A detailed cryptographic protocol for a provably fair Bitcoin lottery where players buy tickets via Lightning Network payments. The design uses adaptor signatures, MuSig multisig, Merkle trees, and Bitcoin block hashes as a randomness source to select winners. A trusted-but-verifiable market maker fronts the jackpot on-chain while players participate off-chain. The protocol includes fraud proof mechanisms so any observer can verify whether the market maker awarded the jackpot to the correct winner, collateral-based incentives to keep the market maker honest, and strong privacy guarantees through Taproot and cooperative off-chain settlement. The design can be generalized beyond lotteries to any Discreet Log Contract.
Table of contents
IntroPrerequisite KnowledgeHow?Lottery RegistrationLottery SigningHow to Make Tickets ValuableTicket SalesWinner ChoiceSettlementIncentivizing an Unresponsive Market MakerSuccinct Fairness/Fraud ProofPrivacyGeneralizing for DLCsFuture WorkNotation ReferenceSort: