The Bitcoin community is focusing on increasing the programmability of Bitcoin, and Bitcoin L2 is the most promising solution.
Original Title: "The Bitcoin L2 Opportunity"
Author: Mohamed Fouda, Partner at Volt Capital
Translation: Kate, Mars Finance
How to resist the occupation of Bitcoin by the old financial system?
The Bitcoin spot ETF has dominated the discussion in the past few weeks. With everything resolved, the community's attention has returned to Bitcoin. This means answering an eternal question: "How to improve the programmability of Bitcoin?"
Bitcoin L2 is currently the most hopeful answer to this question. This article compares Bitcoin L2 with early work and discusses some of the most promising Bitcoin L2 projects. Then, the article touches on interesting entrepreneurial opportunities related to Bitcoin L2.
Defending permissionless Bitcoin
As many investors can now gain Bitcoin exposure through regulated products, they can use Bitcoin in a wide range of traditional financial products, such as leveraged trading and collateralized loans. However, these products do not use native BTC. Instead, they use BTC controlled by issuers in TradFi, while native BTC is locked up by custodians. Over time, TradFi BTC could become the primary way of holding and using BTC, transforming it from a decentralized permissionless asset to another asset controlled by Wall Street. Native permissionless Bitcoin products are the only way to resist the control of Bitcoin by the old financial system.
Building native Bitcoin products
L1 Applications
There have been many attempts to implement additional functionality on L1. The focus of these efforts is to utilize the ability of Bitcoin transactions to carry arbitrary data. This arbitrary data can be used to implement additional functionality, such as issuing and transferring assets and NFTs. However, these functionalities are not built as part of the Bitcoin protocol and require additional software to interpret these data fields and operate on them.
These efforts include Colored Coins, Omni Protocol, Counterparty, and the recent Ordinals. Omni was initially used to issue and transfer Tether (USDT) on Bitcoin L1, then expanded to other chains. Counterparty is the underlying technology for Bitcoin Stamps and SRC-20 tokens. Ordinals is currently the standard for issuing NFTs and BRC-20 tokens on Bitcoin using encryption.
Since its inception, Ordinals has been hugely successful, generating over $200 million in fees. Despite its success, Ordinals is limited to asset issuance and transfer. Ordinals cannot be used to implement applications on L1. Due to the limitations of the native Bitcoin programming language Bitcoin Script, more complex applications such as AMM and Lending are almost impossible to build.
BitVM
A unique effort to extend the functionality of Bitcoin L1 is BitVM. This concept is built on top of the Taproot upgrade to Bitcoin. The concept of BitVM is to extend the functionality of Bitcoin through off-chain execution of programs and ensure that execution can be challenged on-chain through fraud proofs. While BitVM seems capable of implementing arbitrary logic off-chain, in practice, the cost of executing fraud proofs on L1 increases rapidly with the scale of off-chain programs. This problem limits the applicability of BitVM in specific cases, such as minimizing trust BTC bridges. Many upcoming Bitcoin L2 solutions utilize BitVM for bridge implementation.
Simplified diagram of BitVM operations
Sidechains
Another approach to addressing the limited programmability of Bitcoin is to utilize sidechains. Sidechains are fully programmable independent blockchains, such as EVM-compatible, attempting to remain consistent with the Bitcoin community and provide services to that community. Examples of these sidechains include Rootstock, Blockstream's Liquid, and Stacks V1.
Bitcoin sidechains have been around for years and have had limited success in attracting Bitcoin users overall. For example, Liquid has less than 4500 BTC bridged to the sidechain. However, some DeFi applications built on these chains have achieved some success. Examples include Sovryn on Rootstock and Alex on Stacks.
Bitcoin L2
Bitcoin L2 is becoming the focus for building permissionless applications based on Bitcoin. They can offer the same advantages as sidechains but with security guarantees from the Bitcoin base layer. There has been ongoing controversy about what truly represents Bitcoin L2. In this article, we avoid this debate but discuss the main considerations for fully coupling L2 with L1 and discuss some promising L2 projects.
