Bitcoin is a proof-of-work blockchain without smart contract capabilities, making it extremely challenging to build native apps without the use of a trusted bridge to another blockchain. Babylon has created a novel way of using existing features of Bitcoin so that delegators can stake their BTC natively on Bitcoin to provide additional security for the Babylon chain and its consumer chains. Consumer chains are relatively smaller and less secure, thus looking to inherit extra security from BTC staked via Babylon.
The transaction required to stake BTC with Babylon doesn’t require the use of smart contracts like other blockchains, or even bridges like Bitcoin L2s. It all happens natively on Bitcoin. But how does the BTC timelock actually work? And what happens to your staked BTC?
Let’s take a deep dive at what happens behind the scenes when BTC is staked using Babylon.
Getting Staked with Babylon
Bitcoin Script, the programming language native to Bitcoin, is used to write a set of conditions for how BTC can be spent at a later time. Bitcoin Script is not Turing complete, so smart contracts can be re-used and referenced by multiple parties that do not exist on Bitcoin. Instead, the conditions must be written specifically for every transaction. Because of this, there’s a group called the Covenant Committee which checks every incoming staking request and verifies that the unbonding and slashing conditions (such as staking duration and slashing percentage) adhere to Babylon’s rules. If the committee reaches a quorum of approval, they provide their signature too, initiating the staking period.
As a delegator, the staking transaction happens on Bitcoin and uses Bitcoin Script to set conditions for how the staked BTC can later be spent, which we explain below. In the staking transaction, the delegator specifies the Finality Provider they wish to delegate to, the BTC amount, and the number of blocks for which they’d like to stake. It is important to remember that the staked BTC remains in the delegator’s wallet, and these conditions just specify how the staking period can end.
Ending The Staking Period With Babylon
There are three ways the staking period can end according to the conditions in a Babylon staking transaction:
- The timelock duration elapses and the BTC becomes spendable by the delegator again
- A shorter timelock is set in order to unbond early
- The finality provider double signs, slashing a portion of the stake
Even though staking with Babylon is used to secure chains outside of Bitcoin, the first two conditions make sure that as long as Bitcoin still works, delegators can withdraw their staked BTC independently from any other chain. Let’s break down these three outcomes in detail.
(1) Timelock expires
The first condition of the staking transaction is a “timelock”, or a number of blocks to lock BTC. If the delegator does not unbond early and the finality provider is not slashed, once the timelock elapses the staking period ends and the delegator can spend their BTC again.
During Phase 1 of mainnet, all delegations use the maximum timelock duration of 64,000 blocks, which equates to approximately 15 months.
(2) Unbond early
When unbonding before the timelock expires, the delegating wallet can create and sign a new staking transaction to override the timelock from the original staking transaction. The new timelock duration is set to the minimum unbonding period set by the protocol (currently 1008 blocks). Just as before, the covenant committee will have to approve and sign this new transaction. Then, unbonding begins.
(3) Finality provider double signs
The slashing conditions the delegator agrees to in the staking transaction specify a slashing percentage predetermined by Babylon, the burn address for sending slashed funds to, the delegator’s address to send the remainder of the funds to, and the minimum unbonding period for those remaining assets. To execute the slashing conditions, the staking transaction requires a signature from the delegator, a quorum of the covenant committee, and the finality provider. Provided the first two signatures are already there, a signature from the finality provider will execute the slashing condition. This is only possible if the Finality Provider double signs.
Finality providers make attestations to the chain via an Extractable One Time Signature (EOTS). The important feature of an EOTS is that if (and only if) the finality provider double signs, the two signatures can be used together to decrypt the finality provider’s private key (due to the use of Schnorr signatures), which can then be used to provide the signature required for slashing.
It is important to note that even though the finality provider’s private key is exposed to the world, they can’t slash any amount of funds other than what the delegator has pre-approved in the staking transaction.
A Note on Private Key Exposure via EOTS
You may be wondering, “even before my finality provider’s private key is exposed to the world, couldn’t they still maliciously slash me since it has access to its own private key?”.
Without going into the underlying cryptography, doing so would slash the finality provider delegated stake and its self-delegated stake, just like on most other dPOS chains. This incentivizes the validator not to do this.
Closing Thoughts
Staking BTC through Babylon can seem like a new, complicated process. However, the underlying script is nothing new to Bitcoin yet makes staking feel identical to any existing dPOS chain.
Figment is really excited that you can now ‘stake’ on Bitcoin. This is not something that we envisaged back in our early days when we started this journey, the ability to stake on the ‘original’ network seemed like an impossibility. This is why the crypto industry is so compelling, what seemed impossible at one point in time can become a real possibility in a short amount of time.
To learn more about the details of Babylon staking, you can read our First Look article. We will also be continuing the conversation as Babylon evolves. To keep up to date, you can subscribe to our newsletter here.
Resources