This looks great!
A decentralized exchange is tantalizingly close.
At first glance, it looks like it's vulnerable to transaction malleability, though. Do you have a way to defend against the following attack?
In
this context:
B creates TX3: "Pay v alt-coins to if (x for H(x) known and signed by A) or (signed by A & B)"
B creates TX4: "Pay v alt-coins from TX3 to , locked 24 hours in the future, signed by B"
B sends TX4 to A
A signs TX4 and sends back to B
2) B submits TX3 to the network
A broadcasts an equally valid TX3' with a different hash, which eventually gets into the blockchain instead of TX3. (A has deliberately made connections to many more nodes than B, so A will receive TX3 quickly and can then send TX3' to many nodes in one hop.)
Now TX4 is useless. A waits until his timelock expires and gets his coins back. B's coins are stuck.
A watches the Mercury community's public discussions to see if anybody complains that their coins are stuck.
If so, A creates TX5: "Pay 0.5*v alt-coins from TX3' to A and 0.5*v alt-coins to B", signs it, and sends B a private message saying,
"Hello B,
I'm scamming you. You can sign TX5 and get half of your coins back. Or not. It's up to you.
Don't bother replying. I won't read it.
Your friendly scammer,
A"