Speech TiTle: Bitcoin is a layered cake (Bitcoin layer 2 protocols)
Speaker: lisa neigut aka niftynei
Conference: Baltic Honeybadger 2022


Today, I’m here to talk about layers and specifically Bitcoin layer 2s. Let’s go through this framework I’ve been laying out on how Bitcoin layers work and then we’ll get into how that framework applies to three different projects in the Bitcoin space. There are three different projects in the Bitcoin space that are doing layered things with Bitcoin and hopefully this will help you understand how to think about layers.

Bitcoin layer one

Let’s just start off with layer one. In order to understand a layer of Bitcoin, the first thing you need to understand is what layer one looks like. Let’s talk really fast about how transactions work on layer one of Bitcoin and then we’ll take that understanding and move it into layer two.

On layer one, Bitcoin is holding on to state updates. What does a state update mean? In Bitcoin that means who has money. Let’s say a guy named Bob starts out with some bitcoin and then he wants to send it to someone else like Carol and Bob’s gonna update the state of his money by sending that money over to Carol. That’s a state update. State updates in Bitcoin are something that I’m going to call global. That means that as the state of who owns that money changes, everyone in the world needs to find out about it. The world is going to rotate, everyone needs to know that the world is changing. If we put everyone into a stadium and Bob decided he was going to pay Carol back for some beers, let’s say, there’s 10 000 people in that stadium when Bob gives his bitcoin to Carol, everyone in that stadium needs to find out about that change. This is a state update. It means that when money changes hands everyone has to find out. You can only send out so many updates to everyone at a time. Then you start getting into questions about how many state updates can we have at one time, which leads to long conversations like the block size war and then you start getting some information like how many people do we need to tell, how many updates can we make in a block, how often are new blocks made. So you sit down, you start doing some math and you find out that Bitcoin doesn’t scale. This is where layers come in.

Bitcoin layer two

Everyone has this fairly basic understanding that the number of global updates that can happen on a layer one is limited. This creates a scaling problem. If we have global updates, we understand how those work. What if, instead of making global updates, we just tell a small part of the world. This is where layer two comes in. I’ve come up with three principles that layers use about how instead of having global state all of a sudden you can have not global state. What does that mean?

First goal of bitcoin layers

The first thing when you’re making a new layer of Bitcoin which means you’re changing the ability of global state from needing to tell everyone to only having to tell a small group of people. The very first goal of layers is “don’t tell everyone”. So how do you do this in a blockchain? How do you go from having to tell everyone about state to only having to tell a few people? The way we do that is with something called multi-sig. You get a group of people together in a pool and that pool is governed by a multi-sig contract. This is something we can do on Bitcoin today. It’s really great.

Second goal of bitcoin layers

Now that you’ve got a bunch of people into a little pool of Bitcoin with a multi-sig, how do you tell who owns what? You would use the Bitcoin blockchain to say who owns what and who’s sending people to whatever but the problem with that is you had to tell everyone in the world anytime that the state in that situation changed. By moving the money into a pool all of a sudden you need a new way of accounting for who owns what and this can be more private. You don’t have to tell everyone in the world about changes to the ownership of bitcoin in that pool but now, in order to keep track of it, you need a new way of keeping account of it. This is where all the different layer twos have different method of accounting that they’ve invented or come up with. This is like a method of accounting.

Third and last goal of bitcoin layers

Now that you’ve got a multi-sig and you’ve got a method of accounting, which is typically not global because that’s how we’re making it faster, that’s how we’re scaling, you have to know how do you get out. You’ve got a multi-sig, how do you get your bitcoin out of this little local state thing where you’ve locked it and back into the global pool where everyone gets to see your transactions, where’s the exit?


Now that we’ve got three general principles about how layer twos work and how the accounting systems for them are developed, let’s walk through three different existing protocols that are layer twos for scaling Bitcoin and walk through how these three different principles apply to them.

Bitcoin lightning

We’ll start with one that I know best which is lightning. How do we “not tell everyone” in lightning? Super simple. We make a multi-sig contract, which is going to be a common theme here for this particular topic for all of these protocols. In lightning today, the type of contract or multi-sig that you use is a two of two. That means that there’s only two parties that ever need to know about state updates to that particular little multi-sig pool. How do we keep track of who owns what in that two of two for lightning? In lightning, we use something that I call pre-signed bitcoin transactions. We use Bitcoin transactions themselves as a method of account in lightning. The important thing about these transactions is that they’re not published, they’re not on chain, they’re like proposals for what could be published to chain. Every time the balance updates, we update that transaction. It’s an unspent bitcoin transaction. We have these little outputs there’s one that’s yours, there’s ones that’s mine. Anytime the balance in that multi-sig pool updates, we update this transaction with who gets what. You can just keep updating this very cheaply. It’s very fast to do. They’re immediately spendable bitcoin transactions which is an important part of the third and final part of our framework which is, how do you get out? The answer is you have an immediately spendable bitcoin transaction that has your current balance in it. You just spend that bitcoin transaction. That is how you get out of a layer two in lightning. You spend the immediately spendable bitcoin transaction which also is your unit of account or your accounting mechanism for this layer two. That’s like a very fast tour of how lightning contracts work.

