Here's my understanding of ARK. I hope brock (npub18aq…mask) can correct me where I mess things up or miss something important :)
Lets ignore getting money into and out of the system for a minute and just talk about what happens once you have money in the system.
In ark, you have a a virtual utxo or a VTXO. The core operation you do is sending a vtxo to someone else
Every 5 seconds the ASP does a coinjoin round. The way you send someone a vtxo is through the coinjoin: you provide an input, they get an output. This happens every 5 seconds so that a mobile user can take out their phone, hit "send" and be done with it. Because coinjoins involve multiple interactive steps for input registration, output registration, and signing, the ASP does them very freqently so that end users dont have to sit there with their phone open for minutes at a time.
At the Ark-layer, the abstraction is that I just send you a vtxo via this coinjoin. Now you have a vtxo and you can hold it, spend it, etc.
What happens at the bitcoin layer is that the ASP created an L1 bitcoin transaction that has one (or more) input and three outputs. The input(s) are provided by the ASP. The outputs are: one for the ASPs change, a "connector output", and a vtxo commitment. the connector output and the vtxo commitment are both CTV commitments to many outputs.
So when I send you vtxos, what that actually means is that in the vtxo-commitment output for that particular coinjoin transaction, there is a spend-path that would let you get your money out onchain after 24 hours (more on this later). This is the unilateral exit path. If I send you money, and you want out of ark, you can reveal a transaction committed to in the vtxo commitment output, and get an onchain payment.
Now, not everyone will want to take onchain payment. Most people will want to take their VTXO and use it in a future pool (coinjoin) transaction to send it to someone else or to self-send it. So, the way that works is when you want to spend your VTXO, you and the ASP sign a 2/2 key path that sends that VTXO to the recipient (via their new VTXO). That transaction also includes an output from the new pools connector commitment. This make the whole thing atomic in a dispute-resolution.
So you have a ton of users who all have VTXOs committed in these outputs. Most want to spend them in ARK. So what happens is the vtxocommitment output can be redeemed onchain by the recipient whenever, can be refunded after two weeks, and can be swept by the ASP after 4 weeks. The idea being that after everyone who is going to claim their onchain funds does, the ASP can sweep that output and use it to fund a new coinjoin/pool round (remember the ASP provides all the inputs, so eventually those inputs should be coming from old pool rounds).
That means that users will need to self-send or move funds every four weeks by creating new vtxos. not a huge deal, but something to build into wallets.
What happens if a user tries to double-spend? well, on the unilateral redeem path, the idea is that if the user has previously signed away that vtxo, then the ASP could reveal that transaction onchain before the user is able to collect their funds.
Because these coinjoins happen every 5 seconds, payment is fast and easy and non-interactive for the receiver. and that coinjoin/pool transaction should end up in the next block. So there is some temporary mempool-doublespend risk where the ASP could double-spend a vtxo between when a payment was sent and when it ends up in a block. You can mitigate that risk by usinga vtxo to pay an LN invoice or something, or just treat it as an unconfirmed transaction and wait for a block.
Overall it's a really interesting design. There are high liquidity requirements (the ASP has to provide onchain liquidity for all the transactions happening in a 4 week perioid until they can sweep old vtxo commitments) and there's the onchain footprint of a 1+ input, 3 output tx every 5 seconds. So we won't have a TON of these, but I think they could be a really interesting way to scale end-user wallets. a hypthetical future might be that end-users use fedimint/cashu type wallets or Ark wallets and then the clearing between ASPs and mints is over lightning.
I think I hit the high-level points. Tell me what I got wrong. Thanks!
