1. The Timestamp Problem
A dead man's switch needs to prove when it was armed. Without this proof:
- Users can't verify their switch is actually set
- Recipients can't confirm the switch predates the user's incapacitation
- Guardians can't distinguish legitimate switches from forged ones
Traditional timestamps (server logs, signed documents) require trusting the timestamping authority. Bitcoin provides an alternative: a globally synchronized clock secured by proof-of-work, where timestamps are embedded in an append-only ledger that cannot be retroactively modified.
2. Bitcoin Time
2.1 Block Height vs. Unix Time
Bitcoin has two notions of time:
- Block height — The number of blocks since genesis (block 0). Increases by 1 every ~10 minutes on average.
- Block timestamp — Unix timestamp set by the miner. Must be greater than median of previous 11 blocks.
Block height is more reliable for timelocks. Timestamps can drift by up to 2 hours from real time; block height is monotonically increasing and deterministic.
2.2 The Timechain
Bitcoin's blockchain is often called a "timechain" because it provides a global ordering of events. If transaction A is in block 800,000 and transaction B is in block 800,001, we know A happened before B — and this ordering is secured by the cumulative proof-of-work of all subsequent blocks.
3. OP_CHECKLOCKTIMEVERIFY
3.1 Overview
OP_CHECKLOCKTIMEVERIFY (CLTV) is a Bitcoin Script opcode that
makes a transaction output unspendable until a specified block height or
timestamp. It was activated in BIP-65 (December 2015).
3.2 Script Structure
<locktime> OP_CHECKLOCKTIMEVERIFY OP_DROP
<user_pubkey> OP_CHECKSIG
OP_ELSE
<user_pubkey> OP_CHECKSIG
OP_ENDIF
// Two spending paths:
// 1. After locktime: user can spend (proves they're alive)
// 2. Before locktime: user can spend (reset the timer)
3.3 Verification Logic
When a transaction attempts to spend a CLTV-locked output:
- The spending transaction's
nLockTimemust be ≥ the script's locktime - The spending transaction's
nSequencemust be < 0xFFFFFFFF - The current block height (or timestamp) must be ≥
nLockTime
If any condition fails, the transaction is invalid and won't be mined.
4. EchoLock Integration
4.1 Purpose
In EchoLock, Bitcoin timelocks are supplementary, not required. The system functions without them — Nostr heartbeats and Shamir shares provide the core mechanism. Bitcoin adds:
- Proof of arming time — The timelock transaction, once confirmed, proves the switch existed at a specific block height
- Public verifiability — Anyone can check the timelock on any block explorer without special access
- Secondary trigger signal — Guardians can monitor the UTXO state as an additional data point
4.2 Flow
// 1. User creates timelock transaction const locktime = currentBlockHeight + (72 * 6); // ~72 hours const timelockTx = createTimelockTransaction( userPubkey, locktime, amount ); // 2. Broadcast to network const txid = await broadcastTransaction(timelockTx); // 3. Wait for confirmations await waitForConfirmations(txid, 6); // 4. Store txid in Nostr heartbeat event heartbeatEvent.tags.push(['btc_timelock', txid]);
4.3 Guardian Monitoring
Guardians can query the timelock UTXO status:
async function checkTimelockStatus(txid: string) {
// Query mempool.space API
const utxoStatus = await fetch(
`https://mempool.space/api/tx/${txid}/outspend/0`
);
const data = await utxoStatus.json();
if (data.spent) {
// User spent the UTXO — they're alive, timer reset
return { status: 'reset', spentInTx: data.txid };
}
// Check if locktime has passed
const tx = await fetch(`https://mempool.space/api/tx/${txid}`);
const txData = await tx.json();
const currentHeight = await getCurrentBlockHeight();
if (currentHeight >= txData.locktime && !data.spent) {
// Locktime passed and unspent — potential trigger
return { status: 'expired', locktime: txData.locktime };
}
return { status: 'active', locktime: txData.locktime };
}
5. Security Properties
5.1 Unforgeability
Bitcoin timestamps cannot be forged or backdated:
- Transactions are included in blocks by miners
- Block headers form a hash chain — modifying history requires re-mining all subsequent blocks
- With 6 confirmations (~60 minutes), reorganizing the chain costs hundreds of thousands of dollars in electricity
5.2 Public Verifiability
Anyone can verify a timelock's existence and status:
- Look up the transaction on any block explorer
- Verify the script contains the expected locktime
- Check current UTXO state (spent or unspent)
- Compare locktime to current block height
No special access, no API keys, no accounts required.
5.3 Censorship Resistance
Miners can theoretically censor transactions, but:
- Any miner can include any valid transaction
- Economic incentives favor inclusion (transaction fees)
- Censoring one transaction requires censoring it forever
- Practically, transactions with reasonable fees confirm within hours
6. Cost Analysis
Creating and resetting a timelock incurs transaction fees:
| Operation | Size (vbytes) | Fee @ 10 sat/vB |
|---|---|---|
| Create timelock | ~200 | ~2,000 sats ($0.60) |
| Reset (spend + recreate) | ~300 | ~3,000 sats ($0.90) |
| Annual cost (weekly reset) | — | ~156,000 sats ($47) |
Assumes $30,000/BTC. Actual costs vary with fee market conditions.
7. Alternative: OP_CHECKSEQUENCEVERIFY
OP_CHECKSEQUENCEVERIFY (CSV) provides relative timelocks —
the output becomes spendable N blocks after it was created, rather than
at absolute block height N.
EchoLock uses CLTV (absolute) rather than CSV (relative) because:
- Absolute timelocks are easier to verify ("is it block 850,000 yet?")
- Relative timelocks require tracking the original transaction's confirmation
- CLTV maps more naturally to calendar deadlines
8. Mempool.space Integration
EchoLock uses mempool.space's public API for transaction verification:
// Recommended endpoints const MEMPOOL_API = 'https://mempool.space/api'; // Get transaction details GET ${MEMPOOL_API}/tx/{txid} // Check if output is spent GET ${MEMPOOL_API}/tx/{txid}/outspend/{vout} // Get current block height GET ${MEMPOOL_API}/blocks/tip/height // Broadcast new transaction POST ${MEMPOOL_API}/tx
Users can also run their own Bitcoin node and Electrum server for maximum sovereignty.
9. Failure Modes
| Scenario | Impact | Mitigation |
|---|---|---|
| User loses Bitcoin keys | Cannot reset timelock | Nostr heartbeats still function |
| High fee environment | Reset becomes expensive | Extend timelock duration, reduce reset frequency |
| Mempool.space unavailable | Verification delayed | Fall back to alternative APIs or full node |
| Bitcoin network congestion | Transaction confirmation delayed | Use RBF (Replace-By-Fee) to bump priority |
10. Conclusion
Bitcoin's timelock opcodes provide something no other system can: unforgeable, publicly verifiable proof that an event occurred at a specific point in time. For dead man's switches, this means:
- Proof the switch was armed before any dispute arose
- Verification by anyone without trusting EchoLock
- A secondary signal for guardians independent of Nostr
The Bitcoin layer is optional — EchoLock works without it — but for users who need maximum assurance, on-chain timelocks provide cryptographic certainty that no centralized timestamp service can match.