Can you exchange subcurrencies without trusting anybody?

Can you exchange subcurrencies without trusting anybody? Let's say we have 2 subcurrencies A & B created by this contract

contract metaCoin {
mapping (address => uint) public balances;
function metaCoin() {
balances[msg.sender] = 10000;
}
function sendToken(address receiver, uint amount) returns(bool successful){
if (balances[msg.sender] < amount) return false;
balances[msg.sender] -= amount;
balances[receiver] += amount;
return true;
}
}
Now I want to create another contract EX so anyone can exchange his B currency for my A currency 1:1. Contract EX is like this

contract EX {
function exchangeB2A(address bAddress, uint amount) {
metaCoin A = metaCoin(ACoinContractAddress);
metaCoin B = metaCoin(BCoinContractAddress);

B.sendToken(aAddress, amount); // tx1
A.sendToken(bAddress, amount); // tx2
}
}
It is ideal for B to execute contract EX. This way A can just creates contract EX and wait for someone to send currency B to it. However tx2 is wrong since msg.sender = B, not A. It is sending from bAddress to bAddress. To fix this one way is to add a new func to contract metaCoin so it can take digital signature to verify the sender. The new func signature is like this

function sendTokenSig(address from, address to, uint amount, signature sig) returns(bool successful)

Now contract EX is like this

contract EX {
function exchangeB2A(aAddress bAddress, uint amount) {
metaCoin A = metaCoin(ACoinContractAddress);
metaCoin B = metaCoin(BCoinContractAddress);

B.sendToken(aAddress, amount); // tx1
signature sig = calculateASignature(aAddress, bAddress, amount); // this needs A's privKey
A.sendTokenSig(aAddress, bAddress, amount, sig); // tx2
}
}
The func calculateASignature() will need A's privKey in order to sign the tx2. This is not safe since the code is public in the blockchain.

The alternative is to let A execute contract EX. In this case EX is

contract EX {
function exchangeB2A(aAddress bAddress, uint amount, signature sig) {
metaCoin A = metaCoin(ACoinContractAddress);
metaCoin B = metaCoin(BCoinContractAddress);

B.sendTokenSig(bAddress, aAddress, amount, sig); // tx1 - here the sig is B's signature for tx1
A.sendToken(bAddress, amount); // tx2
}
}
B's pubKey is not public in this case since B knows all the tx1 input data(bAddress, aAddress, amount). Here the problem is that B has to send his signature for tx1 to A to run contract EX. A could just submit tx1 alone without sending it to the contract EX and get B's currency. So B has to trust A to get back A currency in exchange.

Seems there is no way to get around. Have I missed something basic?

Sign In or Register to comment.