POPS Bridge Service

Introduction

Currently, cross-chain bridges play a crucial role in the Bitcoin ecosystem, allowing Bitcoin to circulate across different blockchain networks, thereby broadening Bitcoin's application scenarios and enhancing its liquidity. However, despite the convenience cross-chain bridges offer users, they also face a range of technical and security challenges.

Technical challenges include the complexity of cross-chain interactions and compatibility issues with various chains. Cross-chain bridges need to effectively handle different blockchains' transaction verification mechanisms and consensus algorithms, which is highly challenging technically.

Security issues are the most severe challenges facing cross-chain bridges today. In recent years, many cross-chain bridges have been hacked due to security vulnerabilities, leading to significant financial losses. These security issues primarily stem from vulnerabilities in smart contracts, weaknesses in centralized designs, and insufficient encryption measures. For example, a minor flaw in a smart contract can be exploited to execute unauthorized fund transfers.

Additionally, decentralization issues are a significant concern for cross-chain bridges. Many existing bridges rely on specific validators or consortia, which can lead to excessive centralization, thereby increasing the risk of single points of failure and potential manipulation.

Therefore, although cross-chain bridges greatly facilitate the interoperability of the blockchain ecosystem and the circulation of assets, it is essential to address these technical and security issues to achieve sustainable long-term development.

With the introduction of BitVM, deploying smart contracts on Bitcoin and processing asset withdrawals backed by Bitcoin security has become possible. In this context, Popsicle proposes a decentralized bridging solution based on BitVM. This approach utilizes BitVM along with hash locks to implement asset custody contracts within Bitcoin itself. This allows for the free transfer of Bitcoin between the Popsicle ecosystem and the Bitcoin network without the concerns of centralization and censorship risks, thereby truly expanding the Bitcoin network.

Architecture

Key Components

Processor

Processors are primarily responsible for assisting users in locking and unlocking their assets. In the Popsicle Bridge, any Popsicle UTXO Reserve requires the corresponding secret to be unlocked, so the Processor only acts as a collaborator and cannot access any UTXO assets. Following the Bitcoin Taproot upgrade, which introduced Schnorr signatures and MAST, Popsicle's Processor will build an m-n multisignature network on this basis, and can inherently inherit other advantages of Schnorr multisignature, such as privacy protection and reduced space usage. At the same time, this allows the number of shards that a multisignature wallet can hold to be greatly expanded, theoretically supporting a network of over a hundred Processor nodes.

Utilizing MAST, we can construct a multi-combination UTXO multi-signature unlocking condition, which are $C_n^m$n-n Schnorr multi-signature combinations, thereby achieving an m-n Schnorr multi-signature under Taproot. Additionally, in the future, we will introduce BitVM smart contracts, which upon being triggered by user withdrawal proof and Processor signatures, will complete the withdrawal operations for the user. All operations will be submitted as commitments to the Bitcoin network, which will carry out the verification. Moreover, to enhance subsequent Schnorr efficiency, MuSig2 will also be introduced to reduce the number of interactions.

Transactor

The transactor will serve as a key module for processing users' asset locking and unlocking on Bitcoin. Users directly interact with Transactor to obtain locking and unlocking proofs, thus completing a decentralized and trustworthy BTC bridge. Utilizing TEE (Trusted Execution Environment) and Shamir's Secret Sharing, Transactor can provide a secure and reliable framework for executing asset locking and unlocking on the Bitcoin network. TEE provides a secure execution environment to ensure the security and privacy of transactions, while Shamir's Secret Sharing allows for risk dispersion among Popsicle Network, reducing the possibility of a single point of failure and enhancing the overall system security. In this way, Transactor can provide a decentralized solution to POPS bridge users, letting them teleport BTC between the Bitcoin network and Popsicle Network with Trustminze

transactor primarily handles the generation of deposit certificates, each with a corresponding pre-image, which we refer to as the 'secret'. When a user initiates a deposit request, the Transactor submits the generated deposit certificate to the user, who can then use it to initiate a P2TR transaction on the Bitcoin network to lock their Bitcoin assets. Similarly, when a user needs to unlock their assets, Transactor encrypts and provides the secret to the withdrawing user, enabling them to unlock their Bitcoin assets on the Bitcoin network.

Popsicle leverages TEE and SSS to generate and store the secret generated by the Transactor, We can let

$$a_0= Secret$$

• then, Choose a sufficiently large prime number $p$ to use as the modulus, ensuring all operations are performed modulo $p$.

• Determine a threshold $t$, the minimum number of shares required to reconstruct the secret.

• After, the preparation process, Randomly select a polynomial of the degree $t−1$

$$f(x) = a_0+a_1x+a_2x^2+...+a_{t-1}x^{t-1} \mod \ p$$

• Then depending on the $t$ what we determined before, computing a $(i,f(i))$ for each participant, where $i$ is a nonzero positive integer, typically starting at 1.

• When at least $t$ shares are collected, the secret $S=f(0)=a_0​$ can be recomputed using the Lagrange interpolation formula:

$$f(0) = a_0=\sum_{i=1}^ty_i\prod_{j=1,j\neq i}^t \frac{-j}{i-j}\mod \ p$$

In this way, we can not only enhance secret protection but also offer flexibility and scalability suitable for network needs. After a user completes the asset withdrawal destruction operation, the Transactor will generate a Proof containing the encrypted secret for the user. This proof will serve as an important credential for user interaction with the Processor.

Asset Controller

This module exists as a Pallet within the Popsicle Network and interacts only with the Transactor. Once a user's certificate deposit is complete, the Transactor will update the PURP and issue an asset generation command to the Asset Controller. Upon receiving the command, the Asset Controller will redeem an equivalent amount of BTC assets for the user at a certain address. When the user completes the asset withdrawal BTC lock operation, the Controller will interact with the Transactor to provide the information needed to generate the proof.

PURP(Popsicle UTXO Reserve Pool)

After each certificate deposit, a UTXO Reserve will be accumulated into the Popsicle Network. All UTXOs will exist as part of the Popsicle funds Pool. When users have a withdrawal need, the Processor will collaborate with them in completing the withdrawal operations.

Bridge Workflow

Peg-in

Peg-in workflow

Peg-out

Peg-out workflow