Liquid by Blockstream

Let’s move on to another fairly well-known layer 2 “Liquid” project by Blockstream. How does this do the layer one thing of “don’t tell everyone”? Liquid is a multi-sig. It is a 11 of 15 multi-sig. There’s 11 federation members located around the world. Each of them has a key. They’ve got this big pool of bitcoin. Anyone can lock bitcoin into Liquid. In order to get it out, you have to do the 11/15. So, we make this big pool of bitcoin that’s an 11 and 15 multi-sig with a bunch of decentralized key holders. That’s a layer two. Anyone can lock bitcoin into here. Once it’s locked in, how do you know who owns bitcoin in that big pool of Liquid holders? The cool answer for Liquid in particular is, we came up with a second blockchain. There’s now another blockchain called the Liquid Blockchain that keeps track. This is now a way of keeping track or accounting for who owns what bitcoin in that big pool of multi-sig.

The fact that we came up with a new blockchain was pretty cool because it allowed us to add a lot of new and interesting primitives to a new blockchain that the base layer of Bitcoin didn’t have. One of these is confidential transactions, which are pretty cool. We added a whole bunch of new opcodes which lets us do new and cool smart contracting stuff. New opcodes just let you try new contracts and stuff, blocks come faster, you can issue other assets etc. But this is all because we have a totally different blockchain. It’s different method of accounting for who owns what bitcoin. Operates like a Signet and one of the problems about a blockchain is you end up back at the global state. At some point, in theory, Liquid will run into the same problem in terms of how many updates can you do at a time. There’s some trade-offs here. Now, we know who owns what in Liquid. We have a whole separate blockchain which keeps track of it and then how do you get out of liquid? The answer is, you have to go ask 11 of the 15 federation members to sign you your bitcoin out of it.


Third and final protocol here is Fedimint. This is one of the newest layer two projects. This is a project to do a similar thing that liquid does. “How do you not tell everyone?” You also have a multi-sig, the number of people in the multi-sig I believe haven’t launched yet. It’s an open question. I was talking to one of the engineers who’s working on this project. He told me that it’s an “N-f of N multi-sig”, where “f” is the number of peers used. You can be evil, so to speak. You’ve got like bad actors and good actors in these protocols. So, “f” is the number of bad peers and “N” is equal to “(3*bad peers) + 1”. What this ends up being when you do the math is you could have a multi-sig of 3 of 4, a 5 of 7 multi-sig, a 7 of 10 multi-sig, etc.

Again these haven’t shipped yet so this is the blueprint for how you would do a multi-sig for Fedimint. There’s this many people. The general idea is you’re taking bitcoin and you’re locking it to a multi-sig. Once you’ve got your bitcoin locked into this multi-sig, you’ve got a new accounting method to keep track of who owns that bitcoin in that pool. The way that they’ve solved this problem for Fedimint is something called a Chaumian Mint. I’ve created this guy named Chaum and when you lock bitcoin into a Fedimint contract, you need a new way of accounting for that bitcoin. What you do is when you put your bitcoin into it, this guy named Tom is going to issue you a ticket. You’re gonna get a charm or token they call them like e-mint tokens, Chaumian tokens. Basically, it’ll give you a token which gives you the right to get money out of the Fedimint at some point in the future. Now, you’ve got this little ticket object and that becomes your unit of account. Instead of having an output on a blockchain, you have a little ticket that you can go and get money out at some point. This becomes the accounting system for the entire layer two. So how do you get out? Well, you take your token and you go back to Tom and you say “hey, Tom! I’ve got a ticket, I would like to get out, please!” Except it’s not Chaum, it’s the Fedimint, it’s like the federation of that particular token holder so you go and you say “hey Fedimint, federation of 3 of 4 or 5 of 7 or whatever, I would like to get out, I have a token” and they’re like “great, here’s your bitcoin back”. That’s how you get in and out of the system.

Okay. So you have a token, what’s that worth? If we had Bob and Carol originally and Bob had some money and he wanted to pay it to Carol. Now, Bob has a ticket, like a Chaumian Mint token. He wants to give it to his friend Carol. He’s going to give it to the Mint, who’s going to create a new token that he gives to Carol. Then Carol can take his token and go to the Mint and get normal bitcoin back out later at some point. It’s a whole different unit of account and the cool thing is, you can now use these tokens to do a lot of little transactions with a bunch of anonymous people without actually having to make updates to the global state that is Bitcoin. Because you’ve locked them into a multi-sig contract and created a whole new method of accounting that you’re using, using Chaumian Mint. There’s a few trade-offs of this, they’re hard to audit. Maybe that’s a good thing. One of the nice things about them being hard to audit is it’s hard to know who has funds. The anonymity on these is quite good.

That is my very quick update and framework of how I think about layer twos and how I like to compare it and contrast.

A little bit about me: My name is Lisa also known as Nifty. I go by @niftynei on Twitter and the internet and GitHub and any internet platform that you can find. I work at Blockstream on core lightning. Obligatory post about Blockstream does a lot of other stuff other than lightning. It’s really cool. I also do Bitcoin education at this project I started in February, called Base58. To date I’ve had about 50 people come through my online classes learning about how Bitcoin transactions work at a very nuts and bolts protocol layer thing. We just launched the first three weeks of our class on Udemy. If you want to check out the massive multiplayer online course, you can check that out on Udemy. We’ve got a Base58 Bitcoin transactions class. It’s pretty technical.

Watch the original contentClick here
Also read: The future of Bitcoin smart contracts (Simplicity of Liquid)

Disclaimer: Transcripts provided on bitlyrics.co represents solely the opinion of the speaker and is not by any means financial/legal advice or an opinion of the website. The content has been transcribed with maximum accuracy. Repetitions and fill words have been amended in order to enhance the reading experience. The full text may not be confirmed by the speaker. Please, refer back to the above-provided source of content for more certainty. If you are a speaker and wish to confirm/amend your speech please contact us.

Leave a Reply

Check Also