Bitcoin Layer2: Scaling solutions, challenges and future prospects

Written by:BlockPunk@Researcher of Trustless Labs

1. Introduction

With the growing Bitcoin network and the booming development of inscription technology, the BTC ecosystem is at a critical turning point. The market demand for expansion solutions is growing, especially driven by inscription technology. Intensified competition for network resources and rising transaction fees have become urgent issues to be addressed. This research report explores in depth the Bitcoin L2 The development prospects of technology and its potential impact on the market, with particular attention paid to how L2 Technology introduces BTC assets and improvesSafetyWe will analyze in detail the different implementations of BTC L2 technologies such as sidechains, Rollups, and DA layers (data availability layers), and how they attract L1 BTC deposits and the ability to create new assets.

At the same time, after the inscription technology has established a new wave of asset distribution, we are about to face new challenges and opportunities. The market cap that can be achieved by relying on fair distribution or meme narratives highlights the urgency of further construction to break through the ceiling. In this process, the provision of functions and the definition of underlying assets are more critical. The side chain based on inscriptions can not only lower the entry threshold for users, but also provide complete smartcontractThe concept of indexer-oriented programming proposes a new way of thinking that considers function and business expansion based on the native attributes of the inscription itself, which can not only reduce the pressure on the server, but also lead to the creation of a new inscription chain.

Four waves of impact

The Bitcoin ecosystem is experiencing a series of transformative shocks that not only defineCommunityThe consensus process has also promoted the substantial development of technology and culture. From the consensus of fair distribution to the Renaissance of BTC culture, to the outbreak of "inscription-based" expansion solutions, and finally the pursuit of more perfect expansion solutions, the Bitcoin ecosystem is in rapid evolution.

The first wave isCommunityThe consensus process for fair distribution, BRC20 creates a new type of asset that is completely different from FT and NFT.BlockchainIt is the first innovation in the world and represents the rise of popular culture.

The second wave we are experiencing is the Renaissance of BTC culture, with big money,exchangeAt the same time, more developers joined the inscription world, launched many excellent protocols, and overflowed to more chains. The culture of BTC is overwhelming, which of course also caused some other problems.

The third wave may be the outbreak of "inscription-based" expansion solutions. The great development of the second wave promoted the prosperity of the BTC ecosystem, but the competition for BTC network resources eventually conflicted with BTC conservatives. At the same time, poor user experience prevented more users from entering the market. Therefore, the expansion of the inscription itself (rather than the expansion of BTC) is urgent and necessary, but the direct development of a second-layer expansion solution based on BTC (such as Bitvm) is difficult and time-consuming. Therefore, the compromise solution will be adopted first. Maybe in the next six months, we will see a large number of new side chains of BTC that use inscriptions as native assets (different from stx) and introduce main chain inscriptions through cross-chain and other methods.

The fourth wave represents the full maturity of the final BTC-based expansion solution, which includes complete smartcontractCapabilities, better performance, strong sharing with BTCSafetyHigh-value inscription assets willSafety性提出更多的要求，更原生、更具备正统性、安全性更高的二层扩容方案变得重要。这要求二层将 BTC 链作为 DA 层使用，上传 proof，甚至允许 BTC 网络对进行验证，比如 BitVM 与 Atomicals 协议的 AVM。在强正统性保障下，BTC 会更多地被吸入铭文生态。

In the end, we will get an experience, performance, and intelligence that is almost identical to ETH and its L2.contractFunction, but backed by the huge BTCCommunityIt is a new ecosystem with capital, "fair distribution" as its core culture and "inscription" as its native asset.

Challenges and opportunities coexist

The great development of inscriptions has promoted the prosperity of the BTC ecosystem, but it has also intensified the competition for BTC network resources. The high fee cost and the foreseeable rise of BTC in the future are also constantly increasing the entry threshold for players in the BTC ecosystem. This has prompted people to discuss more about BTC's expansion plan and attracted the attention of the community and investors. Of course, people have tacitly avoided the expansion plan of directly upgrading BTC L1. The most radical discussion is nothing more than unsealing some OP scripts and continuing to explore the remaining potential of BTC under Taproot (such as the discussion of CTV and CAT).

In the development and theoretical achievements of ETH's Rollup and modularization, BTC Layer2 has become the mainstream of the expansion discussion and the fastest-acting solution. The first batch of projects will also be launched in the next two or three months and become the absolute mainstream narrative of speculation. Due to the high degree of decentralization of BTC governance, there is no "church" to guide the community, so its L2 design is also flourishing. This article will start with the typical BTC L2 and related protocols in the market to get a glimpse of the possibility of BTC expansion.

