December 21, 2023

Beyond Bitcoin’s Limits: A Pioneer to Crafting the Optimal Layer 2 Solution

I. Background

1.1 Industry Landscape

ETH’s Layer 2 ecosystem is booming, and various solutions are competing with each other, almost every Layer 2’s TVL has reached the million level.

For example, Optimism and Starkent, with their wonderful Stack scheme and novel technology, gained a valuation of more than $8 Billion.

There are also recently newly-developed Linea and Base backed by Metamask and Coinbase, respectively, it’s undoubtful to thrive with its capital and resources behind them.

However, in sharp contrast to the unprecedented prosperity of ETH Layer 2, BTC’s Layer 2 ecology is extremely depressed.

Although the market value of Bitcoin is 3 times that of Ethereum, its fee income is only 1/8 of that of Ethereum.

The fundamental reason for the lackluster state of the Bitcoin ecosystem is that it only supports asset issuance but not settlement, no need to ask it to generate income from transaction fees.

This is also why we believe Bitcoin needs Layer 2 solutions even more urgently than Ethereum.

Fortunately, the Taproot upgrade enabled the development of Layer 2 solutions on Bitcoin. By supporting threshold signature schemes, fully decentralized Bitcoin Layer 2 has become a reality.

Although Taproot made Bitcoin Layer 2 possible, the progress has been far from optimistic.

Take Stacks, the leading Bitcoin Layer 2, as an example.

Compared to premier Ethereum Layer 2 solutions like Arbitrum, Stacks only has a market cap of $0.8 billion. Moreover, the number of projects in the Stacks ecosystem is only one-third of that in Arbitrum, with few and lacking innovation. This undoubtedly signifies immense opportunities in the Bitcoin Layer 2 space.

2. Ecosystem Demands

In addition, with the surging demand for casting high-value BRC20 assets, assets issued on Bitcoin are becoming increasingly expensive. The number of BRC20 transactions has already reached tens of millions.

Apart from a handful like Ordi that obtained some liquidity after being listed on exchanges, most Bitcoin tokens cannot access secondary markets, thus urgently needing Layer 2-based AMM DEXs for liquidity.

Besides, the number of NFT assets on Bitcoin has surpassed that on Ethereum.

However, devoid of secondary markets, these NFTs are withering like oases in a desert, as Bitcoin lacks asset liquidity and settlement functionality, which has become the stumbling block for ecological growth.

Therefore, developing a decentralized Layer 2 solution like Arbitrum is exactly the lifeline for saving the Bitcoin ecosystem.

By taking Bitcoin as gas fees, compatibility with EVM/Metamask, and adopting Bitcoin light nodes + Tarpoot + Signal as the distributed threshold cross-chain solution, we have realized fully decentralized Bitcoin cross-chain and addressed the aforementioned challenges appropriately.

The technical implementation has taken initial shape and is ready for development and deployment.

II. Technical Realization

  1. Bitcoin Light Nodes

Uses Bitcoin light nodes on-chain that support Wasm to fetch data directly from the Bitcoin network.

Use the block header to prove the continuity of the hash, and verify whether the transaction hash is in a Merkle tree. Also with the correctness of transactions like signature, execution logic…

Here’s our light node repository:, supporting RUST version and no_std version, which can be compiled into wasm code to execute on-chain.

2. Taproot Threshold Signature

The Taproot upgrade consists of three Bitcoin Improvement Proposals (BIPs) which define three different upgrades to the Bitcoin protocol:

- Schnorr Signatures (BIP 340): As part of the Taproot upgrade, BIP 340 introduces Schnorr signatures for Bitcoin. Schnorr signatures bring several benefits to Bitcoin users including superior privacy, lower fees, and more flexible multi-signature contracts.

- MAST Contracts (BIP 341): Merkelized Abstract Syntax Trees (MAST) is a proposal to encapsulate an arbitrary number of different scripts within a Bitcoin address. This concept is now part of the Taproot upgrade. MAST extends the flexibility and utility of Bitcoin contracts in an inexpensive and privacy-preserving manner.

