Last week, the Keep team announced tBTC first testnet. The project is highly anticipated since it can play a crucial role in bringing BTC liquidity into DeFi. Given the importance of the project, today we'll revisit the basics of the project which we initially discussed in a previous newsletter:
How is tBTC different?
The simplest way to create a Bitcoin peg in Ethereum is to deposit BTC into a trusted-party wallet and the trusted party will issue an ERC-20 token representing the pegged BTC. This is exactly how WBTC works. Users deposit BTC to BitGo, Kyber or other project partners, and get issued WBTC on the Ethereum blockchain. Though the design is simple, the counterparty risk is high. If any WBTC issuers are hacked or lose access to their BTC wallet, the issued WBTC has no backing. Additionally, there’s a limited number of possible custodians, only trusted brands can be a custodian in the WBTC system.
The tBTC system solves these two issues, i.e., the need for trusted entities and the counterparty risk, by borrowing the concept of native bonds from MakerDao. Simply speaking, any person or entity can be a custodian for BTC backing if they deposit a bond in the Ethereum blockchain that is higher in value than the custodied BTC. The provided bond removes the trust, i.e, centralization, requirement and also minimizes the counterparty risk. If the custodian, aka “Signer” in the tBTC system, becomes insolvent, the provided bond will be used to make BTC depositors whole.
Another advantage of the tBTC system comes from the use of multisig wallets. Each BTC deposit is secured not by a single custodian, but by a group of custodians. The system randomly selects a group of signers who collectively create a multisig wallet that is used to custody the deposited BTC. The funds in the wallet cannot be moved unless a threshold of signers agree to move the funds. If suspicious movement of custodied BTC is detected, anyone can submit a fraud proof and cause the associated signers to be liqiuidated and penalized.
What Are The Weaknesses of The tBTC System?
1. Price Feed Oracle
Bond-based pegging systems such as tBTC need a way to know the price of the bonded asset to ensure the bond value is higher than the custodied BTC. This is known as the price oracle problem.
The tBTC system would initially support BTC as a bond asset and require an appropriate overcollaterization. Hence, the price oracle needs to frequently update the ETH-BTC price to make sure the bond is always at least 1.5x of the value of custodied BTC. The oracle problem is one of the hardest problems to solve. MakerDAO’s solution, that is also used in tBTC, depends on a number of trusted accounts, Price Feeds, to report on the bond asset price periodically or when a change of 1% or more occurs in the asset price.
This approach for implementing the price oracle introduces an element of centralization and a need for trust in the price feed accounts. For example, these accounts may collude to submit a wrong price, cause Signers to get liquidated for under collateralization, and earn liquidation rewards. The limitations of this design of the price oracle has spurred interesting discussions on alternative ways to implement the oracle. Solutions like descending price auctions or time-limited order books could be viable alternatives to the feed-based price oracle.
2. Multisig Gaming Risk
Another weakness in the current tBTC spec is that in cases of liquidation, a majority of the BTC deposit transaction signers can steal the BTC deposit.
The tBTC system doesn’t, and probably cannot, protect Signers from this attack vector. The spec states: “What the unresponsive signers do with the BTC outside the tBTC system design is for them to decide — it might be split up, stolen by a signing majority, or lost permanently”
For example, let’s consider a deposit of 1 BTC in a 3-of-5 multisig. The tBTC system requires each Signer to deposit an ETH pond equivalent to ⅓ BTC. The collateralization ratio, in this case, is ~ 166% or equivalent to 1.66 BTC. If the bond value suddenly drops to 1.5 BTC. The majority of signers ( 3 in this case) can steal the whole deposit (1 BTC) and effectively avoid any losses from the liquidation process.
To avoid this problem, the first version of tBTC will require n-of-n signatures, i.e., all the signers need to agree to spend the transaction. In addition, a Courtesy call goes to Signers who are at risk of liquidation to urge them to redeem the deposit before it is force-liquidated.
In conclusion, the released tBTC spec is an initial draft and there is significant room for improvement regarding the system’s decentralization and security. We will be closely following the project and would take a part in testing the project on testnet and the following mainnet launch.
State of Digital Assets Event
The recordings from The State of Digital Assets seminar we co-hosted with CMT Digital are now live.
Watch ARK Invest CEO Catherine Wood's insightful keynote on assessing Bitcoin's opportunity here. To catch panels with speakers from TD Ameritrade, Fidelity, CFTC, Square Crypto, Bakkt, and MIT, head on over here.
⚡️ One-click Bitcoin Lightning networks for local app development & testing
In Issue #21 we covered Polar, writing “Lightning app devs can now create regtest Lightning Networks in just a few clicks via Polar.” When this issue dropped, Polar didn’t have a website yet and it was still a small project. Now the team's moving up in the world. A website is up and Polar is gaining significant traction lately.
Devs can visualize their entire network, quickly identify channel balances, have RPC Connection info at their fingertips, and manage nodes with just a few clicks. Plus, multiple Bitcoin and Lightning nodes, including LND and c-lightning, can be mixed and matched in a network to simulate many different scenarios during testing.
⚡️ Escher by Iterative Capital
Similar to Jack Maller’s Strike, Iterative Capital just released Escher, the “instant bridge between Lightning & the Dollar.” Users can buy and sell bitcoin instantly – here’s a video that breaks down the process.
🔹 Dharma’s new dToken
Dharma announced they will “deploy a new system of smart contracts, called dTokens, which are a wrapper around Compound cTokens.” Similar to rDAI, these dTokens are interest-bearing stablecoins that are backed by their respective cTokens on Compound. The noteworthy change is that moving forward users will earn slightly less interest than what they were earning on Compound; however, this is to serve as a revenue stream for Dharma to continue building innovative features in DeFi.
So, if we assume the interest rate is 5% APY on Compound, Dharma will users will earn 4.5% APY and the other 0.5% Dharma will collect. No changes are required by the users, as all of this will be implemented on the backend. A few days after making this announcement, the team announced that all of Dharma’s US users can instantly deposit into Dharma via their debit card and withdraw those funds back to the bank account 24/7/365. Whatever is deposited into Dharma will earn 7.3% interest from anywhere in the world.
🔹A Major DeFi Drama: Fulcrum Attack and The Consequences
Recently, a clever attacker utilized multiple DeFi protocols to execute a sophisticated attack against Fulcrum/bZx Margin lending protocol. The attacker started by taking a 1000 ETH ( ~ $3M) flash loan on dYdX with zero collateral.
The attacker then split the loan into two parts; the first half was used to borrow WBTC from Compound, the other half was used as collateral to make a 5x short margin trade on bZx. The borrowed WBTC was dumped on Kyper Network exchange to manipulate the WBTC price and, hence, the price oracle for bZx to realize a huge manipulated profit in his short position. The flash loan was paid back and the attacker left with more than $300k in profit from a single attack performed using a single transaction.
The drama intensified when the bZx team announced they will use the contract admin keys to confiscate the attacker collateral and use it to pay back the users. And things got even trickier when some of the affected users, who previously bought insurance covers from Nexus Mutual, filed claims to get compensated. As Nexus covers only cover smart contract technical hacks, the filed claims were rejected.
🚀 Crypto memes and adoption
Scalar Capital co-founder Linda Xie wrote a piece on the origin of memes (we learned the word originated in the '70s), the critical role they play inside and outside of our industry, and how memes have evolved. Plus, she gives us some tips on how to level up your crypto meme game. Read more on her deep dive into Blockchain not bitcoin, Magic internet money, HODL, Dogecoin, and more here.
Disclosure: Token Daily Capital and/or its partners may have exposure to some of the cryptocurrencies mentioned in this newsletter.