Here I will roughly divide BTC L2 into sidechains, Rollups, DA layers, decentralized indexes, etc., and put together the projects that I think are similar. No one has the authority to define BTC's expansion plan, so my actual classification is not rigorous.

This article focuses on the implementation solution, and many designs are still on paper. In the competition for second-layer assets, technology and security determine the lower limit of the project. Technology is a ticket, first class, economy class, and even hanging tickets are all possible. But from the perspective of assets, one is the ability of L2 to create assets itself, whether it is introducing inscriptions or pulling the market by itself, which cannot be evaluated only from a technical level; second, whether it can attract BTC deposits from L1 will be the core competitiveness, which attaches great importance to the security of the bridge. After all, "not my keys not my Bitcoins" is the core doctrine, which is very relevant to the design of the solution.

Will the adoption of the BTC ecosystem surpass that of ETH in the future? This article may give you some reference.

Before launching the technical analysis of BTC L2, we first need to introduce the front-end technology and the changes brought about by the Taproot upgrade:

1. Schnorr signatures introduce a multi-signature method for BTC with up to 1,000 participants, which is the basis for many L2 bridges.

2. MAST allows multiple UTXO scripts to be combined through Merkle trees to implement more complex logic, which provides the possibility for proof systems on L2;

3. Tapscript upgrades the Bitcoin script, allowing a series of scripts to be verified to determine whether UTXO can be spent, which makes L2 withdrawals, confiscations and other operations possible.

2. BTC L2 Technical Overview

Sidechain

Capacity expansion is achieved by creating a chain parallel to the main chain. The side chain can have its own consensus mechanism and block generation rules, and exchange assets with the BTC main chain through a cross-chain bridge.

Everything is for usability, and usability is everything. The advantage of the side chain is that it is quick to take effect and focuses on the rapid development of business logic. Its security is basically only related to its network itself. It is a "ticket" on the BTC security train. The most important part is BTC's cross-chain bridge, which is the only connection point.

1.@BTClayer2BEVM

In fact, most BTC L2s, like BEVM, continue the idea of sidechains in ETH expansion. BEVM deploys a multi-signature address on BTC's L1 through Taproot's capabilities, and runs an EVM sidechain, in which a smart contract that accepts BTC withdrawal requests is deployed. BEVM's GAS uses cross-chain BTC. When recharging, the operator of the bridge synchronizes BTC data and notifies the sidechain. The BEVM node also runs a light client to synchronize BTC block headers to verify the recharge; when withdrawing, the custodian of the bridge signs, and after collecting a certain number of signatures (threshold), the transaction to withdraw BTC will be issued. This realizes the asset interoperability between the sidechain and BTC.

Unlike the traditional $RSK $STX scheme, BEVM uses Taproot's BTC multi-signature to implement threshold signatures. In theory, there can be more bridge managers, which adds a certain degree of fault tolerance to BTC cross-chain and makes it more decentralized. However, BEVM does not use any security guarantees of BTC, and only realizes BTC asset interoperability. Its nodes run their own internal consensus and EVM, and do not upload proofs in the BTC network, so there is no L1 DA. The network's transaction anti-censorship properties rely on the network itself, so if the node refuses to package your BTC withdrawal transaction, you will no longer be able to obtain BTC from L1, which is a potential risk.

The advantage of this method is that it can be quickly implemented and verified. The Taproot multi-signature implemented by BEVM itself also takes the security of the bridge a step further. It is one of the few BTC side chains currently online on the mainnet.

2. @MapProtocolMap Portocol

Map is also an inscription sidechain of EVM architecture. It chooses to cross-chain BTC L1's BRC20 to EVM to run some low-cost businesses. Map runs an enhanced BRC20 indexer. When users cross-chain BRC20 from BTC, they need to send a new transaction to insert the target chain, target address and other information in Json, so that it can be indexed by Map and appear on the sidechain; BRC20 withdrawals are initiated by the signature committee under the Map Pos mechanism. BTC transactions. The BRC20 ledger actually runs in the index, and BTC L1 is essentially its available data source.

Taking advantage of the lower fees of the sidechain, the Map chain runs the BRC20 Mint tool LessGas, the inscription market SATSAT, and conducts cross-chain BRC20 through Roup. The idea of inscription as the core is quite unique and has attracted a group of users. Map uses the classic PoS consensus mechanism and uploads checkpoint data to BTC L1 to enhance its security and prevent long-range attacks.

