Interviewees: Jeffrey, Bool Network; Kai, Bool Network; Witter, Hibit; Buffalo, ChainSwift

Since the Summer of Inscription in 2023, the Bitcoin ecosystem has always been the focus of people's attention. After a brief period of prosperity, BTC Layer2 has fallen to the bottom again, causing some people to doubt the rationality of BTC's second-layer narrative; in addition, most BTC custody solutions cannot get rid of the multi-signature/MPC model, which has undoubtedly become a major bottleneck restricting the development of the BTC ecosystem.

In this regard, Geek Web3 invited Bool Network and its ecosystem-based exchange Hibit and BTCFi project ChainSwift to discuss the current status of Bitcoin ecology and Layer2 system, the issue of Bitcoin asset custody, Bool Network's unique design in custody solutions, the principles of Hibit and ChainSwift and their integration with Bool. During the discussion, Bool's Jeffery pointed out that most Bitcoin Layer 2 is a pseudo-concept, and what we should really do is to broaden the application scenarios of BTC, especially BTCFi.

The following is a text record of this conversation, everyone is welcome to read it!

1. Faust: Recently, I have heard from many channels that many VCs and project owners believe that the narrative of Bitcoin's second layer has reached the bottom, and the enthusiasm is far less than a few months ago. Some people even believe that EVM, the second layer of Bitcoin, cannot prove its own value. Now many people have turned their attention to the concept of BTCFi. What do you think about this?

Jeffrey: From my personal experience, many people have lost confidence in Bitcoin Layer 2. Several projects that were actively promoted in the Bitcoin ecosystem before have stopped updating their Twitter accounts. In fact, in the final analysis, most Bitcoin Layer 2 projects have not broken away from the "WBTC-Ethereum" model, especially the EVM Layer 2, which is nothing more than "locking assets on the source chain and mapping assets on the target chain". What is the difference between this and transferring Bitcoin to Ethereum through WBTC? Moreover, most of the cross-chain bridges of the second layer are not even as safe and reliable as WBTC.

For Bitcoin, pure "capacity expansion" is a pseudo-concept and pseudo-demand. The real rigid demand is to expand its application scenarios. This does not mean that you can just build an independent public chain, build a bridge, or create something like WBTC. Babylon is a high-quality case of releasing the potential of Bitcoin. It can enable Bitcoin to empower the economic security of the POS public chain and expand Bitcoin in terms of functionality.

As for BTCFi, it is more about expanding the financial scenarios of Bitcoin, which is more detailed and focused than the narrative of BTC Layer2. There are so many BTC in the Bitcoin chain that are dormant all year round. Many old OGs would rather keep their Bitcoin in cold wallets than take it out to participate in financial activities. The root cause is that 1. Most platforms cannot really guarantee the security of assets, and 2. There is a lack of attractive things. If BTCFi matures, I believe it will change many problems in the Bitcoin ecosystem.

For Bool Network, we agree with the huge potential of BTCFi and Bitcoin itself. Our main focus now is to unlock the asset potential of BTC in a trustless way as much as possible. The Babylon case has shown that many parts of Web3 require the participation of Bitcoin assets, and there is still a lot of room for imagination in this area.

2. Faust: Actually, Kevin, co-founder of Bitlayer, has also expressed before that many BTC big holders have the need to earn interest on their assets, but the prerequisite is that they must be placed in a sufficiently safe place. Now many projects in the Bitcoin ecosystem are at risk. What do you think about the topic of asset security?

Jeffrey: Actually, asset security is a long question. Many people think that "users don't care whether XX project is safe or not", but the fact is that "users" who hold this idea are not high-net-worth individuals. Many large investors or large institutions attach great importance to asset security, and even walk on thin ice. Whether they are willing to place their assets on a certain platform depends on security.

Let’s take Babylon as an example. In fact, Babylon has a flaw that will prevent it from attracting large BTC users because of its confiscation mechanism. In Babylon’s mechanism model, my BTC provides economic security for a PoS application chain in the form of staking, and correspondingly, I will receive the token of the application chain as a staking reward.

