introduction
With the continuous development of blockchain technology, Bitcoin not only exists as a cryptocurrency, but its ecosystem is also expanding and deepening. Bitcoin's expansion ecosystem covers a variety of Layer 2 solutions and applications. These expansions not only improve Bitcoin's transaction speed and efficiency, but also provide support for emerging fields such as smart contracts, decentralized finance (DeFi), and non-fungible tokens (NFT). These innovations have made Bitcoin's application scenarios more extensive, no longer limited to value storage and peer-to-peer payments, but can meet more complex and diverse needs, promoting the progress of the entire blockchain industry.
However, as the ecosystem expands, security issues also gradually emerge. New technologies and applications bring more potential risks and challenges, making it crucial to ensure system security while enhancing functionality. Security vulnerabilities, attack incidents, and technical flaws threaten not only the safety of users' assets but may also impact the overall stability and trust of the Bitcoin network. This article written by ScaleBit under BitsLab will delve into the construction process of the Bitcoin expansion ecosystem, the security incidents faced, and future prospects in terms of security. By analyzing current technological solutions and security challenges, it aims to provide valuable insights and suggestions for the development of the Bitcoin ecosystem, ensuring it maintains a high level of security and reliability throughout its continuous expansion.
Bitcoin Expansion Ecosystem
What is the Bitcoin expansion ecosystem?
The Bitcoin expansion ecosystem mainly refers to various scaling solutions and application ecosystems developed around the Bitcoin foundational network. Bitcoin was originally designed primarily for peer-to-peer payments and value storage, but as blockchain technology has evolved, the Bitcoin community and developers have been exploring how to add more features on top of it, especially in terms of smart contracts, decentralized finance (DeFi), NFTs, and more efficient transaction scaling.
How does the Bitcoin expansion ecosystem work?
The operation of the Bitcoin expansion ecosystem mainly relies on scaling technologies and protocols built on or outside the Bitcoin main chain, enabling Bitcoin to support a more diverse range of application scenarios. The following are the operational principles of several key technologies in the Bitcoin expansion ecosystem:
(1) Lightning Network
The Lightning Network is one of the most mature and widely used Bitcoin Layer 2 solutions. It significantly increases Bitcoin's transaction speed and reduces fees by moving a large number of small transactions off the main chain through the establishment of payment channels.
Trend: The infrastructure of the Lightning Network is continuously improving, user experience is enhancing, and more merchants are starting to support Lightning payments.
Challenges: Liquidity issues and routing efficiency still need further optimization, especially in large transaction scenarios.
Image 1 Source:
https://lightning.network/lightning-network-presentation-time-2015-07-06.pdf
(2) Liquid Network (LQ)
Liquid Network is a sidechain running on the open-source Elements blockchain platform, designed for faster transactions between exchanges and institutions. It is governed by a distributed alliance consisting of Bitcoin companies, exchanges, and other stakeholders. Liquid uses a two-way anchoring mechanism to convert BTC to L-BTC and vice versa.
Liquid supports confidential transactions and tokenization, making it suitable for enterprise applications. If Bitcoin is the value layer of the internet, Lightning is the peer-to-peer payment network in the Bitcoin-driven financial system, then Liquid is the financial layer that adds multi-asset support and financial instruments such as securities and commodities.
Compared to Lightning, Liquid is a Bitcoin Layer 2 solution that focuses on facilitating larger and more complex transactions, such as the issuance and trading of assets (like securities and stablecoins). Liquid has built-in confidential transaction features that hide transaction amounts and asset types, while Lightning mainly provides privacy through its off-chain transactions. While Lightning excels at small payments and daily transactions, Liquid is more suitable for institutional finance, asset issuance, and cross-border transactions.
Currently, over 50 exchanges have adopted Liquid Network, which has facilitated billions of dollars in transactions, proving its effectiveness in enhancing Bitcoin's utility for institutional trading. Liquid Network can provide exchanges with faster settlement times, thereby increasing Bitcoin market liquidity and allowing institutions to operate more efficiently and securely.
Image 2 Source:
https://docs.liquid.net/docs/technical-overview
(3) Rootstock Basic Framework (RBTC)
Since its inception in 2015, Rootstock has been the longest-running Bitcoin sidechain and launched its mainnet in 2018. Its uniqueness lies in combining Bitcoin's proof of work (PoW) security with Ethereum's smart contracts. As an open-source, EVM-compatible Bitcoin Layer 2 solution, Rootstock provides access to the growing dApp ecosystem and is committed to achieving complete trustlessness.