3. @BitmapTechMerlin Chain

The sidechain of BTC released by BRC420. Merlin Chain chooses to use cobo walletThe MPC solution is used to realize the cross-chain of BTC. This seems to be a relatively conservative choice: MPC has a small number of signers, and there is still some gap in security compared to the BTC multi-signature after the Taproot upgrade, but fortunately, MPC has been proven for a long time.

Merlin uses ParticleNtwrk's account abstraction and can continue to use Bitcoin'swalletInteracting with addresses and sidechains without changing user habits is a good idea. By comparison, forcing Bitcoin users to go back to Metamask to interact is a lazy and crude design.

BRC420 and Bitmap are popular enough and have accumulated a large number of user groups. Merlin continues to develop business around inscriptions, supports cross-chain of various inscription assets from L1, and provides new inscription services on side chains.

4. @dfinityckBTC

ckBTC is a cross-chain integration of BTC implemented in ICP through a pure cryptographic solution, which does not rely on any third-party bridge or escrow. ICP is an independently operated L1 Blockchain, consensus is guaranteed by its unique BLS threshold signature scheme. ChainKey technology bound to the threshold signature of the consensus algorithm allows the entire ICP network to jointly manage a BTC threshold signature address, accept BTC, and control the BTC under this address through the aggregate signature under consensus to achieve withdrawals. ICP also uses the account model to restore all UTXOs of BTC in its own network. Smart contracts in the network can read the status of BTC, which is equivalent to running a BTC full node in the ICP network.

Since this threshold signature is directly tied to the consensus algorithm of the ICP network, the security of ckBTC is only related to the ICP network and the BTC network, and no additional third-party trust assumptions are introduced. Therefore, the ChainKey threshold signature scheme used by ICP in ckBTC is currently the safest BTC bridge idea. However, for the withdrawer, if the IC network crashes or refuses transactions, there is no way to force withdrawals from BTC L1. At the same time, as an independent L1, ICP's security is guaranteed by itself and has nothing to do with BTC.

DA layer

The DA layer aims to leverage the security of BTC while increasing processing power by storing data on the BTC chain but outsourcing computation to off-chain or other chain processing.

BTC is the most stable and reliable data source in the world, so it is natural to use Bitcoin as the source of reliable data. @CelestiaOrg The theoretical basis of DA, although BTC data storage is very expensive, it also has a consensus basis as a DA layer. In essence, Ordinals and the entire inscription ecosystem actually use BTC as a DA. Almost all "BTC L2" will transmit data to BTC, but this is more like a formalism, representing a beautiful vision. The following are some of the more distinctive designs.

1. @nubit_orgNubit

Nubit is a DA protocol that expands data availability scenarios for BTC. It has attracted attention because of the participation of Bounce Finance and domo in its financing. Simply put, Nubit organizes a DA chain similar to Celestia by running POS consensus, and regularly uploads Nubit's own DA data such as block headers and transaction Merkle tree roots to BTC L1. In this way, Nubit itself has its DA stored by BTC L1, and Nubit sells the storage space on its chain as DA to users and other Rollup chains (DA nesting dolls). Nubit itself does not have smart contract capabilities and needs Rollup to be built based on its DA. Users upload data to Nubit's own DA layer. After the data is confirmed by Nubit's POS consensus, it will enter the "soft confirmation" state. After a period of time, Nubit will upload the data root of the chain to BTC L1. After the BTC transaction is completed, the data originally uploaded to Nubit by the user will enter the final confirmation state. After that, the user needs to upload the data tag in BTC L1, which is used to query the original data in the Merkle tree of the Nubit full node.

The PoS consensus of the Nubit network was supported by Babylon's BTC PoS pledge in the early days (to be introduced below). Users use BTC to pay for storage fees, so Nubit uses the Lightning Network to accept BTC. There is no bridge problem in the state channel. Users can make emergency withdrawals by canceling the channel without having to trade with Nubit's PoS network itself. It seems that Nubit seems to be a Bitcoin ecological version of Celestia. It does not add complex smart contract functions. It is also used for the most decentralized Lightning Network to make BTC payments, which is relatively simple. Although the Lightning Network is trustworthy enough, the user experience is not good enough and it is difficult to support the inflow and outflow of large funds (state channel exhaustion problem). The relationship between Nubit and BTC is relatively thin. The security of the chain itself is not guaranteed by BTC, and the data on BTC is only verified by Nubit's node client.

