Threshold tBTC v2
Status
Mainnet
Type
Bitcoin Bridge
TVL
āæ5,648
Associated Layers
EVM-based chains
tBTC is a wrapped version of BTC that lives as an ERC-20 token on EVM-based blockchains. Its accounting ledger is Ethereum. The BTC backing tBTC is secured by a distributed signer set and staking mechanism.
Metrics
BTC Locked
Total amount of tBTC locked on Base and Ethereum per day.
Assessment
Reputation & Participation
Users trust permissioned entities with the custody of their BTC. tBTC Beta Stakers must apply to Threshold DAO for signing privileges
The bitcoin wallets that store the bitcoin backing tBTC are managed by a permissioned signer set. The signers of the wallets participate as stakers in an Ethereum staking contract to become eligible for signing privileges. When a new wallet is created, a randomized process, known as the sortition pool, will select signers who will be responsible for custodying funds and signing transactions for respective bitcoin wallets.
If signers colluded, and had sufficient amount of signing power for a bitcoin wallet, they could steal funds from a wallet they managed.
If signers colluded, and had sufficient amount of signing power for a bitcoin wallet, they could steal funds from a wallet they managed.
Signing Mechanism
Threshold ECDSA scheme used for signing transactions
Each bitcoin wallet that manages BTC backing tBTC is controlled by participants in a tECDSA scheme. The tECDSA scheme sees a specific bitcoin wallet's private key sharded into a 100 key shares which are distributed to a randomly selected group of signers. In tBTC, there is a 51% signing threshold meaning that 51% of the signers are needed to create a valid signature to authorize bitcoin transactions.
Key Storage
No specific key storage requirements
There is no specific hardware requirement associated with running a tBTC v2 signing node. Nodes can also be run via a number of VPS providers.
Censorship Resistance
No blacklist or pause function on tBTC smart contracts
tBTC's token contract does not have functions that can censor individual users. It is upgradeable via the Threshold DAO and a controller elected by the DAO. If an upgrade to the tBTC token contract was malicious, then users would have 1 day to exit.
A malicious upgrade could result in the loss of user funds.
A malicious upgrade could result in the loss of user funds.
User Risk
tBTC is a distributed, but permissioned system
While trust is distributed across a number of parties, tBTC is not a fully trustless system. Users trust that Beta Stakers won't collude and steal BTC backing tBTC. They also trust the tBTC protocol to ensure that signing responsibilities are sufficiently distributed so a single entity cannot gain control over 51% of signing power for a specific wallet.
Additional Considerations
Trust assumptions related to tBTC change per the chain it is deployed on. Ethereum is the accounting layer
Trust assumptions related to tBTC change across each system it is deployed on. For example, the tBTC gateway between Ethereum and Base is managed by a 6/9 multisig. This is a stronger trust assumption when compared to using tBTC on Ethereum. When interacting with tBTC across various chains, users should be aware that there may be additional trust assumptions.
š¬ We are currently researching tBTC trust assumptions across the chains its deployed on.
š¬ We are currently researching tBTC trust assumptions across the chains its deployed on.
Contract addresses
The relevant smart contracts for tBTC are linked below:
tBTC Ethereum smart contract
tBTC Base smart contract
tBTC BOB smart contract
tBTC Polygon smart contract
tBTC Solana smart contract
tBTC Optimism smart contract
tBTC Arbitrum smart contract
tBTC Ethereum smart contract
tBTC Base smart contract
tBTC BOB smart contract
tBTC Polygon smart contract
tBTC Solana smart contract
tBTC Optimism smart contract
tBTC Arbitrum smart contract
Technology
tECDSA Scheme
Signers who participate in securing the bitcoin wallets in tBTC's protocol leverage a tECDSA scheme to shard the wallet's private key across a number of parties. In tBTC, the tECDSA scheme has a 51% threshold. It requires 51% of the threshold of signers to produce a valid signature for a bitcoin transaction.
Signers of bitcoin wallets are selected through a randomized process known as the sortition pool. When a new wallet is created, a signer submits a sortition transaction to kick off a distributed key generation ceremony. The sortition pool then selects a number of signers to participate in the ceremony, generate a new wallet, and then distribute the private key shards across the group of signers.
Once the signers are distributed their individual key shares, they then participate is signing events via an offchain communication protocol.
Signers of bitcoin wallets are selected through a randomized process known as the sortition pool. When a new wallet is created, a signer submits a sortition transaction to kick off a distributed key generation ceremony. The sortition pool then selects a number of signers to participate in the ceremony, generate a new wallet, and then distribute the private key shards across the group of signers.
Once the signers are distributed their individual key shares, they then participate is signing events via an offchain communication protocol.
Ethereum Staking Contracts
Participation in the tBTC protocol requires a prospective signer to participate as a staker. tBTC's staking contracts live on Ethereum. A signer would need to acquire the necessary amount of T tokens to participate as a staker, stake them via the T staking contract, and then apply to become a signer through Threshold governance.
Multiple Bitcoin Wallets
tBTC creates new wallets periodically to store the bitcoin backing tBTC. Every wallet undergoes its own distributed key generation ceremony and has a unique signer setup. This distributes the risk of collusion and theft across a number of wallets and signer groups.
Economics
Signers selection process influenced by stake of T token
Signers of bitcoin wallets backing tBTC are selected by a randomized process known as the sortition pool. While random, the overall value of a prospective signer's stake does impact the amount of key shares they receive in the threshold signing scheme. If a prospective signer hold a significant amount of stake (e.g. > 51%), there is a chance they could effectively gain unilateral control of a single bitcoin wallet.
This is currently mitigated by the fact that tBTC signing privileges are currently permissioned and signers must be approved by the Threshold DAO in its current set up. If tBTC signing privileges became permissionless, the mechanism could be vulnerable to malicious parties acquiring a large amount of stake.
This is currently mitigated by the fact that tBTC signing privileges are currently permissioned and signers must be approved by the Threshold DAO in its current set up. If tBTC signing privileges became permissionless, the mechanism could be vulnerable to malicious parties acquiring a large amount of stake.
Knowledge Bits
Learn more