But the token of this application chain is actually a virtual currency compared to the real BTC in my hand. In the process of participating in POS Staking, my BTC may be confiscated, that is, the reward I get may be a bunch of virtual coins, but the cost is the loss of real BTC, which is difficult for large investors to accept.

A similar logic applies, because most BTCFi projects provide incentives to participants in the form of Alt Coins. If you want these people to pay attention to you, it is better to make what you do safe enough. This is the value of asset security.

3. Wu Yue: Let's get back to the topic of Bool Network itself. What is your self-positioning? From a technical point of view, how does Bool ensure asset security? I remember you said that the nodes participating in the threshold signature in the Bool network do not know the specific calculation content. How do you achieve this?

Jeffrey: What Bool does is actually to provide trustless asset custody for BTC, and provide users with mechanisms such as forced withdrawals and escape hatches, so that BTC can safely participate in scenarios such as BTCFi. We provide BTC custody facilities for cross-chain bridges, Restaking, BTC-based stablecoins, oracles, on-chain trading platforms, etc., but the functions to be provided in these scenarios are not as simple as just taking BTC across and back.

To put it more simply, because BTCFi almost all relies on off-chain components, when your BTC tries to interact with something off-chain, how can I ensure that BTC is still safe? This involves the way of asset custody. The core business of most cross-chain bridges, trading platforms, and Defi platforms is asset custody. You have to hand over your assets to a third party for safekeeping and take them back when needed, but how can you ensure that the funds are not taken away or detained by the custodian? How can I force Bitcoin back to the BTC chain without permission? These are all things that need to be considered.

In response to this, we have built a function similar to forced withdrawal/escape hatch on the BTC chain based on technologies such as pre-signature, Taproot and time lock. Users can take the initiative over their own BTC and force withdrawal of assets without trust at critical moments.

In addition, we have also proposed the concept of "Dynamic Hidden Committee" based on ZK and TEE, referred to as "DHC". Here I will talk about the dynamic hidden committee DHC. First of all, Bool Network is a non-accessible network based on asset pledge. As long as you buy specific hardware and add a certain amount of asset pledge, you can participate in becoming a node in the Bool network.

If there are 1,000 nodes distributed all over the world, how can I create a DHC? Suppose, now a certain asset management platform uses Bool's service, and needs Bool to create a MPC/TSS committee for it with a validity period of 10 minutes and a threshold of 7/10 (simply understood as a more secure multi-signature), that is, 10 nodes are temporarily selected from 1,000 nodes to form a committee for threshold signature, and the committee will be disbanded and replaced after 10 minutes.

For this purpose, we created the Ring VRF algorithm and combined it with ZK for privacy protection. During the term of each committee, the identities of the 10 selected persons cannot be known, including the selected persons themselves (TEE is used for this).

This design has two advantages. First, because DHC is dynamic, temporary, and confidential, if you want to do evil, you have to hack or bribe 7 out of 10 people within a limited time, but because of privacy protection, you don’t know who these 10 people are. Second, because DHC members hide from each other, the problem of conspiracy to commit evil can be circumvented, because each other’s identity is unknown, so naturally there is no way to conspire. Anti-conspiracy is very critical, because most centralized multi-signatures find it difficult to solve the problem of conspiracy to commit evil, and our solution can prevent conspiracy.

In this case, you have to hack most of the nodes in the entire Bool network, or crack the mechanism design of Bool. In other words, the security of asset custody based on DHC is basically equivalent to the security of the entire network.

Wu Yue: Can you elaborate on the use of TEE (Trusted Execution Environment)?

Jeffrey: TEE is actually a black box. Programs and data can be encrypted and stored and run in the black box. Even the device operator does not know what is running in the TEE.

We just said that Bool uses TEE. If TEE is not used, the node operator can observe the current DHC participant's account through certain means, and even attack the election program itself. After adding TEE, it is equivalent to running the program and data in a black box, and the node operator cannot know the account, key and other information stored in TEE.