Why do Rollup and inscription data need to be packaged in Nubit instead of being uploaded directly to BTC? This may be the most pressing question for Nubit. Low fees may not be the core driver. The biggest advantage of Nubit's DA over BTC DA may be that Nubit's DA supports sampled data verification (DAS) of light nodes, which is not possible on the BTC network. This means that verifying DA no longer requires users to download BTC's full node. Can inscriptions that are no longer fully-on-Bitcoin still gain community consensus? Nubit tried to use its own chain's DA to replace the BTC L1 chain's DA. What it may face is not technical doubts, but huge challenges to community consensus. Of course, this is also a huge opportunity.

2. @Veda_bitcoinVeda

The Veda protocol reads the specific Ordinals engraving on BTC L1, uses it as a transaction request, and executes it in the EVM under the BTC chain. The user signs an EVM-compliant transaction with the BTC private key on BTC L1, and then casts it as an inscription on BTC. Veda's EVM node scans the BTC block, and once the transaction is confirmed by BTC, the EVM will execute the request and produce a state change. In fact, this is to treat BTC as the pending transaction pool of Veda EVM. However, because BTC's performance is much lower than ETH's EVM, and the data written to the BTC block in a certain period of time is limited, Veda EVM will definitely be able to execute all EVM requests uploaded to BTC.

BTC is the data source of all Veda states. Anyone can restore the complete state of EVM by scanning all Veda requests in BTC blocks. Therefore, Veda EVM can be optimistically trusted without any complex security assumptions. However, Veda cannot extend the performance of BTC. Veda can be regarded as an Ethereum network with a block interval of 10 minutes, a TPS of 5, but tens of thousands of nodes and huge Pow computing power. It just expands the functions of BTC and adds smart contract capabilities. This does not essentially solve the problem of resource competition.

3. @babylon_chainBabylon

Babylon is a system that helps othersBlockchainA protocol for sharing BTC security, which includes two parts, Bitcoin staking service and Bitcoin timestamp service. Babylon allows economical security for Pos chains by staking BTC (similar to ETH's restake). The staking process is run entirely in a cryptographic way and does not require any third-party bridges or custodians.

BTC pledgers can send a transaction with two UTXO outputs on BTC to pledge. The first UTXO has a time lock script written into it. After the expiration, the pledger can use his private key to unlock the BTC. The other UTXO is transferred to a temporary Bitcoin address. The public and private key pair of this address meets the cryptographic standard of "extractable one-time signature EOTS". When a BTC pledger runs a node of a POS chain, after verifying the only valid block, he signs it with the EOTS private key.

如果质押者（也是这个 POS 链的验证者）保持诚实，每次只签名一个有效区块，那么它将获得 POS 链的验证者奖励；如果它试图作恶，在同一区块高度同时签名了两个区块，那么它的 EOTS 私钥就会被反推出来，任何人都可以使用这个私钥去 BTC 链上转走质押的 BTC，实现罚没。以此督促质押者保持诚实。Babylon 还提供了 BTC 时间戳的服务，也就是将任意区块链的检查点数据上传至 BTC 的 op_return 中，从而增加安全性。

Nubit mentioned above plans to use Babylon’s BTC pledge service to enhance security. Babylon uses pure cryptography to process BTC deposits, withdrawals, and forfeitures.Xiaobai NavigationThe solution is very secure. However, for chains using pledge services, this is restricted at the economic level. Compared with ETH's Rollup method, it is still a long way from being verifiable. Although the timestamp service uploads L2 data to BTC, directly checking all BTC blocks requires downloading the full node, which has a high threshold. At the same time, BTC L1 does not have a smart contract and cannot verify the correctness of this data.

Rollup

Rollup uses BTC’s data layer to store status and transaction data, but processes computations and status changes off-chain, ensuring security by submitting proofs or status change data back to the BTC main chain.

The core problem of BTC Rollup is verification. Through Ordinals, Bitcoin can store various data and become a highly secure database. Uploading the proof data of Rollup to the BTC network can indeed ensure that it cannot be tampered with, but this cannot ensure the validity and correctness of the transactions inside Rollup. Most BTC Rollups may choose the sovereign rollup (client verification) method, where the validator synchronizes all the data of Rollup off-chain and checks it by itself. But this cannot use Bitcoin's strongest ability, the POW consensus of hundreds of thousands of nodes, to guarantee the security of Rollup. The most ideal state, of course, is to allow the BTC network to actively verify the proof of Rollup, like ETH, and reject invalid block data. At the same time, it is also necessary to ensure that the assets in Rollup can be trusted to be extracted to the BTC network in the most extreme cases. Even if the node/sorter of Rollup is always down or refuses to accept transactions, it can still be withdrawn through a safe escape channel. For BTC, which has no smart contracts but only script execution, it may be possible to use the capabilities of MAST to combine scripts into logic circuits to achieve verifiability. Although this is more difficult, it is the most original idea of BTC.

