Lykke Multisignature Wallets
By Mihail Nikulin, Lykke co-founder and CTO
Lykke is a semi-centralized exchange. This means that the exchange does not take possession of the traded coins, but needs to be trusted to match trades correctly. Lykke has a centralized matching engine and decentralized coins settlement.
Still to be able to trade, one should deposit his coins into Lykke exchange. Depositing coins is not equal to trusting coins. How can it be? Lykke uses 2-of-2 multisignatures address wallets (Multisig).
2-of-2 Multisig address requires two signatures to spend coins from it - both client’s and Lykke’s signatures.
MultiSig wallet provides the following advantages:
- Deposit does not mean trust: Lykke can not spend coins without client's key. Even if the exchange is compromised and the Lykke's key is stolen, the client will not lose his coins. The second key is required to spend deposited coins.
- Coins flow control: On the other hand, Lykke's signature is required for each transaction. Deposited coins can not be transferred outside the exchange without Lykke being aware of it.
For example, Lykke Corp Equity (LKK) coins or Bitcoins can be transferred outside Lykke. Unlike Bitcoins, crypto-fiat coins like lkkEUR, lkkCHF, lkkUSD, etc. can be traded inside the Lykke exchange only or to be redeemed via a bank account.
- Green nodes network: Identified clients only (KYC) - are allowed to trade. A client is able to spend deposited coins whether for trading inside the Lykke exchange or for withdrawal. A client cannot transfer the coins outside the Lykke green nodes network if it's not allowed by the issuer.
What happens with deposited coins if Lykke's private key is destoyed? Would the deposited coins be frozen in the Multisig address forever?
To guarantee funds recovery from the MultiSig wallet, Lykke provides offchain «refund transactions».
Refund transaction transfers deposit coins back to the client's private address. Once the refund transaction is signed by Lykke, the refund can be broadcasted after 31 days. The refund transaction is invalidated each time when the client makes a trade that spends “refunded” outputs. Lykke generates a new refund transaction after each new trade and sends the transaction binary file to the client's mail. The client may use the refund in case of emergency.
Issued Refunds Monitoring
Lykke detects if the valid refund transaction is broadcasted over the Bitcoin blockchain. It is considered as withdrawal.
Lykke is aslo monitoring validity dates of issued refund transactions. What if the refund transaction becomes valid but has not been broadcasted? In this case the client can trade further, but he would wait for 3 confirmations of the trade that spends “refunded” outputs. If the trade is confirmed, then the client is allowed to trade further.