Someone asked before, since you use TEE, why do you still need to use technologies like ZK and MPC/TSS? In fact, it is mainly to enhance the overall security of the system. If I run a TEE-based node, and if this node hangs up, the network can still run normally because MPC/TSS itself has good fault tolerance. That is, MPC and TSS can enhance the fault tolerance properties based on TEE, and with ZK, the privacy of DHC and users can be protected to prevent collusion. In summary, we chose a composite technology such as TEE+MPC+ZK to ensure the security of the system to the greatest extent.

Many people have criticized that TEE uses a relatively centralized remote authentication method. For example, if we use SGX, it will involve the influence of centralized companies like Intel. However, we have implemented the remote authentication program in the form of smart contracts, and the authentication method can be decentralized (Scroll and Taiko also use similar ideas). Even if Intel has an accident one day, our program can still run.

Kai: I would like to add something to this part. The program running on the Bool node is highly automated. The main function of TEE is to separate the programs and data that need to be kept confidential in the Bool client from the part of the program that usually interacts with the human computer, but it will retain some basic interfaces, such as login and interaction. As long as the node is started, whether it is doing verification or submitting SGX Proof to the chain, the entire program is automated and locked in the TEE black box.

TEE hardware will mark any information submitted by the Bool node to the outside world, making it easier for the outside world to verify whether the Bool node is running in the TEE. If it is not running in the TEE, the smart contract deployed by Bool on the chain will slash the staked assets of the node.

4. Faust: There are projects in the Bool ecosystem here today. For example, Hibit is going to build a decentralized order book trading platform. It uses Bool Network and ICP as its infrastructure to solve the problems of asset custody, data verification, and asset snapshots.

In this regard, there is a trading platform called Degate, which has made itself into the form of Ethereum Layer2, similar to the Loopring Protocol. If you compare you with Degate and Loopring Protocol, what are the similarities and differences?

Witter: In fact, this issue is related to information transparency and asset revocability. CEX has many disadvantages, such as the ability to misappropriate user assets, manipulate liquidity within the exchange, and crash the market. Although DEX has largely solved these problems, it also faces the problems of limited TPS and fragmented multi-chain liquidity.

An ideal trading platform model has centralized performance experience, decentralized trust, data verifiability, and the ability to connect the entire chain, including full-chain assets and full-chain wallets. Our goal is to become such a platform.

So how do we achieve this? First of all, we have our own architecture that is similar to a hybrid of Layer2 and application chain. There are fixed sorter nodes in the Hibit network, and then there are hundreds of validators, but there is no direct consensus between these nodes. They receive the latest transaction data from the sorter, execute transactions, and then package them to generate blocks.

So how can we ensure the consistency of data updates of different nodes? We have deployed Verifier smart contracts on high-performance public chains such as ICP and Solana, and directly let Hibit nodes send locally generated block headers to the Verifier contract. As long as the block headers submitted by most nodes are consistent, it is considered that a consensus has been reached. The reason we do this is mainly to reduce the overhead caused by frequent communication between different Validator nodes and maximize TPS.

It is worth mentioning that we will synchronize the block header or Block Hash to the Bitcoin chain through methods such as the OP_Return opcode. This is actually equivalent to anchoring Hibit's blocks and Bitcoin blocks to prevent rollback.

Faust: Here I want to ask, both Degate and Loopring have forced withdrawal/escape hatch functions, which allow users to bypass the platform's permission and forcefully withdraw assets from the trading platform. Do you have a similar mechanism design for this?

Witter: If we apply this to the trading platform scenario, we have to consider some extreme situations, such as when someone is attacked by censorship and the platform refuses to process someone's request. At this time, the user needs to forcibly withdraw the assets, and the escape hatch function is just that.

