Some thoughts on proof systems for bridges on other chains
By janusz
This is a very random post, but worth covering as a large number of BTC is currently being deployed on Ethereum rollups & L2s. We have done some reviews on Ethereum L2s where we mention the proving system giving users finality guarantees and I’m not sure if that’s correct.
As mentioned in my post on rollups, the state root is computed by rollup full nodes. Proposers and/or provers then take this state root and post it to the Layer 1 to finalize the bridge contract. Validity bridges finalize upon receiving the state root. Optimistic bridges take 7~ days to finalize assuming a fault proof is not submitted.
In short, the proof system is used to secure the bridge. It’s not necessarily used to finalize the rollup.
This is confusing because people claim that having a socially enshrined bridge contract makes the corresponding L1 a “settlement layer”. In my opinion, this is incorrect framing - especially from the lens of a BTC user on an Ethereum L2. For example, tBTC uses a custom bridge program to Arbitrum. It is not really secured by the fraud proof system deployed on Arbitrum. If the Arbitrum bridge contract was drained, then tBTC users would be unaffected. If the sequencer quit building blocks, they could simply post their own block to Ethereum signalling that they want to withdraw from the custom bridge back to L1.
Even if a BTC-backed asset is locked in a canonical bridge contract, its security is ultimately from the asset issuer. If wBTC locked in a bridge contract, but the custodian rugs everyone, then the security of the bridge ultimately doesn’t matter.
You could argue that users who don’t run their own L2 full node view finality through the lens of a state root/proof being posted to the Ethereum L1. E.g. If social consensus says the L2 is final when the bridge says its final, most BTC users will follow social consensus.
I totally get it. But through this lens, finality is ultimately dependent on provers/proposers updating the state of the L1 bridge contract and other light clients. If the system is permissioned, risk of censorship or liveness failures are present.
This is still an open question for us, but we will probably give L2s, who socially identity with another base layer, a custom score for finality guarantees. Our framework is intentionally vague for these edge cases. We’ll continue to refine it as we continue to research these nuances.
It is my opinion that rollups are sovereign networks and viewing them through the lens of a bridge contract is 1) a social definition and 2) subjective to which bridge users leverage.
I believe this is also the case for bitcoin rollups. But that’s a post for another day.
