Ambitious projects are working on DeFi solutions that harness Bitcoins security and are even introducing DeFi products settled in BTC.
Bitcoin sidechains and DeFi
RSK (previously Rootstock) is one of the most active Bitcoin sidechains reflecting the initial goals of Satoshi. RSK developers are working overtime to extend and introduce new functionality for Bitcoiners with the goal of establishing a more inclusive financial system, all while tapping into the security of the base layer.
In the RSK blockchain, blocks are merged-mined with Bitcoin blocks resulting in the most secure sidechain available. Security matters. For DeFi to flourish, how a network secures valuable assets is the difference between success and failure.
The Role of a Robust 2-Way Peg: The RSK Powpeg
In its quest to popularize Bitcoin DeFi, RSK relies on a layered, tamper-proof 2-way peg protocol called the Powpeg. The Powpeg is robust, protecting locked Bitcoin with Bitcoins own hash rate through merged mining. RSK has been running uninterrupted since 2018 and only recently did its 2-way peg undergo a significant upgrade to the new Powpeg.
Although they may be of different formats, the RSK sidechain benefits from using the Bitcoin cryptocurrency for smart contract execution in the same way as Ethereum. However, because of Bitcoin limitations, all past Bitcoin 2-way peg solutions rely on multi-signatures. In this arrangement, trust is distributed among the parties involved in signing. According to Sergio Demian Lerner, the Chief Scientist of IOV Labs, the main contributors to RSK, the Powpeg protocol represents a substantial evolution.
Since 2018, the RSK’s 2-way peg has been coordinated by a smart-contract called the RSK Bridge, running in the sidechain. The bridge manages a Bitcoin wallet via Simple Payment Verification (SPV). The Bridge’s work is to keep tabs of the Bitcoin mainnet and verify peg-in requests—that is, movement from the Bitcoin mainnet to the RSK side chain, and commands of peg-out requests—or actions that move Bitcoin from the side chain to the primary chain.
Before the Powpeg RSK’s 2-way peg ran on a federation model. At that time, a set of functionaries protected the sidechain’s peg multi-signature by running special nodes, and those nodes were controlled by the Bridge. While the Bridge contract is still in control in the Powpeg, the responsibilities of the functionaries have been greatly reduced.
How the Powpeg remains secure
During 2019, IOV Labs improved the peg by adding HSMs to protect private keys. Now in 2020 the system is upgraded again, protecting private keys even more in improved devices called PowHSMs. Early functionaries, now called Pegnatories, remain, but their role is to only to ensure PowHSMs and Powpeg Nodes have a high uptime, but most importantly, they no longer have an active role in signing transactions.
For clarity, a PowHSM is an external tamper-proof device that protects one of the private keys required for the Bitcoin multi-signature protocol. Pegnatories are not, in any way, involved with the signing of transactions nor in block production in the RSK sidechain. They simply relay messages that automate the signing process when enough proof of work is accumulated.
Each PowHSM runs an RSK node in SPV mode. As such, signatures are protected by miners’ work. The SPV mode is a technique allowing lightweight clients to verify the validity of a block without necessarily downloading the entire blockchain.
Only transactions proven to be valid with enough consensus work are approved. The validity of a transaction is guaranteed by the constant auditing changes between the PowHSM, the Powpeg node, and their communication.
Keeping the Powpeg Reliable and Attack-Proof
However, the robustness of the Powpeg depends on the stability of merge-mining. As mentioned before, merge miners play a critical role in protecting the RSK-Bitcoin bridge. If jeopardized or if merge-mining fails, it will be hard for multi-signatures to be secured.
In 2019, RSK envisioned this scenario and activated Armadillo to protect the RSK sidechain. Armadillo comprises a set of tools and a decentralized monitor to keep track of Bitcoin and RSK’s consensus algorithms, ensuring that they work as expected.
For even better security, Pegnatories will, by January 2021, have migrated to PowHSM version 2.0. Presently, the firmware installation is not trustless since an audit group must confirm its correctness. Subsequent iterations of PowHSM firmware (ver 2.1) will provide firmware attestation using in-built security features.
Other plans include storing attestation messages in the blockchain.
Furthermore, the RSK team is exploring ways to continue layering the peg through additive security. One that’s being considered is the Powpeg^2 (Powpeg squared). Here, the team will extend the Pegnatries to include active merge miners chosen on their previous hash rate contribution.
The success of Bitcoin DeFi is reliant on RSK’s innovation and measures to keep the peg robust. Presently, it is decentralized and layered offering what is probably the most secure Bitcoin sidechain on the market. However, what is clear is that more security layers can be added for even better protection of private keys within the constraints established by the Bitcoin scripting system.
434 Interactions, 6 today