📝
smartbch
  • Introduction
  • Whitepaper
  • FAQ
  • Mainnet
  • Testnets
  • Join Amber testnet as a Validator
  • Developer's Guide
    • Introduction
    • Deploy contracts using Truffle
    • Deploy contracts using Remix
    • JSON-RPC Endpoints
    • Staking Scheme
    • XHedge Smart Contract
    • Decision of the minimum gas price
  • Sha-Gate Bridge
    • Sha-Gate Specification
    • Sha-Gate Risk Analysis
    • Sha-Gate's Covenant
  • In-Depth Design Documents
    • Introduction
    • MoeingADS's General Ideas
    • MoeingADS's RabbitStore
    • MoeingADS's internal architecture
    • Benchmarking MoeingADS
    • Benchmarking MoeingEVM and MoeingADS
    • Benchmarking Testnet
    • Transaction Reordering in smartBCH
    • Transaction Parallel Execution in smartBCH
    • Send back-to-back Transactions
    • Data structures in world state
  • SmartBCH Evolution Proposals (SEPs)
    • SEP101: Store values with arbitrary length
    • SEP102: Adjustment of Used Gas
    • SEP109: On-chain Verification of Verifiable Random Functions
    • SEP18: Blockchain cheques on smartBCH
    • SEP20: Tokens on smartBCH
    • SEP206: Manipulate Native Token as a SEP20 Token
    • SEP201: Simple Stochastic Payment
  • Archives
    • Single Node Private Testnet
    • Multi-Node Testnet
    • Fake RPC Server for Testing
    • Test using MetaMask
Powered by GitBook
On this page

Was this helpful?

  1. Sha-Gate Bridge

Sha-Gate's Covenant

The covenant used in Sha-Gate are implemented in CashScript to utilize self-introspection. It manages the cc-UTXOs which keep the coins transferred to the smartBCH sidechain.

The logic of this covenant is quite simple:

  1. There are 10 operators and 3 monitors, whose hashes are encoded as the covenant's constructor parameters, i.e., part of the scriptPubkey.

  2. If seven of the ten operators sign the transaction, this cc-UTXO can be spent in any way they want, as long as the transaction has only one input and one output. (redeemOrConvert)

  3. If at least seven operators are unavailable for more than eight months, this cc-UTXO can be sent to a new operator set. (convertByMonitors)

It is very unlikely that we need to use convertByMonitors. So currently the smartbchd nodes do not recognoize such transactions. If such a accident really happens (at least seven operators are unavailable for more than eight months), the smartbchd nodes need to be hard-forked to recognize convertByMonitors.

The miner fee of redeemOrConvert is deducted from the input cc-UTXO and has an upper bound hardcoded in the covenant. And the miner fee of convertByMonitors is paid by some other input other than cc-UTXO.

In practice, the operators only sign two kinds of transactions using redeemOrConvert:

  1. Send the cc-UTXO to a P2PKH address. For such cases, the covenant does not check anything.

  2. Convert the cc-UTXO's constructor parameters, while keeping the covenant's logic unchanged. For such cases, the covenant checks the format of the resulted P2SH output.

PreviousSha-Gate Risk AnalysisNextIntroduction

Last updated 2 years ago

Was this helpful?