The escape hatch of Ethereum ZK Rollup relies on state snapshots, which means that if I want to forcibly withdraw my assets from Layer2 back to the Ethereum chain, I must first present a snapshot of my asset balance to prove how much assets I have at XX time. Then where these asset snapshot data are stored becomes a problem.

In this regard, Hibit adopts a modular asset management solution. We store the balance snapshots of user assets on low-cost storage platforms such as ICP, IPFS or Arweave. When you need it, you can go to these platforms to read the data. I mentioned earlier that Hibit will record the Block Hash on the Bitcoin chain. Based on these Block Hash, you can check whether there is a problem with the status snapshot you obtained from Arweave and other places.

As for the forced withdrawal function, we built this module on Bool Network, which can verify asset snapshots through smart contracts on multiple public chains to confirm that you do have xx amount of money stored on the Hibit platform, and then you can force your own money to be withdrawn from Hibit's custodial wallet. The deeper details involve how the contract responsible for snapshot verification interacts with Hibit's custodial wallet. It is actually more appropriate for Bool Network to talk about this, so I will not expand on it here.

Faust: I have a question here. How can we ensure that the Hibit node will send status snapshots to ICP and Arweave without being lazy?

Witter: The selected nodes are responsible for submitting the snapshot data, as long as these nodes submit the data. It should be noted here that Hibit verification nodes must first submit the block header, let the Verifier contract on the ICP and Solana chains confirm the consistency, pass the verification, and then the dedicated node will go to ICP, Arweave and other places to submit the state snapshot corresponding to the block header. If it is not submitted for a long time, or the submitted snapshot and block header do not correspond, it will be slashed.

5. Faust: Chainswift, could you please introduce your project? It seems that you are working on a stablecoin protocol based on BTC? How is your mechanism design generally?

Buffalo: What Chainswift does is actually to allow users to pledge BTC to borrow stablecoins, similar to MakerDAO. However, this kind of platform still has asset management attributes in essence, and BTC needs to be pledged to a safe address, which is the key. Bool Network can just provide this security. We can directly let Bool network provide MPC/TSS services and store BTC assets in the Bitcoin Taproot address hosted by Bool network. After users transfer BTC to this Taproot address, they can cross the money to other platforms and participate in the minting of stablecoins. This is the general framework of Chainswift.

Faust: How do you choose the oracles used in the protocol?

Buffalo: To put it simply, the oracle is how to provide BTC quotes for a designated platform. On the one hand, we can refer to the quotes of WBTC in DEX with strong on-chain liquidity; on the other hand, we also need to select a dozen nodes that can obtain quotes from off-chain data sources. Finally, we use the median algorithm to obtain a reasonable value, which is actually similar to the principle of Chainlink.

However, because it is an on-chain quote, the price curve cannot be as accurate to the second as in CEX, but it can be accurate to the hour level. If the price spikes in a short period of time, this median algorithm will automatically help smooth it out, which will not cause problems with the liquidation mechanism. As for the liquidation mechanism, it is actually similar to MakerDAO.

6. Faust: Finally, let's talk about Bool Network itself. As far as I know, Bool Network is divided into two parts. The main part is the DHC alternative network mentioned above, and the other part is Bool Chain, which is similar to the beacon chain and is specifically responsible for registration and other management matters for DHC alternative nodes. What are the current entry barriers for Bool Chain and DHC alternative nodes?

Jeffrey: Bool Chain is an ordinary POS public chain built on the Polkadot Substrate framework. As for why Substrate is used, it is because among the consensus algorithms of the POS chain (simply speaking, consensus algorithms), Polkadot's consensus algorithm is the most decentralized and can support thousands of nodes; in addition, based on Substrate, many of Polkadot's achievements can be directly reused, such as its relatively complete on-chain governance system, which makes it easier for us to implement the DAO model in the future.

Bool's DHC node is currently based on asset pledge only. You only need to purchase a device with TEE hardware, and this machine is also universal and inexpensive. Although both nodes require asset pledge, in order to ensure decentralization, we will keep the pledge threshold as low as possible.