Now Reading:
It’s 2019, Where Are Bitcoin’s Sidechains?
Full Article 4 minutes read

It’s 2019, Where Are Bitcoin’s Sidechains?

Back in 2014, a white paper co-authored by many of the individuals who co-founded Blockstream, which is a blockchain technology company mostly focused on Bitcoin, was released to much fanfare. The paper, titled Enabling Blockchain Innovations with Pegged Sidechains (PDF), was generally viewed as a death blow for the various altcoins that were becoming more popular at the time because it promised to allow for Bitcoin to inherit any of the features found on alternative public blockchains.

However, the type of sidechain outlined in the original white paper has not materialized.

Today, the only sidechain from Blockstream operating on Bitcoin’s mainnet, Liquid, uses a federated model, which is a design that was also mentioned in the original white paper. In this federated model, a group of trusted functionaries sign new blocks, hold sidechain funds in a multisig address, and control the ability to withdraw bitcoin from the sidechain.

So, what happened to the promise of trustless sidechains?

Blockstream mathematician Andrew Poelstra, who was one of the co-authors of the sidechains white paper, was asked about sidechains during an Austin Bitcoin Developers Meetup late last year. In his response, Poelstra discussed what happened with the original sidechains vision and how a trustless two-way peg for sidechains could work in the future.

Groking the SPV Sidechains Security Model

According to Poelstra, the co-authors of the original sidechains white paper wanted to create a trustless two-way peg mechanism for sidechains based on simplified-payment-verification (SPV) security. While this SPV model originally showed promise, Poelstra said the poor security tradeoffs made with this sort of system were better understood after discussions on the Bitcoin development mailing list between Bitcoin developers Peter Todd, Mark Friedenbach, Greg Maxwell, and others.

“We came to understand that the SPV model that we were pursuing created very bad incentives and was ultimately untenable with — and this is just my opinion — the current state of bitcoin mining centralization,” said Poelstra.

Poelstra added that there are issues with the SPV-based model even in a hypothetical situation where bitcoin mining is much less centralized.

“The more money you have in the sidechain, the greater the incentive is for somebody to do this massive [blockchain reorganization],” said Poelstra. “In our original sidechains proposal, we weren’t very explicit about that security model, mostly because we did not fully grok that that was our security model.”

Recently, the issues associated with blockchain reorganizations have been in the news due to the increasingly common practice of 51% attacks on smaller, less-secure blockchains such as Ethereum Classic. Miners are able to effectively steal money through these blockchain reorganizations by spending the same coins twice. A similar issue exists with SPV-based sidechains where miners are able to fake SPV proofs and steal all of the funds on the sidechain if they have enough hashing power.

In an alternative sidechains model known as drivechains, the level of trust placed in miners is much more implicit. From Poelstra’s perspective, there are pros and cons to this alternative.

“The one great thing about drivechains is that it is very explicit about this being the security model, but the bad thing about drivechains is that that’s its security model,” said Poelstra.

Drivechains are currently being tested on a testnet version of Bitcoin.

How Can We Get Trustless Sidechains?

While federated sidechains are possible right now and drivechains may be launched in the near future, there is still a desire for a sidechains model that doesn’t require users to trust miners or a group of functionaries.

According to Poelstra, trustless two-way pegged sidechains may still be possible in the future.

“I think that now if we want to do a real two-way peg, we probably need to get like full, efficient, general-purpose zero-knowledge proofs, and we need a way for Bitcoin validators to be able to validate what’s happening on the sidechain before allowing pegs to come back,” explained Poelstra.

Poelstra added that these zero-knowledge proofs would make the risks associated with deep blockchain reorganizations similar to what they are today with Bitcoin’s main chain.

In terms of specific solutions, Poelstra pointed to the potential of ZK-STARKs, which are currently being worked on by StarkWare Industries.

“[This research] is moving us towards a world where we maybe have those kinds of zero-knowledge proofs, and then suddenly we can go revisit that stuff and get a stronger security model that I’m more comfortable with. So, that’s where we’re at [with sidechains],” said Poelstra.

Input your search keywords and press Enter.