Security is one of the biggest concerns for Bitcoiners that want to have access to Decentralized Finance (DeFi) solutions. The developers of RSK know this very well. This is why they have decided to implement the Powpeg into RSK, a 2-way peg protocol backed by the security of Bitcoin.
The RSK Bitcoin sidechain was created to enable some of the most innovative decentralized applications in the ecosystem. RSK is the leading platform in DeFi for Bitcoin solutions. With the upgraded RSK’s 2-way peg, RSK is paving the way for DeFi apps to be deployed leveraging Bitcoin’s security.
Understanding the Decentralized Finance Market
The Decentralized Finance space has grown considerably over the past year, and is one of the most innovative and potentially revolutionizing sectors in the cryptocurrency ecosystem. There are dozens of protocols and projects that are already helping users to get access to some of the most advanced decentralized financial solutions in the world.
Lending, borrowing and farming can be done using just an Ethereum (ETH) wallet. This is how simple it is for users to participate. However, Ethereum consensus security is only a small portion of that behind Bitcoin. In terms of hashrate, sometimes referred to as thermodynamic security, Bitcoin is by far the most secure and largest blockchain network in the world. This makes Bitcoin the best option for users that care about the safety of their assets while participating in the crypto market. Despite that, it is very difficult to use BTC and participate in the Decentralized Finance industry without converting BTC into highly centralized ERC-20 tokens or wrapped BTC. This is where RSK comes into play by creating a more inclusive financial system backed by the security and decentralization of Bitcoin.
The RSK Federation
The RSK 2-way peg has been working uninterrupted and under the hood since it was first launched in 2018. At the core of the original RSK 2-way protocol was a Federation. Each functionary of the federation manages a Bitcoin key used in part for multi-signatures. Functionaries participate to protect locked bitcoins and a limited number of malicious parties is tolerated. The RSK Federation worked with the help of a smart contract called the RSK Bridge, which coordinates all peg-out actions, and responds to all peg-in requests. Peg-in is the process of transferring funds (BTC) to the sidechain, while Peg-out process is the contrary: moving funds (BTC) to the Bitcoin network.
However, members of the RSK community realized that for the network to continue growing, it was necessary to have an even more secure peg. Today, RSK leaves behind the pure federated model and evolves into what is called Powpeg.
Time for Powpeg
The Powpeg is an evolution of the federated system. It was discussed and accepted by the RSK community in 2020, and it’s now being deployed. The Powpeg is a 2-way peg system that secures locked Bitcoins by requiring the same Bitcoin hashrate that establishes the RSK blockchain consensus. Powpeg members are called pegnatories, and their role and responsibilities are much more limited than previous functionaries
The Powpeg is based on a layered security model called “defense-in-depth”. The system relies on different layers that are simple to understand and test, and each layer provides an additional level of security. No single layer failure should render the system vulnerable.
Since Powpeg does not have a requirement of high collateral from pegnatoreis, as in other competing systems, not even all pegnatories in a collusion are capable of stealing the locked bitcoin. However, to incentivize good-behaviour and Powpeg liveness, the RSK Powpeg channels a small portion of RSK transaction fees to them.
To participate in the Powpeg, pegnatories need to use specialized hardware called PowHSMs. These devices are connected to special RSK full nodes called pegnodes. The PowHSMs protect the private keys required for the multi-signature protocol and can only sign transactions that are confirmed with enough cumulative work generated by RSK merged-miners. It is worth mentioning that pegnatories do not participate in the production of blocks on the RSK network and play no part in the signing by PowHSMs, which is now automated.
Merged Miners in Action
A majority of Bitcoin miners, measured by hashrate, are currently participating in the RSK network through merge-mining. The RSK network is currently among the largest merged mining networks in the world. Merge-miners are a key part of the Powpeg multi-layer defense system. While they confirm RSK blocks, they are securing the Powpeg bridge with Bitcoin. Meanwhile, PowHSMs rely on the cumulative work provided by merge-miners to ensure they sign valid peg-out transactions.
Another important subsystem that protects the RSK blockchain is called Armadillo. This system monitors the Bitcoin blockchain for RSK forks to ensure there are no malicious merge-miners. By connecting the pegnodes to the Armadillo monitoring system, the peg is protected from malicious or accidental forks, unwanted errors and other issues that could affect the integrity of the system. The Armadillo monitor works by tracking parallel RSK forks through examining merge-mining tags, and the tags are verified in consensus to contain just enough information to build a blockchain fork graph. If conflicting forks are detected, it can automatically send alerts to pegnodes, exchanges and other economic actors.
