A little bit of theory
IOTA’s blockchain is called the Tangle.
Multisignatures technique generally needs several parties to participate in spending funds. A multisignature “2-of-2” requires a transaction to be signed by two parties. For example, to spend funds from an address, Alice must sign the transaction with her half-key, and then send the result to Bob. Now, Bob must sign Alice’s data with his half-key, and send the result to IOTA network, so that it gets eventually confirmed, and funds reach the destination (say, Charlie).
Alice’s half-key alone is not enough to transfer the funds. The same is applied on Bob’s half-key.
Addresses may be multisignature ones or not. If an address is a multisignature one, then two parties are involved in spending funds from it. In a transaction, there is a source address and a destination address. All the source addresses described below are multisignature ones. All the destination addresses can be of any nature.
If an IOTA transaction conforms a set of rules, then with a 100% guarantee the network will eventually confirm it. Particularly, it is essential if the balance of the source address has enough funds to satisfy the spend. Also, IOTA is a fee-less cryptocurrency. Therefore, in order to be confirmed, IOTA transactions don’t need miners’ fee attached.
New way to use multisignatures
VolleyCash system consists of a server and wallets. The server is a highly scalable API service. A wallet is a mobile application (or any other device/POS/software) that communicates with the server only.
The innovative idea of VolleyCash is to use multisignatures in a new way. Particularly, to split multisignature keys between the server and the wallet (not between two wallets). In this way, the server cannot spend user’s funds alone. And, even the user cannot spend his funds alone (it is an important requirement, see below).
The server has half-keys for all multisignature addresses (source addresses), that are generated in cooperation with wallets. Also, the server keeps track of their balances in real-time. In most cases the server doesn’t need to look up the Tangle for the balances, because a spend is not possible without server’s signature. So, the knowledge of the balances allows the server to say if an address has enough funds to satisfy a spend request.
In order to make a spend, the wallet will initiate a new transaction and sign it with its half-key. After that, the wallet will send this semi-baked transaction to the server. The server will reject it if the source address has not enough funds for that spend. Otherwise, the server will accept it. This whole process takes 3 seconds only, because the server has all the information at hand. The decision does not involve the Tangle, IOTA network, or any sort of consensus.
But why is it so important to determine quickly if the spend is valid or not? Because in the case of a valid spend, there is a 100% guarantee that the transaction will eventually settle on the Tangle, according to “rules” (see theory section in the beginning). So, with that guarantee, the server marks funds as “transferred” right away. And both — source wallet and destination wallet — get informed about that. In short, it’s not funds that are transferred instantly. But it’s the guarantee that is transferred instantly from the server to the destination wallet. Eventually, the funds will be transferred through the network in a non-blocking manner.
The store (destination wallet) needs that guarantee to release the product. The payer (source wallet) needs that guarantee to claim the product.
VolleyCash retail use case
The store (coffee shop with POS wallet as destination) releases the product (coffee) immediately after the server says that the transaction from the payer (source wallet) is valid. And the payer can leave the store with the product. At the end of the day, the store has all transactions settled on its wallet on-chain and ready for further processing (accumulating from POS devices to single device, withdrawing to fiat, etc).
Malicious scenario, that VolleyCash is protected from
VolleyCash is exceptionally fast because it is protected from a case of malicious usage, that we call “side spending”.
It is when a payer makes a spend towards the store, and then makes an additional spend (with his second wallet as the destination) from the same address. Both spends hit the network directly (they are ordinary single-signature transactions, when VolleyCash is not involved). And the network picks only one spend (the “winner”) to prevent overspend from the address. And chances that it picks a wrong spend (the one towards payer’s second wallet, not towards the store). In this case, the store has to wait until the network decides the winner before releasing the product to the payer. This “side spending” scenario causes slowness because it involves the Tangle, IOTA network, and consensus to decide the winner. VolleyCash-based payments are fast because they are checked instantly by VolleyCash server.
No long-term state, always on-chain
There are no “channels” or any other long-term connection between the payer and the store. So, there is no penalty on terminating established connections by withdrawing funds from the system. Every payment is individual, on-chain, and ready for further withdrawal.
High security of funds
The VolleyCash server is not enabled to spend users’ funds, because it has only half-key for each address. So, it is not an “online wallet” that possesses all funds. The purpose of the VolleyCash server is to be always online and to keep its half-keys safe (prevent leakage/breach). Even if a breach happens, current addresses are switched to withdraw-only mode. That mode is when parties can’t be given that instant guarantee because a “side spending” becomes possible. VolleyCash architecture features high security of funds, despite involving a centralized party (server).
No registration. No tracking
Due to low complexity of the server, there are no reasons to force users to sign in. Users access VolleyCash server anonymously. Also the architecture of VolleyCash has no room for tracking users. All the information, that VolleyCash server knows, is nothing extra over what is stored on the Tangle (except private keys).
This idea is implemented in software, available at https://volleycash.com. Android App is free to download from Google Play. AppStore version will be released soon. To see all features of VolleyCash (particularly, how funds are transferred between two VolleyCash wallets), you may need two smartphones.
VolleyCash lacks some decentralization right now. Splitting the server to several independent parties is a high priority for us. Also payments chaining is currently disabled. For example, if wallet1 sends funds to wallet2, and then wallet2 sends them to wallet3, only first transfer is instant. The second transfer will complete once the first one settles on the Tangle (usually 1–3 minutes).
Feel free to give it a try at https://volleycash.com!