Since its inception in 2009, Bitcoin the asset only has two major utilities: storage of value and payment. This is due to BTC protocol's preference of stability over programmability. With limited programmability, most Bitcoin utility protocols require Bitcoin HODLERs to trust a third-party, such as sending their Bitcoin to a custody for bridging. Therefore, such Bitcoin utility protocols have only received limited traction.

Babylon introduces the third major utility for Bitcoin: trustless and self-custodial staking. Babylon Bitcoin staking protocol turns Bitcoin into a stakable and slashable asset for any Proof-of-Stake systems. This allows Bitcoin HODLERs to hold their Bitcoins while earning staking rewards from the PoS systems for the slashable security they provide, in the same way as how native PoS token staking works.

This is a brand new significant protocol, and it is at its very early stage. Its success lies in its protection of the Bitcoin stakers. More specifically, as long as:

1. a Bitcoin staker manages its secret key properly, and

2. the Bitcoin staker or the delegatee of its PoS attestation power (called a finality provider) does not act maliciously, then

no one can steal or slash the staked Bitcoin, and the Bitcoin staker can safely unbond and/or withdraw the stake as per the protocol.

Achieving such protection requires comprehensive security of the Bitcoin staking protocol at both the algorithm and implementation level. To this end, we have open-sourced all our code, and have decided to launch, on 28th May 2024, a public Bitcoin staking testnet that focuses on the Bitcoin stakers' interaction with the Signet Bitcoin chain and the staking web DApp developed by the Babylon team. No PoS chain and staking reward is involved in this testnet.

In this competition, security researchers and engineers are invited to explore this testnet and our codebase to identify vulnerabilities of the Bitcoin staking protocol. Any findings of issues that could jeopardize the Bitcoin stakers will be highly valuable and will be rewarded.

Prize distribution and scoring

Total Prize Pool $150,000

• The prize distribution has 2 possible triggers:
  • If one or more valid low/informational severity findings are found, the total pot size is $10,000
  • If one or more valid medium severity findings are found, the total pot size is $20,000
  • If one or more valid high severity findings are found, the total pot size is $150,000
• Scoring described in the competition scoring page.
• Findings Severities described in detail on our docs page.
• $10,000 of the prize pot is reserved for Low Severity/Informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.
  • 1st: $5,000
  • 2nd: $2,500
  • 3rd: $1,250
  • 4th: $675
  • 5th: $675

Documentation

Below are general purpose documentations around the Bitcoin Staking protocol and the lock-only system operated by the current testnet.

• Bitcoin Staking Protocol and Litepaper

Introductory Reading: Bitcoin Staking 101 Series

• What is Bitcoin Staking
• Technical Preliminaries of Bitcoin Staking
• Babylon's Bitcoin Staking Contract

Technical Documentation

• Bitcoin Staking Scripts
• Creating Bitcoin Staking Transactions

Staking Operator Architecture

• Staking Operator Architecture Documentation
  • Documentation about individual components can be found on the corresponding repositories.

Additional Resources

• Staking Parameters Registry
• Finality Providers Information Registry

Scope

Repository Name	Link	Commit/Tag
Covenant Signer	Covenant Signer v0.1.1	a06a6b6d41c651e1a61a30692c00beb1305e3a78
Unbonding Pipeline	CLI Tools v0.1.3	98ad1d66e91ca8e477090a44492e1c68532dfeb8
Btcstaking Golang Library	Btcstaking	add420f074751cf53edea5b7a55cca3d34291f5b
Staking API Service	Staking API Service v0.1.3	219662164c1aabb64782582817bb9d782b7ec793
Staking Indexer	Staking Indexer v0.1.4	c7a3fbce12732856d66629d3bdc65fcd53246b6d
Staking Expiry Checker	Staking Expiry Checker v0.1.0	894bb046963ae6bea0008ff3682fd989914fe5ce
Simple Staking	Simple Staking	4ce7e31915f2d1db98bfeb1d85c604c0a1a18449
btc-staking-ts	btc-staking-ts v0.2.0	2483c97f6156d507f74ef4dcc814c67c29d44460
staking-queue-client	staking-queue-client	38c87828544a09d4beee74992b2a936b11d944b5

Code Overview

Recording TBD

Transcript TBD

Build Instructions

Covenant Signer

• Description: A service which receives signing requests from the internet, and returns covenant signatures on requested un-bonding transactions.
• Repository: Covenant Signer v0.1.1
• Documentation:
  • Covenant Signer Docs
  • Covenant Signer README
• Build and Run Instructions: Covenant Signer Setup Deployment

Unbonding Pipeline

• Description: A CLI job that consumes unbonding requests registered by the API service, contacts covenant emulation committee members to get their signatures on the unbonding transactions, and combines the received signatures to generate valid witness for the unbonding transactions.
• Repository: CLI Tools v0.1.3
• Documentation:
  • CLI Tools Commands
  • CLI Tools README
• Build and Run Instructions: CLI Tools Installation

Btcstaking Golang Library

• Description: A library used in all backend services to build and validate all BTC Babylon related transactions.
• Repository: Btcstaking
• Documentation:
  • Staking Script
  • Transaction Implementation Specification

Staking API Service

• Description: An API service responsible for providing information about the state of the staking system and receiving unbonding requests for further processing. The API can be utilized by user-facing applications such as staking dApps and can show real-time statistical data such as the TVL of the system, staking histories, and more.
• Repository: Staking API Service v0.1.3
• Docs: Staking API Service Docs
• Swagger: Staking API Service Swagger

Staking Indexer

• Description: The staking indexer is a tool that extracts BTC staking transactions from the Bitcoin blockchain, ensures that it follows the prerequisites for valid staking transactions, and determines whether the transactions should be active or not. All valid staking transactions are transformed into a structured form, stored in a database, and published as events in a RabbitMQ messaging queue for consumption by consumers. The staking indexer is the enforcer of the Bitcoin Staking protocol and serves as the ground truth for the Bitcoin Staking system.
• Repository: Staking Indexer v0.1.4
• Docs: Staking Indexer Docs

Staking Expiry Checker

• Description: A simple service that checks if a staking transaction's timelock has expired.
• Repository: Staking Expiry Checker v0.1.0
• Docs: Refer to staking-api-service docs

Simple Staking

• Description: A front-end dApp for creating Bitcoin staking transactions. It integrates with a set of extension wallets satisfying its expected interface. It is hosted by Babylon and serves as a reference implementation for entities that want to set up their own staking website.
• Repository: Simple Staking
• Docs on Wallets: Wallet Integration

btc-staking-ts

• Description: A typescript library that contains core methods for creating staking, unbonding, and slashing transactions.
• Repository and Docs: btc-staking-ts v0.2.0

staking-queue-client

• Description: A Go library that defines the event-based messaging schema in the Babylon network. The current solution is based on RabbitMQ.
• Repository and Docs: staking-queue-client v0.2.1

Proof of Concept Instructions

The btc-staking-demo repository contains code and instructions for launching all the components of the testnet system as inter-connected Docker containers orchestrated through a docker-compose. It contains a demo script that creates Bitcoin Staking transactions that get propagated across the system. Additionally, it includes documentation on the inter-connections and the expected behavior.

Conflict of Interest

Any employee, contractor, entity or previous auditor that's currently working or worked with Babylon may not participate in the competition

Contact Us

For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.