Requirements for Bitcoin L2
Security from L1
The most important requirement for Bitcoin L2 is to derive its security from L1. Bitcoin is the most secure chain, and users expect this security to extend to L2. For example, the Lightning Network is already in this situation.
This is why sidechains are classified under this category, as they have their own security. For example, the security of Stacks V1 depends on the STX token.
This security requirement is difficult to achieve in practice. To have L1 protect L2, L1 needs to be able to perform certain computations to verify the behavior of L2. For example, rollups in Ethereum derive security from L1 because Ethereum L1 can verify zero-knowledge proofs (zk rollup) or verify fraud proofs (optimistic rollup). The Bitcoin base layer currently lacks the computational capability for these two aspects. Some have proposed adding new opcodes to Bitcoin to allow the base layer to verify zk rollup submissions. Additionally, proposals like BitVM attempt to achieve fraud proofs without changing L1. The challenge for BitVM is that the cost of fraud proofs may be very high (hundreds of L1 transactions), limiting their practical application.
Another requirement for achieving L1-level security for L2 is that L1 has an immutable record of L2 transactions. This is the Data Availability (DA) requirement. It allows observers monitoring the L1 chain to verify the state of L2. Through encryption, records of L2 TX can be embedded into Bitcoin L1. However, this creates another problem, which is scalability. Bitcoin L1's block time is limited to approximately every 10 minutes 4MB, and the data throughput is limited to approximately 1.1 KB/s. Even if L2 transactions are highly compressed to about 10 bytes/tx, assuming all L1 transactions are used to store L2 data, L1 can only support approximately 100 tx/second of L2 throughput.
Trust Minimization Bridging from L1
In Ethereum L2, the bridging to L2 is controlled by L1. Bridging to L2, also known as Peg-in, effectively means locking assets on L1 and creating a copy of these assets on L2. In Ethereum, this is achieved through L2 native bridge smart contracts. These smart contracts store all assets bridged to L2. The security of the smart contract comes from L1 validators. This makes bridging to L2 secure and trust-minimized.
In Bitcoin, it is not feasible to have a bridge protected by all L1 miners. Instead, the best option is to have a multi-signature wallet that stores L2 assets. Therefore, the security of L2 bridges depends on multi-signature security, including the number of signers, their identities, and how the inbound and outbound operations are protected. One way to enhance the security of L2 bridging is to use multiple multi-signatures instead of a single multi-signature containing all L2 bridged assets. Examples of this include TBTC, where multi-signature signers must provide collateral, which may be slashed if they cheat. Similarly, the proposed BitVM bridge requires multi-signature signers to provide security deposits. However, in this multi-signature, any signer can initiate an outbound transaction. Outbound interactions are protected by BitVM fraud proofs. If a signer engages in malicious behavior, other signers (validators) can submit fraud proofs on L1, leading to the removal of the malicious signer.
Bitcoin L2 Landscape
Comparison of Bitcoin L2 Projects
Chainway
Chainway is building a zk rollup on top of Bitcoin. Chainway rollup uses Bitcoin L1 as a Data Availability (DA) layer to store the rollup's zk proofs and state differences. Additionally, the rollup utilizes recursive proofs, aggregating each new proof on the previous proof published on L1. The proof also aggregates "enforced transactions," i.e., L2-related transactions that are broadcast on L1 to enforce their inclusion on L2. This design has several advantages:
Enforced transactions ensure that the rollup sequencer cannot censor L2 transactions and gives users the power to include these transactions by broadcasting them on L1.
Using recursive proofs means that proofers of each block must verify the previous proof. This creates a chain of trust and ensures that invalid proofs cannot be included on L1.
The Chainway team also discusses using BitVM to ensure correct execution of proof verification and inbound/outbound transactions. Using BitVM to verify bridging transactions can reduce the trust assumptions of bridged multi-signatures to a small number of honest participants.
