**Session Date/Time:** 25 Jul 2023 16:30 # satp ## Summary This IETF meeting focused on the Secure Asset Transfer Protocol (SATP). Discussions centered on updates to the SATP core draft, use cases, crash recovery mechanisms, and potential future directions including querying assets across networks. Several key decisions revolved around the scope of the current charter versus potential future expansions, particularly concerning multi-currency support and integration with other financial standards. ## Key Discussion Points * **SATP Core Draft Updates:** * Removal of the redundant "act prepare" message in the three-phase commit process, simplifying the protocol for point-to-point transfers. * Shifting "transfer commence" messages to stage 1 for logical organization and the introduction of multiple rounds of negotiation for features via "transfer claims". * Concerns raised about multi-negotiation overhead and the potential movement of claim negotiations to a pre-SATP "stage 0." Need to define the message being sent in dotted arrow during transfer protocol receipt. * Discussion of organizing claims into sections based on asset/actor characteristics and gateway/network characteristics. * **Use Cases and Applicability:** * Updates to the use cases draft focusing on Central Bank Digital Currencies (CBDCs) and decentralized finance (DeFi). * Clarification of SATP's scope, particularly its limitations in addressing complex DeFi scenarios and multi-currency exchange directly. * Discussion on the relationship between SATP and ISO 20022, emphasizing SATP's unique focus on guaranteed asset transfer, not just messaging. * **Crash Recovery and Session Resumption:** * Presentation of a detailed crash recovery mechanism based on a primary/backup gateway model and logged operations. * Discussion of non-critical vs. critical faults, rollback logic, and explicit vs. implicit session resumption. * Consideration of formal methods for verifying the correctness and security of the crash recovery protocol. * Debate around "burn and mint" versus "lock and unlock" approaches for asset management. * **Gateway Transfer Initialization Claims (Stage 0):** * Presentation of a potential "stage 0" process for establishing the link between gateways before initiating SATP, involving application-to-application communication and the exchange of "transfer context" data. * **Data Sharing and Querying Across Networks:** * Discussion of expanding SATP's scope to include querying the state of assets and processes in other networks, especially for closed/permissioned systems. * Use of a view address to get defined data from a network. ## Decisions and Action Items * **Action Item:** Add a note to the CBDC use case in the draft indicating that multi-currency exchange scenarios are currently out of scope and identify missing requirements. * **Action Item:** Thomas and Rafael to continue refining the error messages section in the core draft. * **Action Item:** Explore the applicability of formal methods to the SATP core and crash recovery protocols. * **Action Item:** Authors to improve clarity around trust assumptions in the SATP drafts. * **Action Item:** Chair to look at required vs helpful items in asset profile. ## Next Steps * Continue working on error handling and session resumption within the core SATP draft. * Update the hyperledger cacti open source implementations of SATP. * Explore the potential use of formal methods for protocol verification. * Discuss and refine the proposed "stage 0" process for gateway initialization and context exchange. * Consider how to incorporate data sharing capabilities into a future version of SATP. * For the next meeting, all participants should review drafts and add any appropriate comments.