A Game-Theoretic Analysis of Cross-ledger Swaps with Packetized Payments

Abstract

We propose a game-theoretic framework to study the outcomes of packetized payments, a cross-ledger transaction protocol, with strategic and possibly malicious agents. We derive the transaction failure rate and demonstrate that without disciplinary mechanisms, packetized payments are likely to be incomplete. Our analysis suggests that collateral deposits can prevent malicious agents from taking advantage of the protocol. We further infer that the deposit amount should depend on the underlying asset price volatility or that it should be dynamically adjusted as the price changes.

Keywords

Appendix

Most of the arguments in the proofs below follow the hypothesis that an agent always takes the actions which maximize their expected utility, taking into account future and possibly adversarial actions from the other agent. We always describe the key conditions (inequalities) to be verified but provide limited details on the derivations as they can be long and tedious.

Proof of Proposition 1. At time 2 if \({\mathcal T}_a=l\), then Alice loses \(\frac{P_2}{2}\) in utility by playing c instead of s. Similarly, at time 1 if \({\mathcal T}_b=l\), then Bob gets \(\frac{P_1}{2}\) in utility by playing s whereas he expects to receive \({\mathbb E}\left[ {{\mathcal U}(b,l)} \mid {\{c,c\}} \right] =\mu _a(P_1-P_0) + (1-\mu _a)(\frac{P_1}{2}-P_0)\) if he plays c. We have \({\mathbb E}\left[ {{\mathcal U}(b,l)} \mid {\{c,c\}} \right] < \frac{P_1}{2}\) since \(\delta <\frac{P_0}{2}\) and \(\mu _a\le 1\), hence a malicious Bob plays s.

Proof of Corollary 1. The transaction succeeds only if Alice and Bob are honest which happens with probability \({\mathbb P}[{\mathcal T}_a={\mathcal T}_b=h]=\mu _a\mu _b\).

Proof of Proposition 2. We have \({\mathbb E}\left[ {{\mathcal U}(b,h)} \mid {\{c,w,c\}} \right] = \mu _a (P_1 - P_0 + \alpha _{b,h}) + (1-\mu _a)(-\alpha _{b,h} + \frac{P_1}{2} - P_0) \) and \({\mathbb E}\left[ {{\mathcal U}(b,h)} \mid {\{c,w,s\}} \right] = -\alpha _{b,h} + \frac{P_1}{2}\). We obtain that \({\mathcal {A}}(b,\{c,w\})=c\) by taking \(P_1=P_0-\delta \).

Proof of Proposition 3. We have \({\mathcal {A}}(h,\{c,w,c,w\})=c\) if and only if \(\alpha _{a,h} + P_0 - P_2 > -\alpha _{a,h} + P_0 - \frac{P_2}{2}\) which is equivalent to \(\alpha _{a,h}>\frac{P_0+2\delta }{4}\). Then, with \({\mathcal {A}}(h,\{c,w,c,w\})=c\), we have that \({\mathbb E}\left[ {{\mathcal U}(a,h)} \mid {\{c\}} \right] =\mu _b\alpha _{a,h} + (1-\mu _b)(-\alpha _{a,h} - \frac{P_0}{2})\) and \({\mathbb E}\left[ {{\mathcal U}(a,h)} \mid {\{s\}} \right] = - \alpha _{a,h}\). Therefore, for agent a to be honest it must also be that \(\mu _b > \frac{P_0}{4\alpha _{a,h} + P_0}\).

Proof of Proposition 4. This is immediate as malicious agents would never be able to make any profit by exiting prematurely the transaction.