This allows to recover funds in case an incorrect amount is sent, and also enables a fast-path to spend out of the vault using the cold key without going through the two-step unvaulting process.
Not going through the unvaulting process does not reduce security because in case of theft these keys will eventually get access to the funds anyway. A thieve could even chain the two-step CTV spend transactions to the cold_key, plus a third transaction to spend from the cold_key to their own wallet, and send them all to the mempool (or straight to a block) in one go.
Here's an example of the suggested changes, expressed in Minsc:
fn SimpleCtvVault($hot_signer, $cold_signer, $fee_pk, $delay, $amount, $fee) {
$unvault_amount = $amount - $fee - DUST_AMOUNT;
$tohot = $hot_signer && older($delay);
$tocold = txtmpl([
txOut(wsh($cold_signer), $unvault_amount - $fee - DUST_AMOUNT), // - $fee again to pay for the 2nd tx
txOut(wpkh($fee_pk), DUST_AMOUNT), // fee anchor output
]);
txtmpl([
- txOut(wsh($tocold || $tohot), $unvault_amount),
+ txOut(wsh($tocold || $tohot || $cold_signer), $unvault_amount),
txOut(wpkh($fee_pk), DUST_AMOUNT), // fee anchor output
- ])
+ ]) || $cold_signer
}(on the min.sc editor)
This allows to recover funds in case an incorrect amount is sent, and also enables a fast-path to spend out of the vault using the cold key without going through the two-step unvaulting process.
Not going through the unvaulting process does not reduce security because in case of theft these keys will eventually get access to the funds anyway. A thieve could even chain the two-step CTV spend transactions to the cold_key, plus a third transaction to spend from the cold_key to their own wallet, and send them all to the mempool (or straight to a block) in one go.
Here's an example of the suggested changes, expressed in Minsc:
fn SimpleCtvVault($hot_signer, $cold_signer, $fee_pk, $delay, $amount, $fee) { $unvault_amount = $amount - $fee - DUST_AMOUNT; $tohot = $hot_signer && older($delay); $tocold = txtmpl([ txOut(wsh($cold_signer), $unvault_amount - $fee - DUST_AMOUNT), // - $fee again to pay for the 2nd tx txOut(wpkh($fee_pk), DUST_AMOUNT), // fee anchor output ]); txtmpl([ - txOut(wsh($tocold || $tohot), $unvault_amount), + txOut(wsh($tocold || $tohot || $cold_signer), $unvault_amount), txOut(wpkh($fee_pk), DUST_AMOUNT), // fee anchor output - ]) + ]) || $cold_signer }(on the min.sc editor)