1. @ZeroSync_BitVM

BitVM is the most popular extension protocol on BTC and is an Optimistic Rollup of BTC. BitVM innovatively proposed a way to conduct fraud challenges on BTC. The prover and the challenger both deposit the same amount of BTC in a transaction to bet against each other (as input), and the output of this transaction will contain a logic circuit. BTC scripts can be regarded as logic gates that process the simplest logic, and logic gates are the most basic components of computers. If logic gate circuits are combined in a tree-like manner, they can form a circuit that contains specific logic (you can imagine Qin Shihuang's human column computer in The Three-Body Problem).

BitVM writes a fraud proof in a circuit composed of a large number of BTC scripts. The circuit structure of this proof is determined by a series of nodes packaged by the sorter in Rollup. The challenger can continuously upload hash values to this fraud proof circuit, and the verifier continuously runs the corresponding script and reveals the output to verify that the result is correct. Under a series of transactions, the challenger can continuously challenge the prover until the prover proves that each circuit gate is correct. As a result, the BTC network completes the verification of Rollup, and the prover can get his funds. Otherwise, the challenger will get the BTC pledged by the prover. In an easy-to-understand way, the relationship between BitVM and BTC is like OP to the ETH network, and its security is the highest among all expansion plans. The number of transactions generated by BitVM is very large, the cost is not cheap, and a large number of pre-signatures are required before the participating parties conduct on-chain verification, which means that a large amount of off-chain calculations are required.

Of course, unlike ETH's Optimistic/ZK Rollup, BitVM does not have an emergency BTC withdrawal channel. At least one honest node in the L2 network can complete the normal withdrawal. However, this is the highest security guarantee that BTC L2 can currently provide. After uploading DA, BTC L1 verifies the validity of the Rollup data. The trust-minimized BTC bridge only lacks an "emergency escape channel". Therefore, the implementation of BitVM seems far away, but the recent discussion in the BTC community on the unbanning of the op_cat script may bring new possibilities to the development of BitVM. The op_cat opcode can concatenate two strings, supporting a maximum length of 520 bytes. This kind of data concatenation can achieve more complex calculations on Bitcoin. For example, BitVM can use it to concatenate hundreds of logic gates under the same script, which allows BitVM to process more binary circuits in fewer transactions, almost achieving a speed increase of hundreds of times. BitVM's complex combination of Bitcoin scripts has also inspired many L2 projects, and they have proposed new ideas for "fraud proof" challenges on BTC based on this.

2. @Bison_LabsBison Network

Bison Network is a ZK-STARK sovereign Rollup (client-side verification) based on Bitcoin. The so-called sovereign Rollup means that L1 is used as the block data announcement board (DA) of Rollup. It does not verify whether the Rollup transaction is correct. The Rollup transaction is verified by the Rollup's own node. Bison submits the ZK proof of Rollup to BTC Ordinals. Users can download the proof from BTC and run their own client to verify the Rollup transaction. If you need to verify the entire status of Rollup, you need to synchronize the full node.

Bison 的特色在于与 BTC L1 桥的实现。当一个用户向 Bison Rollup 存 BTC 时，这个 BTC 会被分给为多个包函了 BTC 的多签wallet中。这些多签钱包都支持了 DLC (Discreet Log Contracts)，该技术以 Taproot 升级为基础，是一种利用了 BTC 多签与时间锁定脚本的简单逻辑合约。当用户存入 BTC 时，需要同 Bison 网络一起，对未来的所有的情况签署相关的执行交易，比如：a. 转账给他人的情况；b. 提取回 BTC 主网的情况；c. 长时间无人提取的情况。签署后，这些交易并不会被发布到 BTC 区块中，交易若想执行，就需要预言机来驱动。多签钱包的控制者有三个，即用户、Bison Rollup、预言机，获得其中任意两个签名，就可以获得这些 BTC 的控制权。