- Tapscript (BIP 342): To enable P2TR transactions, BIP 342 adds and updates several opcodes. These new scripts used to validate Taproot spends and Schnorr signatures together are called Tapscript. Tapscript is designed to maximize the future flexibility of P2TR outputs to allow for upgrades that are not yet foreseen.

Taproot provides the technical foundation for decentralization of BEVM:

  • It breaks through the restraints of traditional Bitcoin multi-signature that limits to 15 signatures, and supports close to 1000 signatures to participate so that 1000 POS nodes cooperating with BFT algorithms can ensure decentralization of Layer 2.
  • Schnorr signature algorithm realizes transaction aggregation, greatly reducing transaction data volume and costs.
  • The combination of MAST contract framework and aggregate signature algorithm realizes threshold signature mechanism, providing Layer 2 with high programmability and extensibility.

3. Signal Privacy Protocol

The Signal protocol is used to secure communication of the aggregated Schnorr signature pubkey/msg.

Uses Signal protocol for private communication between nodes when doing threshold signatures. Prevents eavesdropping and data leaks.

4. MuSig2 Algorithm

Taproot Threshold Signature is based on Musig2, which is a multi-signature protocol that completes signing in just two rounds of communication. Musig2 enhances the practicality compared to original Musig.

The nodes participating in multi-sig each generate key pairs, the first round exchanges keys, and the second round exchanges signature fragments. Once the signature fragments of all nodes are combined, a complete multi-party signature can be generated.

MuSig2 can support a large number of nodes to participate, realize a fair key aggregation mechanism, and generally improve the scalability and efficiency of multi-party signatures in the Bitcoin network.

5. EVM Compatible & Use BTC as native gas

We adopted the Substrate framework, set BTC as the native Gas system contract, and transplanted it to the EVM platform, making BEVM an EVM system with BTC as the native Gas.

Why do we do that?

Firstly, using BTC as gas can maximize integration with the BTC ecosystem, making it easy for BTC users to use Layer 2 simply by holding BTC. Besides, BEVM’s ordering nodes can collect BTC transaction fees as incentives.

Secondly, making BTC compatible with the EVM system is because BTC needs a Turing-complete smart contract platform to provide settlement functions for assets issued on it.

And, the EVM ecosystem accounts for over 90% of the smart contract market share. Compatibility with EVM can tap into the most comprehensive on-chain developer and user communities.

III. Comparison

After learning about our unique technologies, let’s look at why these technologies will bring more advantages than tBTC.

  1. Use MuSig2 instead of sharding private keys to cunt down the risks.

Shamir’s Secret Sharing is a method of splitting the private key into multiple copies(n), which can realize the distributed storage of the private key.

As long as more than m shares are collected, the complete private key can be reconstructed. (m<n, ususlly=1/2 n)

However, once the secret keys are leaked or lost, it’s hard to deduce the original private key.

So, we come up with to use of MuSig2 to effectively cut down the risks.

2. All validators on Threshold Network are on-chain.

The validators of the Threshold Network are on-chain, it really increases trust and also avoids the opaque and easy-to-operate defects of the distributed network under the chain.

3. Use Bitcoin Light node to obtain data from BTC network.

If we use data oracle, a channel for data from off-chain transfer to the on-chain. There is a trust problem with Oracles: What if Oracles manipulate or tamper the data, or gather together off-chain, causing centralization risks?

Well, in our system, we use BTC light node on-chain, to grab data from Bitcoin network directly, avoiding trusting the third party(Oracles).

4. Use Signal protocol to realize the communication in BTC threshold Network.

Signal protocol is a secure communication protocol based on key-pair symmetric encryption and Perfect Forward Sophisticated to prevent eavesdropping on communication content.

Using Signal avoids the risks of data leakage, collusion, or external attacks when threshold signatures appear.

If you have any questions when you read, please feel free to contact us!