Bitcoin Lightning hacker layer-2 Brollups

Burak, the famous hacker who in November 2022 activated a bug on the Lightning Network scaling chain, is introducing his own Bitcoin-based layer-2 to the market: “Brollups”.

The new product called brings several improvements to Bitcoin’s cryptographic infrastructure by introducing new use cases in the field of decentralized finance without having to resort to a fork and without having to introduce a new token.

Let’s see everything in detail below.

The hacker of the Lightning Network presents Brollups and introduces new use cases for Bitcoin’s layer-2

Burak, a cryptographic developer who was a key figure in the hacker attack on the Lightning Network in November 2022, is about to launch his own Bitcoin layer-2 called “Brollups”.

It is a second-layer blockchain anchored to the superior DA (data availability), offering a new type of Bitcoin-native rollup design as it groups transactions providing greater scalability, without the need to fork Bitcoin or issue a secondary token.

This type of layer-2 is still in the design phase, with the launch in testnet expected by the end of the year, but already now it plans to support over 90% of the upcoming use cases that will be introduced in DeFi.

According to what was reported by the same creator of the new chain: 

“Whether listing an NFT for sale in exchange for Bitcoin where the buyer pays with Bitcoin at the time of execution or placing a symbolic sell order on a decentralized exchange, [all of this is] executed atomically, verifiable, scalable, and enforceable on Bitcoin.”

The creator of Brollups is not new to this kind of chains: last year he indeed created a competitor of Lightning Network called Ark Protocol.

Introducing Brollups: a Bitcoin-native rollup design that works with a native Bitcoin peg and requires no changes to the Bitcoin protocol.https://t.co/OW2y0xJrg0

— Burak (@brqgoo) June 21, 2024

According to what was reported by Burak, the architecture of Brollups differs from optimistic rollup (Optimism, Arbitrum) and zk-rollups (Starknet, Zksync) typical of the Ethereum blockchain.

These types of networks are in fact managed by a central operator or by a quorum of operators, who provide liquidity to the protocol and advance the state of rollup by chaining Bitcoin transactions at regular intervals.

They are based on the concept of using virtual UTXOs (VTXO) as a peg within smart contracts, relying on layer-1 as the data availability layer and executing transactions on the custom VM of the Bitcoin Virtual Machine.

The VTXO can be used off-chain (and therefore implemented with smart contracts) while the calldata are verified by the clients. The VTXO are seen as bytes, while the calldata interpret the bytes: combining them gives rise to automated on-chain conditions typical of DeFi contracts 

Simplificano Burak wrote in his blog post that:

“The brollup are, in short, the coins between VTXO and calldata.”

The Bitcoin community immediately congratulated the layer-2 developer for introducing a new network that does not require changes to the protocol but at the same time allows for the introduction of new use cases in the field of decentralized finance.

Despite this, some experts in the field have pointed out to Burak that, contrary to what was written in his post, it is not true that all zk-rollups are based on the fundamental dependency on a reliable setup as there are already several systems like STARK, Halo, and Plonky2 that do not require this step.

Furthermore, some are asking questions regarding the operational cost that the layer-2 Brollups will require to verify and control all the keys in the KDC session.

Another interesting invention Burak! Some small corrections:

> ZKP rollups are built upon a fundamental reliance on a trusted setup

not true for all ZKP rollups, there are several types of proving systems now that do not require a trusted setup (e.g. STARKs, Halo, Plonky2)

— light (@lightcoin) June 21, 2024

The attack by Burak in 2022 on the layer-2 Lightning network

Diving into the past, we see how the same developer Burak who is about to introduce “Brollup”, in 2022 had organized a hacker attack on the layer-2 network of Bitcoin Lightning Network.

In that circumstance, the user exploited a bug on the network, causing the temporary fall of all nodes, however, without proceeding with malicious intents and without stealing any funds from the second-level chain. In particular, the nodes had stopped synchronizing due to an issue with the btcd analysis library.

According to what was reported at the time by Lightning Labs, it was necessary to activate an emergency update on the network a few hours after the incident, avoiding harmful consequences to the non-updated nodes that are closed by timelock if not connected and synchronized within two weeks.

Burak himself clarified that his intent in the matter is attributable to activities of a “white hacker,” and the activation of the bug on the Lightining Network was done solely and exclusively to test the network for its technical vulnerabilities.

In a post from 2022, he had written: “Sometimes to find the light we must first touch the darkness.”

Sometimes to find the light, we must first touch the darkness.https://t.co/dhCwF0DxpE

— Burak (@brqgoo) November 1, 2022

The same year just a month before the incident, Burak had exploited another flaw in the layer-2 system of Bitcoin Lightning Network.

By activating a multisignature transaction 998-999, rejected by btcd and LND nodes, the hacker has put the entire block and all subsequent blocks after the transaction in check.

Also in this case, the user’s “ethical” purpose was highlighted as they did not exploit the bug for personal economic gain, and in fact, spent 5 dollars in commission to advance the multisignature transaction.

The same day Burak intentionally blocked the validation of blocks on L2, Lightning Labs released a patch to solve the problem.

I just did a 998-of-999 tapscript multisig, and it only cost $4.90 in transaction fees.https://t.co/CvBHaRAqPu

— Burak (@brqgoo) October 9, 2022

We will see if in the future the developer of Brollups will enjoy temporarily taking down his layer-2 as well and if he will continue to innovate the entire Bitcoin industry with new technical improvements.

At the moment, other second-layer networks competing to incorporate DeFi activities on Bitcoin are Stacks, Merlin Chain, Bouncebit, Anduro, Citrea, Liquid Network, and Dovi, in addition to the flagship chain Lightning Network.