@JChoy Generally, there are two major reasons why it’s necessary to have the two-phase send + conf in Plasma.
The first reason is specific to Plasma MVP and arises because Plasma MVP allows for fungible coins/tokens. Basically, if we don’t have confirmations, then an operator can place a user’s valid transactions after the operator’s invalid transactions in a block. This is a problem because exits in Plasma MVP are processed in time order. I published a brief write-up on why this time-order processing is necessary here.
Let’s illustrate this first problem with a scenario where the operator steals funds. Assume the contract only holds 10 ETH in total.
- Alice broadcasts a transaction spending 10 ETH to Bob.
- The operator creates an invalid transaction creating 10 ETH for themselves “out of nowhere” and places it at the first index in a block (“transaction #0”).
- The operator places Alice’s transaction at the second index in the block (“transaction #1”).
- The operator publishes this block.
- Bob sees the invalid transaction and submits his exit.
- The operator submits an exit for the invalid transaction.
- The operator’s exit processes before Bob’s exit, so the contract is now empty.
- Bob’s exit cannot be processed because the contract has no funds remaining.
Now, let’s see what happens when we require confirmations:
- Alice broadcasts a transaction spending 10 ETH to Bob.
- The operator creates an invalid transaction creating 10 ETH for themselves “out of nowhere” and places it at the first index in a block (“transaction #0”).
- The operator places Alice’s transaction at the second index in the block (“transaction #1”).
- The operator publishes this block.
- Alice sees the invalid transaction and refuses to sign a confirmation on her transaction to Bob.
- The operator submits an exit for the invalid transaction.
- Alice exits from her (still technically unspent) 10 ETH UTXO which existed before the operator’s invalid UTXO.
- The operator’s exit cannot be processed because the contract has no funds remaining.
Note that this situation is not a problem in Plasma Cash because coins are unique and non-fungible - the operator can’t just create valid UTXOs “out of nowhere” like they can in Plasma MVP. The operator could create a transaction that appears to give them ownership of a specific coin, but that doesn’t impact the ability for the owners of any other coin to exit.
Now let’s talk about the other potential scenario. This is basically what I mentioned in my reply to Dan above, and it’s less of an attack vector than an annoyance:
- Alice broadcasts a transaction spending 10 ETH to Bob.
- The operator places Alice’s transaction somewhere in the block.
- The operator publishes the root of this block to the root chain but withholds the actual block information.
- Alice doesn’t know if her transaction to Bob was actually included in the block or not. Bob doesn’t have enough information to exit because he doesn’t know the index of the transaction in the block.
- Alice must attempt to exit from her old UTXO.
- The operator knows that Alice’s old UTXO is spent, so they challenge Alice’s exit with her transaction to Bob (revealing the index).
- Bob now knows the transaction index, so Bob can exit.
This doesn’t change anything security-wise, but it’s not particularly convenient to have this exit-challenge-exit process. Additionally, Alice will always lose her bond for her original exit. Here’s how it plays out with confirmations:
- Alice broadcasts a transaction spending 10 ETH to Bob.
- The operator places Alice’s transaction somewhere in the block.
- The operator publishes the root of this block to the root chain but withholds the actual block information.
- Alice doesn’t know if her transaction to Bob was actually included in the block or not. Alice doesn’t broadcast a confirmation signature.
- Alice exits from her old UTXO.
- The operator cannot challenge with Alice’s spend to Bob because the operator doesn’t have the required confirmation signature.
I hope that makes sense. Please let me know if I can clarify anything and I’ll try to make edits!