Similar to Liquid, Rootstock also uses a two-way anchoring mechanism, allowing users to easily swap between BTC and RBTC. RBTC is the native currency on the RSK blockchain used to pay miners for processing transactions and contracts. Liquid focuses on rapid, private transactions and asset issuance, while Rootstock extends Bitcoin's DeFi and dApp ecosystem through smart contracts.
As of the writing of this article, Rootstock has a total locked value (TVL) of over $170 million and a market cap of $380 million.
(4) B² Network
The technical architecture of B² Network includes a two-layer structure: Rollup layer and Data Availability (DA) layer. B² Network aims to redefine users' perceptions of Bitcoin's second-layer solutions.
B² uses ZK-Rollup as the Rollup layer. The ZK-Rollup layer employs zkEVM solutions, responsible for executing user transactions and outputting related proofs within the second layer network. User transactions are submitted and processed at the ZK-Rollup layer. User states are also stored at the ZK-Rollup layer. Batch proposals and generated zero-knowledge proofs are forwarded to the data availability layer for storage and verification.
The data availability layer includes distributed storage, B² nodes, and the Bitcoin network. This layer is responsible for permanently storing copies of Rollup data, verifying the zero-knowledge proofs of Rollup, and ultimately executing final confirmations on Bitcoin.
Distributed storage is a key aspect of the B² Network, serving as a repository for ZK-Rollup user transactions and their related proofs. Through decentralized storage, the network fundamentally improves security, reduces single points of failure, and ensures data immutability.
To ensure data availability, B² also writes a Tapscript to the Bitcoin network in each Bitcoin block, as shown in the figure below. This script anchors the data path and zero-knowledge proof of the Rollup effectively stored in decentralized storage during this period. This process is cost-controlled, generating 6 transactions per hour. Therefore, users will compare transactions one by one with the Taproot script data on Bitcoin Layer 1 to ensure the final reliability of Rollup data during verification.
Image 3
(5) Stacks Protocol (STX)
Since its launch on the mainnet in 2018 under the name Blockstack, Stacks has become a leading Bitcoin Layer 2 solution.
Image 4 Source: https://docs.stacks.co/stacks-101/proof-of-transfer
Stacks connects directly to Bitcoin, allowing the construction of smart contracts, dApps, and NFTs on Bitcoin, significantly expanding its functionality and making it more than just a value storage tool. It employs a unique Proof of Transfer (PoX) consensus mechanism that ties its security directly to Bitcoin without modifying Bitcoin itself.
Stacks has a total locked value (TVL) of over $99 million, with its established infrastructure and growing developer community making it an undeniable project in the field.
(6) Babylon
Babylon's vision is to extend Bitcoin's security to protect the decentralized world. By leveraging three aspects of Bitcoin—its timestamp service, block space, and asset value—Babylon is able to transmit Bitcoin's security to numerous Proof of Stake (PoS) chains, thus creating a more robust and unified ecosystem.
Babylon's Bitcoin staking protocol utilizes a remote staking method, overcoming the absence of smart contracts through innovations in cryptography and consensus protocols, optimizing the use of Bitcoin's scripting language. Babylon's staking protocol allows Bitcoin holders to reliably stake Bitcoin without the need to bridge to a PoS chain, providing full reducible security guarantees for that chain. This innovative protocol eliminates the need for bridging, wrapping, or custodial services for staked Bitcoin.
A key aspect of Babylon is its BTC timestamp protocol. It timestamps events from other blockchains to Bitcoin, allowing these events to enjoy Bitcoin's timestamp just like Bitcoin transactions. This effectively borrows Bitcoin's security as a timestamp server. The BTC timestamp protocol enables rapid rights unbundling, combinable trust, and reduced security costs to maximize liquidity for Bitcoin holders. The protocol is designed as a modular plugin that can be used over various different PoS consensus algorithms and provides the foundation for building reset protocols.
Image 5
After discussing various technological solutions for the Bitcoin expansion ecosystem, we can clearly see that these innovations not only significantly enhance the performance and functionality of the Bitcoin network but also provide a solid foundation for the diversification of its application scenarios. However, as the expansion ecosystem continues to grow and technology becomes increasingly complex, security issues also emerge as an important aspect that cannot be ignored. New scaling technologies introduce more potential risks and attack vectors, posing greater challenges to the overall security of the system.
In this context, ensuring the security of the Bitcoin expansion ecosystem is not only about protecting user assets but also about the stability and trust of the entire network. Therefore, this section will detail the vulnerabilities of the Lightning Network in 2023, providing valuable references for future security protection.