DLC is like an if-do statement on Bitcoin. The oracle inputs the condition of if, and the execution part of do is to send the transactions signed in the three cases mentioned above. The oracle here is linked to the bridge contract of Bison Rollup. If the bridge receives a request from the user to transfer BTC to others, the oracle will send the transaction signed in the previous case a. Transfer to others, and the control of the multi-signature address will be given to the Bison network for further distribution; if the user's request is received, b. Withdrawal back to the BTC main network will be sent, and control will be transferred to the user; if no message is received for a long time, the time lock will expire and control will return to the user. In this way, Bison realizes the extraction of BTC from Rollup and sets a simple escape route. However, the weak point of the system here lies in the oracle. If the wrong information is transmitted, the user's assets will be lost. Therefore, it is possible to consider introducing a decentralized part, such as Chainlink. The "trustless bridge" implemented by DLC is an exploration of the potential of BTC scripts.http://DLC.linkUse it to cross BTC to chains such as ETH and STX. Although Bison Rollup has achieved a simple "escape channel" by introducing a new third party, it still has not implemented BTC L1 verification Rollup proof.

3. @BsquaredNetworkB Network

B Network is a ZK Rollup mixed with "commitment challenge" on BTC. The network is divided into two layers, the Rollup layer and the DA layer. The Rollup layer uses zkEVM to run smart contract logic. This layer contains multiple modules, including the acceptance, sorting and packaging of transactions, the output of ZK proofs, support for account abstraction of BTC addresses, and synchronous reading of BTC L1 data (BTC and BRC20 balances). The DA layer provides data storage for Rollup, and the storage node performs off-chain zk verification on Rollup transactions. After the verification is completed, the DA layer node writes the Rollup data into the Ordinals inscription of BTC, which includes the location of the Rollup data in the DA layer, the Merkle tree root of the transaction, the ZK proof data, and the hash of the previous BTC proof inscription.

Verification of proof is the core. In ETH, the bridge contract directly verifies the ZK proof on L1, but there is no smart contract function on BTC. Due to the complexity of the logic of ZK verification, it is impossible to implement the verification logic circuit by combining BTC scripts (the cost is huge and may exceed the BTC block limit). Therefore, B introduced more off-chain calculations in the verification, and transformed the direct verification of L1 to ZK into a "fraud proof" challenge similar to Optimistic. B decomposed ZK's proof into different scripts and superimposed these scripts to form a Mast binary tree. Node B sent BTC through this transaction as a reward for the fraud challenge.

Once the transaction containing the "Fraud Proof Challenge" is confirmed on BTC L1, the challenger can download the original data from the DA layer and execute the above script off-chain. If the final output of the execution is inconsistent with the one submitted by Node B, it means that the node is malicious, and the challenger can obtain control of the BTC locked in the script root by the node, and the rollup transaction will be rolled back. If there is no challenge within the lock time, the node can retrieve the locked BTC, and the Rollup obtains the final confirmation.

In B Network, the first transaction that sent BTC confirmed the immutability of the ZK proof. Although BTC still cannot verify ZK transactions, by implementing the "fraud proof challenge" in the second transaction, L1 verification is indirectly completed, ensuring the validity of transactions under Rollup and increasing security. This is indeed a brilliant innovation. B Network introduced account abstraction, allowing everyone to directly use BTC wallets to interact with Rollup without changing user habits, which is very commendable. However, in the extraction of BTC assets from L2, the multi-signature address bridge method is still used, and no "escape channel" is introduced.

4. @SatoshiVMSatoshiVM

SatoshiVM is also based on BTC's ZK Rollup. Its logic is similar to that of B Network. After generating the zk proof in the Rollup, the prover uploads the proof data to the BTC network and then sends a "fraud proof" challenge containing BTC. The challenge winner will receive a BTC reward. The difference is that SatoshiVM adds two time locks to the "fraud proof" challenge, corresponding to the start time of the challenge and the end time of the challenge. By comparing how many blocks BTC has waited for the transfer, it is possible to determine whether the ZK proof is correct and valid. The cross-chain bridge part actually only uses a multi-signature solution, which has no highlights.

5. @chainway_xyzChainway

Chainway is a ZK sovereign rollup of BTC. It not only uses Bitcoin as the data publishing layer, but also uses BTC data as the source of ZK proof. Chainway's prover needs to scan every BTC block without omission. A complete ZK proof can only be generated by reading the block header, the previous zk proof, and the "mandatory transaction" engraved in the block from the BTC block. In each BTC block, Chainway will submit a transaction to burn the ZK proof, thus forming a recursive proof.

