What Are Discreet Log Contracts (DLCs)? A Beginner's Guide
August 7, 2023
Discreet log contracts (DLCs) are a type of Bitcoin smart contract that brings new functionalities to the Bitcoin ecosystem. Read on to learn more about DLCs and what they can be used for.
What Are Discreet Log Contracts?
Discreet log contracts, or DLCs for short, are multisig transactions that use oracles to execute smart contracts directly on the Bitcoin blockchain.
As the name suggests, the details of a discreet log contract are “discreet,” which means they are inconspicuous to oracles and external observers. In fact, anyone observing the public Bitcoin ledger cannot detect a DLC as it looks like a normal multi-signature transaction.
Oracles are entity-controlled data feeds that supply smart contracts with real-world information, connecting the off-chain world to the on-chain one. They publish signed messages in reaction to the outcome of a real-world event.
Thaddeus Dryja introduced the concept of DLCs in a 2018 paper as a solution to address smart contract scalability and privacy issues. Loyd Fournier’s work on adaptor signatures later improved the scalability and privacy features of DLCs. Adaptor signatures allow smart contract execution without exposing confidential information on the blockchain and are enabled by Schnorr signatures. This functionality of DLCs was brought to Bitcoin by the Taproot upgrade in November 2021, which introduced Schnorr signatures.
How Do Discreet Log Contracts Work?
DLCs involve two (or more) parties who have agreed on the terms of a contract dependent on a predefined outcome of an event, such as a sports game. An oracle is also involved. However, the oracle neither knows nor has any information about the two parties. Moreover, the oracle remains in the dark about the contract details. Its job is to only broadcast the results of an event.
For a DLC to occur, it must undergo the following stages:
To initiate a discreet log contract, both parties must fund a shared 2-of-2 multisig wallet with BTC. Let's say the two parties are Alice and Bob, and each person has deposited 2 BTC. These funds serve as a wager on a coin toss. Alice wagers 1 BTC for heads while Bob bets 1 BTC on tails.
Alice and Bob use their private keys to sign the transaction, which is then confirmed by the blockchain. They also receive public keys whose corresponding private keys are created from the oracle’s signature of the possible outcomes — a heads or tails win.
Creating Contract Execution Transactions (CETs)
Alice and Bob use the public keys obtained in stage one to create two Contract Execution Transactions (CETs) for the two possible results. One CET transaction would spend 2 BTC from the locked funds to the “heads wins” public key. The other transaction would send 2 BTC to the “tails wins” public key. CETs occur off-chain.
Alice and Bob also sign both transactions. Nonetheless, the transactions only need 2 of the 3 mandatory signatures.
Once the oracle determines the outcome of the coin toss, it publishes a signed message. Assuming heads wins, the oracle broadcasts the corresponding “heads wins” signature.
Alice and Bob can use the “heads wins” signature to acquire the “heads wins” private key. They then sign the correct CET, which is published on the blockchain. Subsequently, Alice gets the 2 BTC payout.
The CET for the losing bet is considered obsolete.
DLCs require each party to deposit extra funds (stake) at the funding stage to ensure the loser will sign the correct CET. So, if the total bet is 2 BTC, both parties may agree to deposit an additional 0.5 BTC each as a refundable stake. That means Alice will acquire 2.5 BTC (the payout + stake) if she wins. On the other hand, Bob will receive his stake of 0.5 BTC. The stake compels losers to sign the final transactions if they want to get their money back.
A timelock can also be implemented, giving both parties a specified period to sign and publish the transaction after the oracle broadcasts the outcome. Therefore, if Alice wins but fails to sign and publish the transaction within the set time period, Bob can claim the entire locked amount, including the extra funds from the stake.
Alternatively, if Bob fails to sign and publish the transaction expeditiously, Alice can take 3 BTC, including Bob's stake. That means the timelock also acts as an incentive, making sure that both parties are highly incentivized to sign the transaction once the result is published.
Discreet Log Contract Use Cases
DLCs allow Bitcoin users to place private and secure bets on sports events, presidential elections, and future digital asset prices. Notably, the first DLC on the Bitcoin mainnet was a bet on the 2020 US election. The bet was placed in September of that year between Suredbits founder Chris Stewart and BTCPay Server CEO Nicolas Dorier.
DLCs can execute smart contracts representing a Bitcoin futures or options contract. Derivative financial products allow traders to bet on the future price of a digital asset. As long as the oracles involved are efficient and trustworthy, DLCs can facilitate a healthy DeFi ecosystem on the Bitcoin blockchain.
Insurance companies can address data inconsistencies by using DLCs, where oracles pull data from multiple relevant sources in real-time and publish the results of a catastrophe or accident. This allows customers to receive prompt payouts.
Pros & Cons of Discreet Log Contracts
- DLCs are indistinguishable from other multisig transactions, giving the parties involved privacy. Furthermore, contract details are hidden from oracles.
- Funds are stored in a non-custodial manner, independent of any third party.
- DLCs incur lower transaction fees since some activity takes place off-chain.
- DLCs rely on trusted oracles that could be centralized.
- Involved parties cannot be anonymous to each other since they need to consent to contract terms.
- DLCs are relatively new to Bitcoin and have yet to be battle-tested.
Does Bitcoin have smart contracts?
Yes. Every Bitcoin transaction is a smart contract transaction powered by the Script programming language. However, most people do not know this because Bitcoin’s Script language is Turing-incomplete, meaning its smart contracts are rudimentary compared to the complex smart contracts Turing-complete languages like Solidity are capable of. The various types of Bitcoin smart contracts are Discreet Log Contracts (DLCs), Pay-to-Public-Key-Hash (P2PKH), Pay-to-Script-Hash (P2SH), Multisig, and Pay-to-Taproot (P2TR).
Can you make smart contracts private?
Using Discreet Log Contracts, parties can create and execute private smart contracts. A DLC is a multisig transaction that uses oracles to execute smart contracts indistinguishable from other multisig transactions on the Bitcoin ledger, giving users enhanced privacy. The details of a DLC are also inconspicuous from oracles.