Security incidents in the Bitcoin expansion ecosystem
In October 2023, a potential security vulnerability was discovered in Bitcoin's scaling technology—the Lightning Network. Developer Antoine Riard revealed details related to the vulnerability after discovering it.
This vulnerability is referred to as 'replacement cycling attacks,' which could jeopardize the security of funds flowing through the Lightning Network, causing delays or failures in processing transactions as expected, potentially leading to the risk of loss of funds within the Bitcoin Lightning Network channel.
This event highlights that security must always be the top priority in the rapidly evolving expansion ecosystem. Developers and the community need to continuously monitor and improve existing scaling solutions to prevent potential security threats and ensure the safety of user funds.
Image 6
Security Outlook for the Bitcoin Expansion Ecosystem
Although the Bitcoin expansion ecosystem has made significant progress in improving transaction efficiency and functionality diversity, its security still needs to be continuously strengthened. This section will explore the future development directions and challenges of the Bitcoin expansion ecosystem in terms of security.
The Bitcoin expansion ecosystem aims to solve the transaction throughput problem of the main chain while ensuring security and decentralization.
Trust model for off-chain transactions: The Bitcoin expansion ecosystem enhances transaction speed through off-chain technology, and developers must ensure that the trust mechanisms for off-chain transactions are sufficiently reliable. For example, bi-directional payment channels in the Lightning Network require the use of multi-signature technology and ensure a secure closing process to prevent funds from being frozen or lost.
Privacy and Transparency: Lightning Network channel transactions can be completed without disclosure, enhancing privacy but increasing regulatory challenges and potentially leading to malicious behavior. Layer 2 networks must strike a balance between privacy and transparency by selectively disclosing parts of transaction records to enhance compliance.
User Experience and Security: The complexity of the expansion ecosystem brings operational difficulties for users, as managing channels in the Lightning Network may be unfriendly to average users, increasing the risk of operational errors. The Bitcoin expansion ecosystem can enhance user experience and reduce security risks by designing more user-friendly interfaces and simplifying operational tools.
Looking ahead, the Bitcoin expansion ecosystem needs to continuously optimize technological solutions, enhance user experience, and strengthen regulatory compliance while maintaining decentralization and security to achieve more robust and widespread applications.
Summary
The Bitcoin expansion ecosystem significantly enhances the functionality and transaction efficiency of the Bitcoin network through various Layer 2 solutions and innovative protocols, driving the development of emerging fields such as smart contracts, DeFi, and NFTs.
However, as the ecosystem continues to expand, security issues also gradually emerge, which requires the attention of developers and the community. In the future, while pursuing higher transaction throughput and diversified applications, the Bitcoin expansion ecosystem must continuously strengthen security mechanisms, optimize user experience, balance privacy and transparency, and ensure robust and widespread development based on decentralization and security.
To read the full report, please click: https://bitslab.xyz/reports-page
About ScaleBit
ScaleBit, a security sub-brand under BitsLab, is a blockchain security team providing security solutions for Web3 mass adoption. With expertise in blockchain cross-chain and zero-knowledge proof scaling technologies, we primarily offer detailed and cutting-edge security audits for ZKP, Bitcoin Layer 2, and cross-chain applications.
The ScaleBit team consists of security experts with extensive experience in both academia and industry, dedicated to providing security assurance for the mass application of scalable blockchain ecosystems.
About BitsLab
BitsLab is a security organization dedicated to safeguarding and building the emerging Web3 ecosystem, with the vision of becoming a respected Web3 security institution in the industry and among users. It has three sub-brands: MoveBit, ScaleBit, and TonBit.
BitsLab focuses on the infrastructure development and security auditing of emerging ecosystems, covering but not limited to ecosystems such as Sui, Aptos, TON, Linea, BNB Chain, Soneium, Starknet, Movement, Monad, Internet Computer, and Solana. At the same time, BitsLab demonstrates profound expertise in auditing various programming languages, including Circom, Halo2, Move, Cairo, Tact, FunC, Vyper, and Solidity.
The BitsLab team brings together several top vulnerability researchers who have won international CTF awards multiple times and have discovered critical vulnerabilities in well-known projects such as TON, Aptos, Sui, Nervos, OKX, and Cosmos.
Visit the BitsLab official website:
https://bitslab.xyz/
Visit ScaleBit's official website:
https://www.scalebit.xyz/
BitsLab Official Twitter:
https://x.com/0xbitslab
Join the official Telegram community:
https://t.me/BitsLabHQ
