{-| Module : Data.Bitcoin.PaymentChannel Description : Bitcoin payment channel library Copyright : (c) Rune K. Svendsen, 2016 License : PublicDomain Maintainer : runesvend@gmail.com Stability : experimental Portability : POSIX In order to set up a payment channel between a sender and a receiver, the two parties must first agree on three parameters for the channel: (1) sender public key (2) receiver public key (3) channel expiration date These parameters are contained in 'ChannelParameters', from which a channel funding address can be derived using 'getFundingAddress'. The transaction which pays to this address is the channel funding transaction, and information about it is contained in a 'FundingTxInfo'. So, the channel funding transaction will contain an output which pays to the address returned by 'getFundingAddress', and once this transaction is created and in the blockchain, a 'SenderPaymentChannel' and 'ReceiverPaymentChannel' instance can be created, after first creating the 'FundingTxInfo' instance. 'FundingTxInfo' contains three pieces of information about the funding transaction: (1) hash/transaction ID (2) index/vout of the funding output (paying to 'getFundingAddress' address), (3) value of the funding output (paying to 'getFundingAddress' address) With 'ChannelParameters' and 'FundingTxInfo', the sender can create a new 'SenderPaymentChannel', plus the first channel payment, using 'channelWithInitialPaymentOf'. 'channelWithInitialPaymentOf' takes two additional arguments: (1) a signing function which, given a hash, produces a signature that verifies against 'cpSenderPubKey' in 'ChannelParameters' (2) the value of the first channel payment The sender will want to use @flip 'Network.Haskoin.Crypto.signMsg' senderPrivKey@ as the signing function, where @senderPrivKey@ is the private key from which 'cpSenderPubKey' is derived. 'channelWithInitialPaymentOf' will return the first channel 'Payment' as well as the new 'SenderPaymentChannel' state. The new state is stored, and the 'Payment' transferred to the receiver. The receiver will now create its own channel state object, 'ReceiverPaymentChannel', using 'channelFromInitialPayment'. 'channelFromInitialPayment' takes the same 'ChannelParameters' and 'FundingTxInfo' as was provided by the sender, and, in addition, the receiver signing function (used to produce the settlement transaction that closes the payment channel), and the first channel 'Payment', received from the sender. The receiver will want to use @flip 'Network.Haskoin.Crypto.signMsg' receiverPrivKey@ as the signing function, where @<receiverPrivKey>@ is the private key from which 'cpReceiverPubKey' is derived. Now the payment channel is open and ready for transmitting value. A new 'Payment' is created by the sender with 'sendPayment', which yields a new payment, that increases the total value transmitted to the receiver by the specified amount, and an updated 'Data.Bitcoin.PaymentChannel.Types.SenderPaymentChannel' state. The receiver will verify and register this 'Payment' on its side using 'recvPayment', which, on success, returns the value received with this payment plus the updated 'ReceiverPaymentChannel' state object. Payments can flow from the sender to receiver until either the channel is exhausted, or getting close to expiration (see important note below). In either case the receiver will use 'getSettlementBitcoinTx' to create the settlement Bitcoin transaction, and publish this transaction to the Bitcoin network. The settlement Bitcoin transaction pays the total value transmitted over the channel to the receiver and the rest back to the sender. __/IMPORTANT:/__ /Channel setup is risk free because the sender can derive a refund Bitcoin transaction/ /using 'getRefundBitcoinTx', which returns the bitcoins used to fund the channel back to the sender./ /This refund transaction, however, is not valid until the expiration date specified in 'ChannelParameters',/ /but it is paramount that the value receiver gets a settlement transaction included in a block/ /before the refund transaction becomes valid. Due to the fact that Bitcoin network time is allowed/ /to drift up to two hours from actual time, and the fact that finding new Bitcoin blocks does not occur/ /according to any schedule, it would be wise for the receiver to publish a settlement transaction at least/ /4 hours before the specified channel expiration time, and possibly earlier, if the receiver wants to/ /be cautious./ -} module Data.Bitcoin.PaymentChannel ( channelWithInitialPaymentOf, sendPayment, channelFromInitialPayment, recvPayment, getSettlementBitcoinTx, getRefundBitcoinTx, getFundingAddress ) where import Data.Bitcoin.PaymentChannel.Internal.Error (PayChanError(..)) import Data.Bitcoin.PaymentChannel.Internal.Types (PaymentTxConfig(..), pcsValueLeft, cpChannelValueLeft) import Data.Bitcoin.PaymentChannel.Internal.State (newPaymentChannelState, updatePaymentChannelState) import Data.Bitcoin.PaymentChannel.Internal.Payment (createPayment, verifyPayment) import Data.Bitcoin.PaymentChannel.Internal.Settlement (getSignedSettlementTx, getSettlementTxHashForSigning) import Data.Bitcoin.PaymentChannel.Internal.Refund (refundTxAddSignature, getRefundTxHashForSigning) import