Peg-in, Peg-out and RSK Powpeg Properties
Exchanges and merchants can also interact with the RSK 2-way peg. They only need to interact with the Bridge smart contract on the RSK network. The Bridge maintains the view of the best chain of Bitcoin, and both users and pegnodes can participate in best chain maintenance and informs about new blocks or reorgs. Furthermore, the Bridge autonomously verifies peg-in requests and commands peg-outs. Sending transactions is a very easy process in which Pegnatories act as “watchtowers” informing peg-ins for free.
RSK developers explain that the RSK Powpeg uses a hybrid peg model. While peg-ins work in a fully decentralized manner using Bitcoin SPV proofs, peg-outs are accepted by the Bridge, and the Bridge commands the PowHSMs to auto-sign a peg-out transaction. The PowHSMs also require SPV proofs, but for the RSK blockchain. Furthermore, and a very important thing to add, the Bridge works as a Bitcoin Blockchain Oracle as well, allowing the RSK network and smart-contracts to be exposed to and query the Bitcoin blockchain.
Understanding Powpeg’s Security
As mentioned before, Powpeg focuses on security. This security is based on four main pillars:
- Proof of Work
- Coordination Transparency
- Public Attestation
Proof of work has been discussed already. Coordination transparency refers to all of the communication that takes place between pegnatories. In the case of the Powpeg, all message exchanges occur unencrypted on the RSK blockchain. It is not possible for an external attacker to use the existing communication system to exchange private messages attempting to coordinate dishonest actions surreptitiously. Also, no pegnode knows the internet addresses of the remaining participants, which reduces the chances of network escalation. Moreover, the system forces PowHSMs to be exposed to the blockchain honest chain and the remaining PowHSMs. Last but not least, is the Bridge smart contract responsible to build the peg-out transaction without allowing PowHSMs or pegnodes to take part in the transaction content selection, such as UTXOs or miner’s fees. The RSK Powpeg system prevents Pegnatories from applying selective censorship on peg-out transactions. If one pegnatorie tries to block a transaction, the other will make sure the transaction is signed and executed.
Planning the Future Security
Several independent teams are working in Powpeg improvements. One proposal, discussed recently, was to add an emergency recovery multisig with a one-year time-lock to activate if the Powpeg fails, bringing the peg back on stronger and more resilient to new attacks.
Second, a team at IOV Labs is working on the “Powpeg2 “(Powpeg squared). This proposal aims to improve the security of the system against malicious HSM manufacturers by letting miners participate as second-layer pegnatories with standard computers.
A community team is working on a proposal for an emergency system that is capable of reimbursing RSK users with Bitcoins in the Bitcoin network in case of a takeover or shutdown of the Powpeg or the accidental brick of HSM devices.
Many other minor improvements to the Powpeg are documented in RSKIPs or already in the RSK core developer pipeline.
Powpeg provides a far more advanced and reliable solution than and reliable than, for example, RenBTC, wBTC or tBTC. These wrapped bitcoins are synthetic workarounds and they represent weaker forms of finance. Some can be potentially reversed, confiscated or selectively censored for peg-out. Only RSK offers a truly Bitcoin-centric DeFi platform. Just to mention a few flaws of other protocols, the RenBTC community discovered that the development team was using a centralized custody system for the funds. Moreover, wBTC is managed by just three members, and two of them can easily move the funds. RSK Powpeg is being deployed with more than 12 PowHSMs.
In the case of tBTC, it’s possible that its over-collateralization strategy won’t work as expected. It may be very difficult to sustain the 1:1 peg under black swan scenarios. Moreover, it might be difficult for users putting collateral in tBTC to compete with other investment options available in the market, including farming or staking.
The RSK Powpeg is in continuous development. However, security is the most important aspect of it. The blockchain community continues to work on a wide range of innovative ideas to improve decentralization and also security.
New security layers can be added on top of others to further secure the network following RSK’s defense-in-depth approach. The RSK Powpeg is ready to provide the required liquidity for Bitcoiners approaching the DeFi market. In summary, the Powpeg allows developers and users to work in a decentralized and secure environment with layered protections, and a merge-mined consensus backed by Bitcoin miners.