Explained: Timelock hashed contracts in blockchain applications

Cryptocurrencies, an unconventional newcomer to the world of finance, are riddled with hidden or lesser-known features that, when used, could protect funds from losses. One such feature is called Hashed Timelock Contract (HTLC). HTLC is a time-limited smart contract that allows the transfer of crypto funds only after the receiving party enters a secret, predetermined cryptographic passphrase. Implementing HTLC when finalizing a crypto transfer can ensure that no third party can access the funds – keeping the transaction secure.

To complete an HTLC transaction, the receiving party must ensure that it registers the password within a predetermined time period. If any of these criteria are not met, the transaction is not processed.

How are HTLCs deployed?

HTLC has two main components – Hashlock and Timelock.

Hashlock, according to a report from Investopedia, is a cryptographically regenerated version of a public key. The party that decided to send the funds generates hashlocks, which ultimately act as private keys. Once generated, hashlocks are uploaded in the form of pre-images, which are later revealed during the financial transaction.

On the other hand, time locking is used to add the element of time to HTLC. Each HTLC contract has two time locks to determine the exact period within which the receiving party must enter the encrypted password to facilitate the transaction.

Where do HTLCs work?

Bitcoin and Ethereum are among several other blockchains that allow HTLC transactions. These types of smart contracts make the overall blockchain industry more interoperable by enabling cross-chain transactions without having to involve a centralized exchange, said one report by Faster Capital.

Notably, however, HTLCs are subject to some vulnerabilities, of which bribery attacks are at the top of the heap. In bribery attacks, an attacker can extend a higher transaction fee as a service to blockchain miners to induce them to gain unethical access to an HTLC transaction.

Another type of vulnerability that can affect the successful completion of an HTLC contract is the Malleability attack. Here, an attacker may be able to change the transaction ID of the HTLC, causing the entire transaction to fail.