Data.Bitcoin.PaymentChannel.Internal.Util (bitcoinPayPKBS, mapRight) import Data.Bitcoin.PaymentChannel.Util (getFundingAddress) import Data.Bitcoin.PaymentChannel.Types import qualified Network.Haskoin.Crypto as HC import qualified Network.Haskoin.Transaction as HT -- |Create a new 'SenderPaymentChannel'. -- A 'SenderPaymentChannel' object is created by supplying information about -- the channel and the funding transaction, as well as the value of the first payment. -- Returns a new 'SenderPaymentChannel' state object and the first channel payment. channelWithInitialPaymentOf :: ChannelParameters -- ^ Specifies channel sender and receiver, plus channel expiration date -> FundingTxInfo -- ^ Holds information about the transaction used to fund the channel -> (HC.Hash256 -> HC.Signature) -- ^ See 'spcSignFunc' -> BitcoinAmount -- ^ Value of initial payment. Must be greater than or equal to 'minimumInitialPayment' -> (Payment, SenderPaymentChannel) -- ^Initial payment and new sender state object channelWithInitialPaymentOf cp@(CChannelParameters sendPK recvPK _) fundInf@(CFundingTxInfo hash idx chanVal) signFunc amount = let pConf = CPaymentTxConfig (bitcoinPayPKBS sendPK) (bitcoinPayPKBS recvPK) in sendPayment (CSenderPaymentChannel (newPaymentChannelState cp fundInf pConf) signFunc) amount -- |Create new payment of specified value. sendPayment :: SenderPaymentChannel -- ^Sender state object -> BitcoinAmount -- ^ Amount to send (the actual payment amount is capped so that it doesn't overflow the maximum channel value) -> (Payment, SenderPaymentChannel) -- ^ Payment and updated sender state object sendPayment (CSenderPaymentChannel cs signFunc) amountToSend = let valSent = min (pcsValueLeft cs) amountToSend newSenderValue = pcsValueLeft cs - valSent payment = createPayment cs newSenderValue signFunc in case updatePaymentChannelState cs payment of Right newCS -> (payment ,CSenderPaymentChannel newCS signFunc) Left _ -> error "BUG #3: sendPayment should not be able to rewind payments" -- |Produces a Bitcoin transaction which sends all channel funds back to the sender. -- Will not be accepted by the Bitcoin network until the expiration time specified in -- 'ChannelParameters'. Receiver beware of Bitcoin network time drift and the -- unpreditable nature of finding new blocks. getRefundBitcoinTx :: SenderPaymentChannel -- ^Sender state object -> BitcoinAmount -- ^Refund transaction fee -> HT.Tx -- ^Refund Bitcoin transaction getRefundBitcoinTx (CSenderPaymentChannel cs signFunc) txFee = refundTxAddSignature cs txFee $ signFunc $ getRefundTxHashForSigning cs txFee -- |Create new 'ReceiverPaymentChannel'. -- A channel is initialized with various information -- about the payment channel, as well as the first channel payment -- produced by the sender. channelFromInitialPayment :: ChannelParameters -- ^ Specifies channel sender and receiver, plus channel expiration date -> FundingTxInfo -- ^ Holds information about the transaction used to fund the channel -> (HC.Hash256 -> HC.Signature) -- ^ Function which produces a signature, over a hash, which verifies against 'cpReceiverPubKey' -> Payment -- ^Initial channel payment -> Either PayChanError ReceiverPaymentChannel -- ^Receiver state object channelFromInitialPayment cp@(CChannelParameters sendPK recvPK _) fundInf signFunc paymnt = let verifyFunc hash pk sig = HC.verifySig hash sig pk pConf = CPaymentTxConfig (bitcoinPayPKBS sendPK) (bitcoinPayPKBS recvPK) eitherNewState = flip recvPayment paymnt $ CReceiverPaymentChannel (newPaymentChannelState cp fundInf pConf) verifyFunc signFunc in mapRight snd eitherNewState -- |Register, on the receiving side, a payment made by 'sendPayment' on the sending side. -- Returns error if either the signature or payment amount is invalid, and otherwise -- the amount received with this 'Payment' and a new state object. recvPayment :: ReceiverPaymentChannel -- ^Receiver state object -> Payment -- ^Payment to verify and register -> Either PayChanError (BitcoinAmount, ReceiverPaymentChannel) -- ^Value received plus new receiver state object recvPayment rpc@(CReceiverPaymentChannel cs verifyFunc _) paymnt = if verifyPayment cs paymnt verifyFunc then updatePaymentChannelState cs paymnt >>= (\newState -> Right (pcsValueLeft cs - cpChannelValueLeft paymnt, rpc { rpcState = newState })) else Left BadSignature -- |The value transmitted over the channel is settled when this transaction is in the Blockchain. -- The receiver will want to make sure a transaction produced by this function -- is included in a Bitcoin block before the refund transaction becomes valid (see 'getRefundBitcoinTx'). -- The sender can only close the channel before expiration by requesting this transaction -- from the receiver and publishing it to the Bitcoin network. -- Returns NoValueTransferred if no payment has been received yet. getSettlementBitcoinTx :: ReceiverPaymentChannel -- ^Receiver state object -> BitcoinAmount -- ^Bitcoin transaction fee -> Either PayChanError HT.Tx -- ^Settling Bitcoin transaction getSettlementBitcoinTx (CReceiverPaymentChannel cs verifyFunc signFunc) txFee = getSignedSettlementTx cs txFee serverSig where serverSig = signFunc (getSettlementTxHashForSigning cs txFee)