Ethereum’s success taught the Bitcoin and crypto industry that smart contracts enable interesting blockchain applications. With DeFi achieving a level of product-market fit, we’re presented with an opportunity.

What if we can bring smart contracts and DeFi to Bitcoin?

sBTC aims to make this a reality.

This post is the second post in a series to help make the sBTC white paper more accessible. Read Part 1 here.

Notes: This is a summary. Please refer to the official white paper for the most detailed representation. This is not financial advice.

Let's dive in.

sBTC’s design centers on economic incentives

The following quote from the white paper best summarizes sBTC’s design:

The main safety assumption in the design of sBTC is that the economically rational option for stackers is to always fulfill the peg.

To reiterate our understanding from Part 1, sBTC is a 1:1 Bitcoin-backed asset on the Stacks Bitcoin L2. There is a two-way peg where sBTC users can “peg” from sBTC to BTC. This ensures there is always 1 Bitcoin for every 1 sBTC.

Core to the design of sBTC is ensuring that stackers maintain this 1:1 peg. This way, sBTC users know they can get their BTC back. Normal mode is how the peg works most of the time.

Normal Mode: pegging in and out of BTC

In Normal Mode, users peg into Bitcoin by sending BTC to a wallet/script. A threshold fraction of stackers control this wallet (more on this below).

When a user sends BTC to this wallet (a peg-in operation), sBTC is minted to the user's wallet. At this point, there is a 1:1 ratio between sBTC and BTC.

To convert their sBTC back into BTC, the user “pegs out” into Bitcoin. To do this, the threshold fraction of stackers fulfill the peg out. In other words, the stackers send the BTC from the peg wallet/script to the requested BTC address. Finally, the sBTC is destroyed.

Recovery Mode ensures the peg is maintained

sBTC is designed to ensure that users can always convert their sBTC back into BTC. After all, sBTC users do not want to be concerned that they cannot get their BTC back whenever they choose.

If there aren’t enough stackers online to sign peg-out requests, we enter Recovery Mode. In Recovery Mode, some of the payout that would have gone to stackers is redirected to fulfill peg-out requests. This continues until all peg-out requests are fulfilled.

Recovery mode is slower than normal mode, but it ensures users’ BTC will be redeemed. In Recovery Mode, stackers must fulfill peg-out requests, otherwise, they start losing BTC rewards.

To reiterate:

The main safety assumption in the design of sBTC is that the economically rational option for stackers is to always fulfill the peg, given they stand to lose a lot more money than they can make by acting maliciously.

Central to the sBTC design is the principle that failing to maintain the peg costs more than any potential gains from malicious actions. If they fail to maintain the peg, stackers start losing BTC rewards based on the Stacks protocol.

Put another way, stackers need to sign peg-out requests or else they start missing out on the reason they started stacking in the first place — to earn BTC.

In addition to this monetary incentive, there is a threshold of 70% signature validation. This ensures that a large portion of stackers would have to collude to attack the peg.

sBTC design considers a balance of incentives between Stacks miners, stackers, and users. Let’s take a quick step back to lock in our understanding.

Stackers lock up their STX to participate in the Stacks network. Next, they perform active work to get PoX rewards (they’re paid in BTC).

These stackers will maintain the BTC script/wallet (the wallet is used to satisfy peg-out requests). However, if stackers don’t satisfy peg-out requests, they can’t get their locked STX back and they don’t receive PoX rewards until all peg-out requests are satisfied.

Bitcoin finality = maximum security

All stacking-related transactions and all peg transactions are broadcast to Bitcoin as Bitcoin transactions. When a Stacks miner produces a new Stacks block, all of the Stacks activity is recorded at the Bitcoin base layer.

Recording Stacks activity on the Bitcoin layer has big security advantages. With sBTC, Stacks will become more secure.

Stacks will now follow Bitcoin finality after 150 Bitcoin blocks (about 24 hours). Once Stacks transactions “make it” to the Bitcoin layer, they will achieve Bitcoin finality and can’t be reversed (unless Bitcoin is reversed 150 blocks back, which is highly unlikely).

Block pre-commits = 5-second blocks

Also, sBTC will introduce block pre-commits. The Stacks layer will require each miner to commit to the amount of BTC they intend to spend on their next Bitcoin block. If they don’t commit this amount in the next block, the pre-commit is invalid.

The block pre-commit enables the creation of "fast blocks," which occur every 5 seconds. While the group of Stacks miners is open for anyone to join at any time, the set of miners for an upcoming Bitcoin block is determined in advance.

A threshold signatures based wallet/script

We’ve talked a lot about the threshold signatures based wallet. Let’s break down how it works.

To reiterate, sBTC is designed to create a 1:1 sBTC to BTC ratio. sBTC users must be able to peg in and out of BTC when they choose.

As discussed in Part 1, the difficult part of this design is to make it decentralized. A peg-out functionality from a centralized entity is technically possible, but it comes with significant centralization risk.

The threshold signatures based wallet contributes to the unique decentralized nature of sBTC.

In short, the wallet facilitates peg-out transactions.

It’s always helpful to understand sBTC by starting with stackers. Stackers lock up their Stacks (STX) to participate in PoX. Why do they participate in PoX? Because they earn BTC for doing the work of performing peg-out signing.

Stackers will lock up their STX for a “stacking cycle” — two weeks where they’re responsible for signing peg-outs. The more STX a stacker locks up, the more signing power they have.

Validating a peg-out

70% of stackers must sign for a peg-out signature to be valid. Once 70% or more of stackers sign a transaction, BTC funds will move out from the peg wallet/script. At this point, the sBTC user has converted their sBTC into BTC.

So, to compromise the BTC wallet, 70% of stackers would have to collude.

2-week stacking cycles

Stackers commit to 2 weeks of signing. When this cycle starts, the PoX “anchor block” is mined.

When the PoX anchor block is mined, participants create a unique signatory public key. These keys are announced as part of the PoX reward set (the BTC rewards) and are used to create a peg wallet address for that cycle.

The peg wallet is a Bitcoin wallet that holds the BTC that will be converted into sBTC.

At the end of the stacking cycle, the wallet address expires and the BTC must be transferred to the wallet of the next stacking cycle.

These two-week stacking cycles allow stackers to participate in the consensus protocol, in a permissionless manner. Also, they ensure there are always funds in the wallets to help sBTC users peg in and out of Bitcoin.

Circulating Supply

The white paper takes about a page to discuss a few topics: sBTC circulating supply, decentralized on-chain Bitcoin oracles, liveness ratio, and bootstrapping the network.

According to the white paper, there is a configurable limit on the maximum circulating supply of sBTC. However, based on recent discussions in the Stacks Forum, the hard cap will no longer be implemented. There is an in-depth discussion about this issue on GitHub.

This changes the nature of the white paper’s sections on oracles, liveness ratio, and bootstrapping the network. Once an updated white paper is released, I will summarize this aspect of the sBTC design.

Incentives secure a 1:1 Bitcoin-back asset

In summary, sBTC is designed to create a system with a 1:1 Bitcoin to sBTC peg.

The main safety assumption in the design of sBTC is that the economically rational option for stackers is to always fulfill the peg, given they stand to lose a lot more money than they can make by acting maliciously.

This design creates the opportunity to create a decentralized 1:1 Bitcoin-back asset, sBTC, which will be used to bring smart contact capabilities to Bitcoin.