rot13maxi / Rijndael
npub1mx…u0htc
2023-05-31 19:29:15
Author Public Key
npub1mxrssnzg8y9zjr6a9g6xqwhxfa23xlvmftluakxqatsrp6ez9gjssu0htcPublished at
2023-05-31 19:29:15Event JSON
{
"id": "c719eda3c27bbd263825dfe1c7897aee26ea57aceca83a090db1be194c018a1f",
"pubkey": "d987084c48390a290f5d2a34603ae64f55137d9b4affced8c0eae030eb222a25",
"created_at": 1685561355,
"kind": 1,
"tags": [
[
"p",
"3f4078444537cfecfaab726c58eff23035dfb2bdf1497cf5a68c565986a853ac",
"",
"mention"
]
],
"content": "Here's my understanding of ARK. I hope nostr:npub18aq8s3z9xl87e74twfk93mljxq6alv4a79yheadx33t9np4g2wkqrtmask can correct me where I mess things up or miss something important :) \n\nLets ignore getting money into and out of the system for a minute and just talk about what happens once you have money in the system. \n\nIn ark, you have a a virtual utxo or a VTXO. The core operation you do is sending a vtxo to someone else\n\nEvery 5 seconds the ASP does a coinjoin round. The way you send someone a vtxo is through the coinjoin: you provide an input, they get an output. This happens every 5 seconds so that a mobile user can take out their phone, hit \"send\" and be done with it. Because coinjoins involve multiple interactive steps for input registration, output registration, and signing, the ASP does them very freqently so that end users dont have to sit there with their phone open for minutes at a time.\n\nAt the Ark-layer, the abstraction is that I just send you a vtxo via this coinjoin. Now you have a vtxo and you can hold it, spend it, etc. \n\nWhat happens at the bitcoin layer is that the ASP created an L1 bitcoin transaction that has one (or more) input and three outputs. The input(s) are provided by the ASP. The outputs are: one for the ASPs change, a \"connector output\", and a vtxo commitment. the connector output and the vtxo commitment are both CTV commitments to many outputs. \n\nSo when I send you vtxos, what that actually means is that in the vtxo-commitment output for that particular coinjoin transaction, there is a spend-path that would let you get your money out onchain after 24 hours (more on this later). This is the unilateral exit path. If I send you money, and you want out of ark, you can reveal a transaction committed to in the vtxo commitment output, and get an onchain payment. \n\nNow, not everyone will want to take onchain payment. Most people will want to take their VTXO and use it in a future pool (coinjoin) transaction to send it to someone else or to self-send it. So, the way that works is when you want to spend your VTXO, you and the ASP sign a 2/2 key path that sends that VTXO to the recipient (via their new VTXO). That transaction also includes an output from the new pools connector commitment. This make the whole thing atomic in a dispute-resolution. \n\nSo you have a ton of users who all have VTXOs committed in these outputs. Most want to spend them in ARK. So what happens is the vtxocommitment output can be redeemed onchain by the recipient whenever, can be refunded after two weeks, and can be swept by the ASP after 4 weeks. The idea being that after everyone who is going to claim their onchain funds does, the ASP can sweep that output and use it to fund a new coinjoin/pool round (remember the ASP provides all the inputs, so eventually those inputs should be coming from old pool rounds).\n\nThat means that users will need to self-send or move funds every four weeks by creating new vtxos. not a huge deal, but something to build into wallets. \n\nWhat happens if a user tries to double-spend? well, on the unilateral redeem path, the idea is that if the user has previously signed away that vtxo, then the ASP could reveal that transaction onchain before the user is able to collect their funds. \n\nBecause these coinjoins happen every 5 seconds, payment is fast and easy and non-interactive for the receiver. and that coinjoin/pool transaction should end up in the next block. So there is some temporary mempool-doublespend risk where the ASP could double-spend a vtxo between when a payment was sent and when it ends up in a block. You can mitigate that risk by usinga vtxo to pay an LN invoice or something, or just treat it as an unconfirmed transaction and wait for a block.\n\nOverall it's a really interesting design. There are high liquidity requirements (the ASP has to provide onchain liquidity for all the transactions happening in a 4 week perioid until they can sweep old vtxo commitments) and there's the onchain footprint of a 1+ input, 3 output tx every 5 seconds. So we won't have a TON of these, but I think they could be a really interesting way to scale end-user wallets. a hypthetical future might be that end-users use fedimint/cashu type wallets or Ark wallets and then the clearing between ASPs and mints is over lightning. \n\nI think I hit the high-level points. Tell me what I got wrong. Thanks!",
"sig": "398e40d0e8eb7e57d5de56d58cad25c0ac0a424a14f39e33a45e3ddfee301cb4760c6cc33588f5edb99509272e2e446c8d09cbda8c2b191c8e0b5a6b4149d2f2"
}