Babylonchain / Bitcoin Staking Scripts
Since its inception in 2009, Bitcoin the asset only has two major utilities: storage of value and payment. This is due to BTC protocol's preference of stability over programmability. With limited programmability, most Bitcoin utility protocols require Bitcoin HODLERs to trust a third-party, such as sending their Bitcoin to a custody for bridging. Therefore, such Bitcoin utility protocols have only received limited traction.
Babylon introduces the third major utility for Bitcoin: trustless and self-custodial staking. Babylon Bitcoin staking protocol turns Bitcoin into a stakable and slashable asset for any Proof-of-Stake systems. This allows Bitcoin HODLERs to hold their Bitcoins while earning staking rewards from the PoS systems for the slashable security they provide, in the same way as how native PoS token staking works.
This is a brand new significant protocol, and it is at its very early stage. Its success lies in its protection of the Bitcoin stakers. More specifically, as long as:
-
a Bitcoin staker manages its secret key properly, and
-
the Bitcoin staker or the delegatee of its PoS attestation power (called a finality provider) does not act maliciously, then
no one can steal or slash the staked Bitcoin, and the Bitcoin staker can safely unbond and/or withdraw the stake as per the protocol.
Achieving such protection requires comprehensive security of the Bitcoin staking protocol at both the algorithm and implementation level. To this end, we have open-sourced all our code, and have decided to launch, on 28th May 2024, a public Bitcoin staking testnet that focuses on the Bitcoin stakers' interaction with the Signet Bitcoin chain and the staking web DApp developed by the Babylon team. No PoS chain and staking reward is involved in this testnet.
In this competition, security researchers and engineers are invited to explore this testnet and our codebase to identify vulnerabilities of the Bitcoin staking protocol. Any findings of issues that could jeopardize the Bitcoin stakers will be highly valuable and will be rewarded.
Prize distribution and scoring
Total Prize Pool $150,000
- The prize distribution has 2 possible triggers:
- If one or more valid low/informational severity findings are found, the total pot size is $10,000
- If one or more valid medium severity findings are found, the total pot size is $20,000
- If one or more valid high severity findings are found, the total pot size is $150,000
- Scoring described in the competition scoring page.
- Findings Severities described in detail on our docs page.
- $10,000 of the prize pot is reserved for Low Severity/Informational findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.
- 1st: $5,000
- 2nd: $2,500
- 3rd: $1,250
- 4th: $675
- 5th: $675
Documentation
Below are general purpose documentations around the Bitcoin Staking protocol and the lock-only system operated by the current testnet.
Introductory Reading: Bitcoin Staking 101 Series
Technical Documentation
Staking Operator Architecture
- Staking Operator Architecture Documentation
- Documentation about individual components can be found on the corresponding repositories.
Additional Resources
Scope
| Repository Name | Link | Commit/Tag |
|---|---|---|
| Covenant Signer | Covenant Signer v0.1.1 | a06a6b6d41c651e1a61a30692c00beb1305e3a78 |
| Unbonding Pipeline | CLI Tools v0.1.3 | 98ad1d66e91ca8e477090a44492e1c68532dfeb8 |
| Btcstaking Golang Library | Btcstaking | add420f074751cf53edea5b7a55cca3d34291f5b |
| Staking API Service | Staking API Service v0.1.3 | 219662164c1aabb64782582817bb9d782b7ec793 |
| Staking Indexer | Staking Indexer v0.1.4 | c7a3fbce12732856d66629d3bdc65fcd53246b6d |
| Staking Expiry Checker | Staking Expiry Checker v0.1.0 | 894bb046963ae6bea0008ff3682fd989914fe5ce |
| Simple Staking | Simple Staking | 4ce7e31915f2d1db98bfeb1d85c604c0a1a18449 |
| btc-staking-ts | btc-staking-ts v0.2.0 | 2483c97f6156d507f74ef4dcc814c67c29d44460 |
| staking-queue-client | staking-queue-client | 38c87828544a09d4beee74992b2a936b11d944b5 |
Code Overview
Build Instructions
Covenant Signer
- Description: A service which receives signing requests from the internet, and returns covenant signatures on requested un-bonding transactions.
- Repository: Covenant Signer v0.1.1
- Documentation:
- Build and Run Instructions: Covenant Signer Setup Deployment
Unbonding Pipeline
- Description: A CLI job that consumes unbonding requests registered by the API service, contacts covenant emulation committee members to get their signatures on the unbonding transactions, and combines the received signatures to generate valid witness for the unbonding transactions.
- Repository: CLI Tools v0.1.3
- Documentation:
- Build and Run Instructions: CLI Tools Installation
Btcstaking Golang Library
- Description: A library used in all backend services to build and validate all BTC Babylon related transactions.
- Repository: Btcstaking
- Documentation:
Staking API Service
- Description: An API service responsible for providing information about the state of the staking system and receiving unbonding requests for further processing. The API can be utilized by user-facing applications such as staking dApps and can show real-time statistical data such as the TVL of the system, staking histories, and more.
- Repository: Staking API Service v0.1.3
- Docs: Staking API Service Docs
- Swagger: Staking API Service Swagger
Staking Indexer
- Description: The staking indexer is a tool that extracts BTC staking transactions from the Bitcoin blockchain, ensures that it follows the prerequisites for valid staking transactions, and determines whether the transactions should be active or not. All valid staking transactions are transformed into a structured form, stored in a database, and published as events in a RabbitMQ messaging queue for consumption by consumers. The staking indexer is the enforcer of the Bitcoin Staking protocol and serves as the ground truth for the Bitcoin Staking system.
- Repository: Staking Indexer v0.1.4
- Docs: Staking Indexer Docs
Staking Expiry Checker
- Description: A simple service that checks if a staking transaction's timelock has expired.
- Repository: Staking Expiry Checker v0.1.0
- Docs: Refer to staking-api-service docs
Simple Staking
- Description: A front-end dApp for creating Bitcoin staking transactions. It integrates with a set of extension wallets satisfying its expected interface. It is hosted by Babylon and serves as a reference implementation for entities that want to set up their own staking website.
- Repository: Simple Staking
- Docs on Wallets: Wallet Integration
btc-staking-ts
- Description: A typescript library that contains core methods for creating staking, unbonding, and slashing transactions.
- Repository and Docs: btc-staking-ts v0.2.0
staking-queue-client
- Description: A Go library that defines the event-based messaging schema in the Babylon network. The current solution is based on RabbitMQ.
- Repository and Docs: staking-queue-client v0.2.1
Proof of Concept Instructions
The btc-staking-demo repository contains code and instructions for launching all the components of the testnet system as inter-connected Docker containers orchestrated through a docker-compose. It contains a demo script that creates Bitcoin Staking transactions that get propagated across the system. Additionally, it includes documentation on the inter-connections and the expected behavior.
Conflict of Interest
Any employee, contractor, entity or previous auditor that's currently working or worked with Babylon may not participate in the competition
Contact Us
For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.
Summary
Status
CompletedTotal reward:
$150,000
Findings submitted:
144
Start date:
28 May 2024 8:00pm (local time)
End date:
24 Jun 2024 8:00pm (local time)