In the BTC block, the "mandatory transactions" engraved in the form of Ordinals inscriptions are the "anti-censorship transaction sending method" set by Chainway. If the Chainway Rollup node crashes or keeps refusing to accept withdrawal transactions from users, users can engrave withdrawal requests directly into the Bitcoin block. Nodes must include these "mandatory transactions" in the Rollup block, otherwise the constraints of the ZK circuit will not be met and proof generation will fail.

In the latest tweet, Chainway claimed to be inspired by BitVM, and they have found a way to verify ZK proofs on Bitcoin to achieve BTC L1 settlement. Obviously, the current design of Chainway is based on the client-side local verification of sovereign Rollup. Although "forced transactions" have solved the problem of Rollup transactions' resistance to node censorship to a certain extent, it still cannot achieve true BTC L1 asset settlement.

6. @QEDProtocolQED Protocol

QED Protocol is a ZK rollup on BTC, running on zkEVM. Unlike other ZK Rollups, QED does not choose to generate ZK proofs for the entire Rollup transaction, but only creates ZK proofs for withdrawal transactions from Rollup to BTC L1. Similar to the idea of BitVM, QED Protocol combines scripts into logic circuits to verify the ZK proof of withdrawal transactions on BTC L1. This type of logic circuit will contain 1,000 UTXOs. Although direct verification is achieved, the cost is huge.

3. Inscription L2 - Rethinking about BTC expansion

After experiencing the magnificent wave of new asset distribution, the main narrative of Inscription has been established, and we are about to usher in new opportunities and challenges. Relying solely on the narrative of fair distribution or meme, the total market value of 200 million seems to be a hurdle. If we do not continue to build steadily, it will be difficult to break through the ceiling (the end of fair distribution is PUA). In the process of returning to rationality, utility becomes more important, either providing more capabilities or being regarded as an underlying asset.

"Inscription-based" sidechains may be the next important step. They are called sidechains instead of l2 because these "L2" do not use the security of BTC. But this is like Polygon to ETH. Inscription L2 can effectively lower the threshold for users to enter Inscription and compromise with BTC conservatives. Most importantly, the complete smart contract capability will also introduce more gameplay to Inscription, DeFi, SocialFi, GameFi, and so on.

BRC20 and its derivatives are written in human-readable JsonTokenThe benefit is extremely high flexibility, and the inscription can be split into any number under the "amt" field. This flexibility is very suitable for interacting with the second layer of the inscription, because as long as the second layer reads Json and restores the BRC20 state, subsequent DeFi and other businesses are very easy to carry out. As a new type of asset different from NFT and FT, the business of inscription L2 can also revolve around the inscription itself, and even the native asset itself is best to use inscriptions. If the inscription L2 only splits the inscription into FT after crossing the chain, and then copies the Ethereum DeFi gameplay, it will lack appeal, because for current traders, the cost-effectiveness of trading FT is already very low. The index of BRC20 is the ledger. After reading the index, the EVM chain is created to continue the properties of the inscription. And continue to launch a large number of innovative paradigm applications that are different from FT DeFi.

Indexer-oriented programming

Will BRC20 and its Json inscription sidechains definitely continue the ETH model? In fact, EVM sounds very boring, and we don’t need to reinvent a series of L2s. But perhaps, starting from the native properties of the inscription itself, it would be more interesting to think about the expansion of functions and businesses.

BRC20 is an on-chain record that is processed offline.Tokensystem, using BTC as storage. Therefore, for this type of expansion, it may be possible to achieve it by adding more business logic to the off-chain index server. For example, directly introduce new primitives in addition to "mint", "deploy", and "transfer" under the "op" field of Json to perform operations such as placing orders, pledging, destroying, and authorizing. The combination of these "ops" can further evolve Inscription-Fi (inscription finance) such as swap and lending, and even more complex SocialFi and GameFi. This is essentially indexer-oriented programming, which is more like programming the server interface in Web2. It is less difficult to implement, and you can even start directly from an index server, but the effect is very significant. At present, UniSat's swap and other functions, including BRC100, ORC20, and Tap protocols, are all pioneers of this type of Json expansion school, and have the opportunity to bring about changes quickly. The attempt to add cryptographic primitives is exciting. Of course, decentralization is always a question that needs to be considered. Programming for indexers will inevitably lead to increasing pressure on servers and make it more difficult for the community to run. Complex businesses must also require consensus, which will eventually lead to the development of smart contract platforms. So, if the ledger in the indexer is decentralized, can an inscription chain be created?