Botanix
Botanix is building an EVM L2 for Bitcoin. To enhance consistency with Bitcoin, Botanix L2 uses Bitcoin as a PoS asset for consensus. L2 validators earn fees from transactions executed on L2. Additionally, L2 stores the Merkle root of all L2 transactions on L1 using encryption. This provides partial security for L2 transactions, as the transaction log cannot be altered, but it does not guarantee the data processing of these transactions.
Botanix handles L1 bridging through a decentralized multi-signature system network called Spiderchain. Signers of the multi-signature are randomly selected from a group of orchestrators. Orchestrators lock user funds on L1 and sign a proof to generate an equivalent amount of BTC on L2. Orchestrators need to submit a collateral to qualify for this position. In case of malicious behavior, the security deposit can be slashed.
Botanix has launched a public testnet, with plans to launch the mainnet in the first half of 2024.
Bison Network
Bison's Bitcoin L2 adopts a sovereign rollup style. Bison uses STARK to implement zk rollup and uses Ordinals to store L2 TX data and generated zk proofs on L1. Since Bitcoin cannot verify these proofs on L1, the verification is delegated to users who verify zk proofs on their devices.
For BTC bridging with L2, Bison uses Discreet Log Contracts (DLC). DLC is protected by L1 but relies on an external oracle. This oracle reads the L2 state and passes the information to Bitcoin L1. If this oracle is centralized, it may maliciously use locked assets on L1. Therefore, for Bison, transitioning to a decentralized DLC oracle is crucial.
Bison plans to support a rust-based zkVM. Currently, Bison OS has implemented many contracts, such as Token contracts, which can be proven using the Bison prover.
Stacks V2
Stacks is one of the earliest projects focused on extending Bitcoin's programmability. Stacks is undergoing a transformation to better align with Bitcoin L1. The focus of this discussion is the upcoming Stacks V2, expected to be released on the mainnet in April 2024. Stacks V2 implements two new concepts that improve consistency with L1. The first is the Nakamoto Release, updating Stacks' consensus to follow Bitcoin blocks and finality. The second is an improved BTC bridging, called sBTC.
In the Nakamoto Release, blocks in Stacks are mined by miners who make collateral transactions in BTC on L1. When a Stacks miner creates a block, these blocks are anchored on Bitcoin L1 and receive confirmation from L1 PoW miners. When a block receives 150 L1 confirmations, it is considered final, and cannot fork unless Bitcoin L1 forks. At this point, the Stacks miner who mined the block receives STX rewards, and their BTC collateral is distributed to the network Stackers. This means that any Stacks block beyond 150 blocks (approximately 1 day) relies on the security of Bitcoin L1. For newer blocks (150 confirmations), the Stacks chain can only fork if 70% of Stackers support the fork.
Another Stacks upgrade is sBTC, which provides a more secure way to bridge BTC to Stacks. To bridge assets to Stacks, users deposit their BTC into an L1 address controlled by L2 Stackers. When the deposit transaction is confirmed, sBTC is minted on L2. To ensure the security of bridged BTC, Stackers must lock a collateral in STX worth more than the bridged BTC value. Stackers are also responsible for executing withdrawal requests from L2. Withdrawal requests are broadcast as L1 transactions. Upon confirmation, Stackers destroy sBTC on L2 and collaboratively sign L1 tx to release the user's BTC on L1. For this work, Stackers receive the miner's collateral reward discussed earlier. This mechanism is called Proof of Transfer (PoX).
Stacks, consistent with Bitcoin, requires many important L2 transactions to be executed in an L1-like manner, such as miner PoX collateral and withdrawal transactions. This requirement does enhance the consistency and security of bridging BTC, but due to the volatility and high fees of L1, it may lead to a degraded user experience. Overall, the upgraded Stacks design addresses many issues from V1 but still has some weaknesses. This includes using STX as the native asset in both L2 and L2 DA, meaning only the hash of transactions and smart contract code is available on L1.
