    • 

  • The participant should decide whether to participate after the initiator locks the token and sets up the timelock.
    • 

  • The initiator should decide whether to proceed the swap (redeem the tokens from the participant and reveal the preimage of the hash lock), after the participant locks the tokens and sets up the time locks.
    • 

  • Premium is redeemable for the participant only if the participant participates in the swap and redeems the initiator's token before premium's timelock expires.
    • 

  • Premium is refundable for the initiator only if the initiator initiates but the participant does not participate in the swap at all.
    • 



Security Considerations


    

  • The initiateTimestamp should cover the whole swap process.
    • 

  • The participant should never participate before the premium has been deposited.
    • 



Backwards Compatibility


This proposal is fully backward compatible. Functionalities of existing standards will not be affected by this proposal, as it only provides additional features to them.


Implementation


Please visit here to find our example implementation.


Copyright


Copyright and related rights waived via CC0.


References


Footnotes


    

  1. 

    Hash Time Locked Contracts 
    

    2. 

  2. 

    An Argument For Single-Asset Lightning Network  2
    

    3. 

  3. 

    On the optionality and fairness of Atomic Swaps 
    

    4.