In fact,@unisat_walletThe subsequent business based on $sats is based on this idea, swap and pool It is implemented in its indexer. If you want to reach a consensus on the security of funds, decentralization is an inevitable process. @RoochNetworkThis type does not obtain assets from L1 at all, but only runs indexes and BTC full nodes, through a read-only L2 that only reads data for use by its on-chain smart contracts.

A more original approach

There are actually two major schools of thought in the issuance of BTC layer. In addition to the Json school introduced above, there is the UTXO school unique to Atomicals (the definition of Rune is still relatively vague and will not be discussed for the time being). Atomicals' ARC20 TokenThere is a direct representation of BTC's UTXO itself, and there is no Json update. Therefore, operations directly based on UTXO can enable arc20 tokens to achieve many interesting capabilities, such as realizing the swap exchange of Arc20 tokens and BTC, consuming Arc20 tokens to produce another Arc20 token, and so on. Control over transaction input and output can also realize simple DeFi functions, but this places higher demands on developers and is more difficult. The benefits are also very obvious. All logic is directly processed by the BTC network, sharing the greatest security and consensus. At the same time, BTC assets can be seamlessly absorbed, and it needs to rely on a third-party BTC bridge like a side chain. After all, "not your keys, not your coins."

Obviously, ARC20 itself is not Turing complete. Therefore, after absorbing the design ideas of Bitvm, the Atomicals protocol also proposed the AVM Bitcoin Layer 2 solution, which is an L2 that submits proofs on the BTC network layer and is verified by the BTC script circuit logic. As an asset represented by UTXO, ARC20 is naturally suitable to be used as collateral for fraud proofs on the AVM layer 2. This will be the final narrative of BTC expansion, that is, the ability to realize smart contracts while using BTC DA shared security. This may be the L2 that will really land in the fourth wave, but Atomicals' development service providers @wizzwalletThere seems to be some information about AVM given in the recent update, so perhaps progress is faster than expected.

4. Conclusion and Outlook

The industry is changing rapidly, and new BTC L2 is born every second, but what remains unchanged is the inevitable trend of BTC ecology to develop towards the second layer. BTC is a train that everyone wants to get on. From the perspective of the plan alone, side chains are passengers who have bought tickets and only use cross-chain bridges to connect with BTC, but they can be used the earliest. DA-type projects are trying to build BTC versions of Celestia and Eigenlayer. They are full of gimmicks and have opportunities under the broad consensus of modularization. Rollups upload DA and use BTC scripts to implement some simple BTC on-chain mechanisms (most of which are based on the bit commitment idea of BitVM), which is barely half a foot into the BTC security carriage. Who says that a sovereign Rollup that relies on self-verification is not a Rollup? (We all need to thank Celestia for its long-term CX of sovereign Rollup) The jewel in the crown of BTC L2 is to use BTC script logic to verify the proof uploaded by Rollup. Currently, only BitVM and Atomicals' AVM are trying this, which is infinitely close to the security relationship between ETH and its Rollup. At present, it seems out of reach at the implementation level, but the unblocking of new operators such as op_cat seems to further accelerate its progress, and BitVM may be implemented faster than everyone expects.

After in-depth analysis and discussion of BTC L2 technology, we realize that despite the challenges, the future of the BTC ecosystem is full of possibilities. From consensus on fair distribution to inscription-based expansion solutions, to the pursuit of fully mature expansion solutions that share strong security with BTC, the Bitcoin ecosystem is undergoing a historic change. These technologies are not only expected to significantly improve the scalability and efficiency of the BTC network, but will also introduce new asset types and trading methods, opening up new opportunities for users and developers. However, the successful realization of these goals requires the joint efforts of community consensus, technological maturity, and practical verification. In the process of exploring the most effective L2 solution, security, decentralization, and optimized user experience will remain top priorities. Looking to the future, with technological advancement and community collaboration, BTC L2 technology is expected to unlock new potential for the Bitcoin ecosystem and bring new opportunities to the Bitcoin ecosystem.cryptocurrencyThe world brings more innovation and value.

The article comes from the Internet:Bitcoin Layer2: Scaling solutions, challenges and future prospects

Related recommendations: Magpie joins the game and re-stakes, reviewing the token performance of the "Yield Master" project

Eigenpie can generate re-pledge certificates ILR, and its platform currency is EGP. Written by: shushu The re-pledge track welcomes new players. On January 23, Magpie announced a partnership with EigenLayer to launch a SubDAO"Eigenpie". Magpie XYZ…