Automatically release funds from a multisig wallet used for escrow

+1 vote

We have the following scenario. A payment is sent to a 3 of 5 multisig wallet, held in escrow, with a specific expiry date (expiry date corresponding to the payment is written in some stream on the blockchain). Each of the 5 signatories is an address on a separate node. When the expiry date passes, we would like to automatically release the payment back to the sender.

Our initial idea was to have some kind of background process running on each node that periodically checks if the expiry date for the payment has passed. If yes, the node will start a transaction to release the funds from the multisig wallet back to the sender, then send the partially signed transaction (possibly by writing the rawtx to a stream) to the other nodes to be signed. Once at least 3 nodes have signed, the transaction can be sent.

The problem with this approach is that the background process on each node will be subject to a race condition which makes it possible for all 5 nodes to initiate the partial transaction at the same time. Of course in the end, it would not be possible for all 5 partial transactions to be completed since only the first one will be able to spend the inputs. However, we would like to avoid generating too many extraneous data/records of those partial transactions thus we would prefer to avoid that race condition.

I thought it would be possible to lock the unspent outputs of the multisig wallet, but attempting to use preparelockunspentfrom with a multisig address returns Invalid address.

Another solution we considered was simply to have the signatories be ordered, and require that signatory#1 always be the one to initiate the transaction. However, the reason we have a 3-of-5 multisig in the first place is to have some level of redundancy - in case 1-2 nodes are down, the other 3 can still release the funds. Requiring a certain signatory to initiate the txn would defeat that purpose.

Would you have any advice for this scenario? Or possible alternate solution?
asked Aug 6, 2018 by anonymous

1 Answer

0 votes
If I understand correctly, ideally the release of the funds would not depend on the good behavior of the signatories, but rather take place automatically based on timestamps in the blockchain. If so, your best bet is to hold out for the release of Smart Filters, which are currently under development for MultiChain 2.0. These will allow custom rules to be embedded in the blockchain for validating transactions. Those rules can be combined with in-UTXO metadata so you can make your conditions explicit, and then have the Smart Filters apply them.

If you don't want the time limit applied by the blockchain, but rather based on when the 5 nodes themselves decide the time is right, then you have a more straightforward issue of multisig coordination. In this case you could just use a stream to enable any of the signatories to publish their partial signatures, and to look for others' partial signatures to add to. You're right that this could lead to some redundancy, but if you do all this with off-chain items (available now in MC 2.0 alpha), the amount of data on the actual chain would be minimal.
answered Aug 6, 2018 by MultiChain