An Update on Atomic Trades
Jay Graber and Ariel Gabizon | Sep 11, 2017
Decentralization is a key characteristic of cryptocurrencies because it removes dependence on trusting third parties in order to transact between individuals. However, exchanges between different cryptocurrencies typically still require trust in a centralized exchange or counterparty. Cross-chain atomic trades (for which we have coined the acronym “XCATs”) remove the need for a single point of trust for trades between different cryptocurrencies. They rely on clever protocols that automatically exchange funds across two chains only if both participants hold up their end of the deal, and refund both participants otherwise. To support the decentralization of cryptocurrency, one of our near-term goals is to develop tools that will help carry out atomic trades across blockchains. 
Zcash <-> Bitcoin Atomic Trades
We are excited to announce that we have been working on a command-line tool that executes atomic trades between Zcash t-addrs and Bitcoin addresses (view our recent demo of the tool). Several people have come up with XCAT protocols. Loosely speaking, they all rely on a mechanism where for one side to obtain their coins, a secret must be revealed that will enable the second party to also redeem their coins. There are many variants of this basic idea; see our XCAT ZIP for a detailed description of the specific protocol we use. Meanwhile, you are encouraged to try the experimental version of our tool, ZBXCAT, and report problems or ask questions on the alchemy channel of our community chat. The current version requires the user to run Bitcoin and Zcash full nodes, but a light-client version is in progress.
The way that funds are locked up on the blockchain to do atomic trades relies on hash-time lock contracts (HTLC). Zcash engineer Sean Bowe has submitted a BIP and pull request to make HTLCs a part of the standard RPC interface in the Bitcoin core client. However, it is not necessary to wait for this PR to be merged, as raw HTLC transactions can be constructed by compiling non-standard pay-to-script-hash transactions. We used python-bitcoinlib and a variant of it modified for Zcash to construct these scripts: https://github.com/arcalinea/python-zcashlib
To see an example of the redeem scripts used, view the scriptsig of this bitcoin transaction. This was one of the four transactions in the first atomic trade performed on testnet using our script, with the participation of community volunteer Jason Davies:
|||We note that other groups have done/are doing excellent work on cross-chain trades, for example, barterDEX.|