JugglingSwap: Scriptless Atomic Cross-Chain Swaps

The blockchain space is changing constantly. New chains are being implemented frequently with different use cases in mind. As more and more types of crypto assets are getting real world value there is an increasing need for blockchain interoperability. Exchange services today are still dominated by central parties which require custody of funds. This trust imposes costs and security risks as frequent breaches testify. Atomic cross-chain swaps (ACCS) allow mutual distrusting parties to securely exchange crypto assets in a peer-to-peer manner while preserving self-custody. Fundamental ACCS protocols leveraged the scripting capabilities of blockchains to conditionalize the transfer of funds between trading parties. Recent work showed that such protocols can be realized in a scriptless setting. This has many benefits to blockchains throughput, efficiency of swap protocols and also to fungibility and privacy. The proposed protocols are limited to assets transferable by either Schnorr signatures or ECDSA that are assuming the same elliptic curve parameters. In this work we present JugglingSwap, a scriptless atomic cross-chain swap protocol with a higher degree of interoperability. We weaken the assumptions about blockchains that can be included in the ACCS protocol, and only require that (1) a threshold variant exists to the underlying digital signature scheme and (2) it is based on the elliptic curve discrete logarithm problem (ECDLP). The fair exchange is achieved by a gradual release of secrets. To achieve this we use a new building block we call Juggling: a public key verifiable encryption scheme to transfer segments of secret shares between parties, which can also be of separate interest. Juggling is then tailored to a specific private key management system design with threshold signatures security.