BOB
Build-on-Bitcoin (BOB) is an Ethereum L2 designed to be consistent with Bitcoin. BOB operates as an Optimistic rollup on Ethereum and uses the EVM execution environment to implement smart contracts.
BOB initially accepts different types of bridged BTC (WBTC, TBTC V2), but plans to adopt a more secure bidirectional bridging using BitVM in the future.
To differentiate from other Ethereum L2s that also support WBTC and TBTC, BOB is building functionality that allows users to interact directly with Bitcoin L1 from BOB. The BOB SDK provides a smart contract library that allows users to sign transactions on Bitcoin L1. These transactions are monitored on L1 by a Bitcoin light client. The light client adds the hash of Bitcoin blocks to BOB to allow Simple Payment Verification (SPV) of submitted transactions on L1 and their inclusion in blocks. Another feature is an independent zkVM, which allows developers to write rust applications for Bitcoin L1. Proofs of correct execution can be verified on the BOB rollup.
The current design of BOB is better described as a sidechain rather than a Bitcoin L2. This is mainly because the security of BOB depends on Ethereum L1 rather than Bitcoin's security.
SatoshiVM
SatoshiVM is another project planning to launch a zkEVM Bitcoin L2. The project suddenly emerged with the launch of the testnet in early January. There is little technical detail about the project, and it is unclear who the developers are. Some limited technical documentation about SatoshiVM indicates the use of Bitcoin L1 for DA, resistance to censorship by supporting the ability to broadcast transactions on L1, and the use of BitVM-style fraud proofs to verify L2 zk proofs.
Due to its anonymity, there is much controversy surrounding the project. Some investigations suggest a connection between this project and Bool Network, an older Bitcoin L2 project.
Entrepreneurial Opportunities in Bitcoin L2
The development space of Bitcoin L2 has brought about some entrepreneurial opportunities. Besides the obvious opportunity to build the best L2 platform for Bitcoin, there are other entrepreneurial opportunities.
Bitcoin Data Layer
Many upcoming L2s aim to strengthen consistency with L1. One way to do this is to use L1 for DA. However, considering the rigid size limit of Bitcoin blocks and the long delay between L1 blocks, L1 will not be able to store all L2 transactions. This creates an opportunity for a Bitcoin-specific data processing layer. Existing networks, such as Celestia, can expand to fill this gap. However, creating an off-chain DA solution that relies on Bitcoin security or BTC collateral can enhance consistency with the Bitcoin ecosystem.
MEV Extraction
In addition to using Bitcoin L1 for DA, some L2s may choose to delegate the sorting of L2 transactions to BTC-bound sorters, or even delegate to L1 miners. This means that any MEV extraction will be delegated to these entities. Given that Bitcoin miners do not have the capability to complete this task, there is an opportunity for a company similar to flashbots, focusing on MEV extraction and private order flow in Bitcoin L2. MEV extraction is usually closely related to the VM used, and with no agreed-upon VM for Bitcoin L2, there may be multiple participants in this field, each focusing on different Bitcoin L2s.
Bitcoin Yield Tools
Bitcoin L2 will require the use of Bitcoin collateral for validator selection, DA security, and other functions. This creates opportunities for holding and using Bitcoin to generate yield. Currently, there are some tools that provide such opportunities. For example, Babylon allows staking Bitcoin to secure other chains. With the flourishing Bitcoin L2 ecosystem, there is a significant opportunity for platforms that aggregate native Bitcoin yield opportunities.
In conclusion, Bitcoin is the most recognized, secure, and liquid cryptocurrency. With the launch of Bitcoin spot ETFs, Bitcoin has entered the phase of institutional adoption, making it more important than ever to maintain its fundamental nature as a permissionless and censorship-resistant asset. This can only be achieved by expanding the permissionless application space around Bitcoin. Bitcoin L2 and the entrepreneurial ecosystem supporting these L2s are essential elements in achieving this goal. At Alliance, we hope to support founders who are creating these startups.
Thanks to Orkun Mahir Kılıç and Ken Liao for their valuable feedback on this article.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
