eprint.iacr.org will be offline for approximately an hour for routine maintenance again at 10pm UTC on Wednesday, April 17.

Paper 2016/451

Efficient Zero-Knowledge Contingent Payments in Cryptocurrencies Without Scripts

Wacław Banasik, Stefan Dziembowski, and Daniel Malinowski


One of the most promising innovations offered by the cryptographic currencies (like Bitcoin) are the so-called \emph{smart contracts}, which can be viewed as financial agreements between mutually distrusting participants. Their execution is enforced by the mechanics of the currency, and typically has monetary consequences for the parties. The rules of these contracts are written in the form of so-called ``scripts'', which are pieces of code in some ``scripting language''. Although smart contracts are believed to have a huge potential, for the moment they are not widely used in practice. In particular, most of Bitcoin miners allow only to post standard transactions (i.e.: those without the non-trivial scripts) on the blockchain. As a result, it is currently very hard to create non-trivial smart contracts in Bitcoin. Motivated by this, we address the following question: ``is it possible to create non-trivial efficient smart contracts using the standard transactions only?'' We answer this question affirmatively, by constructing efficient Zero-Knowledge Contingent Payment protocol for a large class of NP-relations. This includes the relations for which efficient sigma protocols exist. In particular, our protocol can be used to sell a factorization $(p,q)$ of an RSA modulus $n=pq$, which is an example that we implemented and tested its efficiency in practice. As another example of the ``smart contract without scripts'' we show how our techniques can be used to implement the contract called ``trading across chains''.

Available format(s)
Publication info
Preprint. MINOR revision.
bitcoinsmart contractscryptocurrencies
Contact author(s)
daniel malinowski @ crypto edu pl
2016-07-13: revised
2016-05-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Wacław Banasik and Stefan Dziembowski and Daniel Malinowski},
      title = {Efficient Zero-Knowledge Contingent Payments in Cryptocurrencies Without Scripts},
      howpublished = {Cryptology ePrint Archive, Paper 2016/451},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/451}},
      url = {https://eprint.iacr.org/2016/451}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.