Sha-Gate's Covenant

The covenant used in Sha-Gate are implemented in CashScript to utilize self-introspection. It manages the cc-UTXOs which keep the coins transferred to the smartBCH sidechain.
The logic of this covenant is quite simple:
  1. 1.
    There are 10 operators and 3 monitors, whose hashes are encoded as the covenant's constructor parameters, i.e., part of the scriptPubkey.
  2. 2.
    If seven of the ten operators sign the transaction, this cc-UTXO can be spent in any way they want, as long as the transaction has only one input and one output. (redeemOrConvert)
  3. 3.
    If at least seven operators are unavailable for more than eight months, this cc-UTXO can be sent to a new operator set. (convertByMonitors)
It is very unlikely that we need to use convertByMonitors. So currently the smartbchd nodes do not recognoize such transactions. If such a accident really happens (at least seven operators are unavailable for more than eight months), the smartbchd nodes need to be hard-forked to recognize convertByMonitors.
The miner fee of redeemOrConvert is deducted from the input cc-UTXO and has an upper bound hardcoded in the covenant. And the miner fee of convertByMonitors is paid by some other input other than cc-UTXO.
In practice, the operators only sign two kinds of transactions using redeemOrConvert:
  1. 1.
    Send the cc-UTXO to a P2PKH address. For such cases, the covenant does not check anything.
  2. 2.
    Convert the cc-UTXO's constructor parameters, while keeping the covenant's logic unchanged. For such cases, the covenant checks the format of the resulted P2SH output.