Simple minting policy which introduces secure thread token

[paluh]

The first draft of this policy could be really simple - it is one shot policy which mints a special token - this token would be a part of the initial Marlowe state and we can introduce a really basic "burning" strategy ("unspendable" address trick):

{ "000000000...." :: Token currencySymbol "" ..}

Off-chain verification of the contract is required to make the thread token safe. We have to check if the contract doesn't "touch" the token (by using Pay) throughout the execution.

[paluh]

We can also imagine much more powerful schema which provides a certification of the minting policy and initial conditions and introduces thread token as a witness.

The first draft could look like like this:

The certification policy certificationPolicy (which constant hash is certificationPolicyHash) performs a single check:

If for a given known minting policy mintingPolicyA and given parameter x (through redeemer) an applied mintingPolicyA x hash is hashAX and that mintingPolicyA is used in the transaction using that parameter then it allows minting of tokens (certificationPolicyHash, hashAX, 1).

A bit more sophisticated scenario could also be more tightly connected to Marlowe and check for example all the minted tokens and require some witness of this minting to be embed in the marlowe state. Till we have ability to track custom data through Marlowe thread we can use some "Marlowe level encoding" - some variable (special variable names with values corresponding to minted tokens) or choices for that or any other encoding on the account and value level (using hash etc.)).

[bwbush]

we can introduce a really basic "burning" strategy ("unspendable" address trick)

See #639 (comment). Personally, I would never participate in such a contract on mainnet. We need a very compelling use case and justification of why burning ada permanently is required for security.