If I understand this right, Alice and Carol start by swapping their respective currencies fpr ecash. So we have eBtc and eDollars for example.

Exchanges are just mints now? Maybe they make money exclusively on the swap ins and swap outs.

HTLC_c (c for Carol) is a {hash or time} locked so if Carol provides a hash, she can claim it, or if time expires Alice can reclaim it. It is ecash for one side of the trade (e.g. eBtc)

HTLC_a (a for Alice) is the opposite for Alice to claim after a successful trade. It is the other ecash (eDollar)

Details unknown but I'll wait 'till you win the hackathon:

- Uncertain how both Alice and Carol could know the same H: Is it public? Is it on HTLC_c?

- Assuming that verifying a HTLC means checking the signature against the mint's pubkeys.

- Uncertain what subscribing to an HTLC is, but we trust/require the mint to follow a protocol of  publishing state changes and preimages. But in the case of a bug or downtime, wouldn't this break atomicity?

If it is atomic and trustless, then hot damn, there are no disputes!!! Only disputes land squarely with the mint to honour swaps. 

 - H is inside the HTLC transaction, it's known between sender, receiver and mint.
- Verifying = check if the token is not already spent
- Subscribe to the status of the token (SPENT, UNSPENT, ...) gets also preimage as soon it's spent. 
- Yes, mint must be compatible with HTLCs
- If there's a downtime, she can wait until get back up and complete the transaction, assuming it's not several days down.