In-depth analysis of Merlin Chain: How to build a secure defense line of 3 billion TVL

Merlin Chain is a ZK Rollup Bitcoin second-layer network launched by the development team of the well-known BRC-420 blue box and Bitmap that supports multiple types of native Bitcoin assets and is compatible with EVM. From a market perspective, BRC-420 and Bitmap had excellent data performance in the early stage.

BRC-420 is a new protocol in the Bitcoin ecosystem, and Blue Box is its asset. The two benchmark against the BRC-20 protocol and ORDI inscription respectively. The total number of blue boxes is 10,000, the floor price is 0.6 BTC, the total transaction volume is close to 480 BTC, and the current floor market value is 400M. The Bitmap benchmark is the Metaverse version of the Ordinals protocol, which is produced with the block production of BTC. Currently, 144 new blocks of Bitmap are added every day. The trading volume in Magic Eden is about 600 BTC, which is 40M, the floor price is 0.0037558 BTC, the total volume is 833.2K, and the floor market value is about 200M.

The success of BRC-420, Blue Box and Bitmap has built a good community consensus for Merlin Chain. In early February this year, Merlin's Seal, which focuses on Fair Launch and Community First, was launched. In less than a month, TVL quickly exceeded 3 billion U.S. dollars. The cooperating projects include MPC wallet service provider Cobo, pledge service provider Meson and Stakestone, Layer2 ZKFair, as well as the veteran Bitcoin data service platform GeniiData, multi-chain DeFi data comprehensive platform Defillama, etc. Among the 3 billion TVL, Bitcoin accounts for more than 50%. ETH and stablecoin assets each have about 100 million US dollars. Other high-quality assets in the Bitcoin ecosystem, in addition to BRC420 and Bitmap, ORDI and SATS also have good pledge amounts.

Congratulations to Merlin's Seal, but we also need to understand Merlin's Seal is not directly equated with Merlin Chain. For example, the TVL data assets currently supporting Merlin's Seal's brilliance are not directly related to Merlin Chain. In addition, since L2Beat does not include Merlin Chain, we manually checked and totaled the BTC asset balance of Merlin Chain. The TVL corresponding to L2Beat's statistical caliber is about 500+BTC, which is about 32.5M.

Next, we will start with Merlin’s Account structure, asset types, security and other technical solutions and ecological development are used to analyze the prospects of the project.

 Chain-Agnostic’s account abstraction 

Bitcoin's mainstream wallet address formats are Legacy-P2PKH, Nested SegWit-P2SH-P2WPKH, Nested SegWit-P2WPKH and Taproot-P2TR. They are public keys calculated according to the Elliptic Curve Algorithm (ECDSA) for the same private key. key, and then process the format according to different encoding rules. In addition, Bitcoin's mnemonic is the product of HD wallet (Hierarchical Deterministic Wallet). The same mnemonic can derive multiple private keys, thereby controlling multiple public key addresses and addresses in corresponding formats. For Ethereum, its wallet, public key and private key system are similar to Bitcoin. The difference is that Ethereum chooses a different encoding hash function (Keccak-256). Due to the need to ensure and implement EVM compatibility, in terms of public and private key address design, it is easiest for Merlin Chain to follow Ethereum’s existing solution. In this way, for users accustomed to the EVM ecosystem, the entry barrier is almost zero. But the challenge that arises is how to correlate Bitcoin’s public and private key address mappings.

To this end, we found the answer in the official document: Particle Network’s BTC Connect. Here, the EOA address of the EVM can be calculated using the Bitcoin public key, and then the EOA is used to control the smart contract account to interact on the chain (for details, please refer to the architecture diagram of BTC Connect). I have to say that it is very courageous and forward-looking to not directly use the EOA address calculated by the Bitcoin public key as the account, but to subsequently add a smart account (Smart Account) that implements the ERC-4337 protocol. The advantage is of course that the signature abstraction, Paymaster, Bundler and future Social Login functions involved in ERC-4337 can be quickly upgraded and iterated. The disadvantage is that the most critical infrastructure facilities (wallets and blockchain browsers) need to be re-optimized. Adaptation, and ecological dApps project parties must also coordinate and transform simultaneously. For users, there will be a high learning cost in terms of conceptual understanding, and at the same time, they need to slightly adjust some past usage habits.

The following are some records of the experience of using OKX Wallet (BTC)

1. By default, P2TR is used to calculate the EVM's EOA address (account abstract address), When interacting, BTC wallet authorization is used to control the abstract address;

2. When MerlinSwap initiates a transaction, it is directly called in the form of OKX Wallet (BTC) signature. The Gas fee cannot be viewed and edited temporarily, and the transaction content cannot be confirmed immediately;

3. The block browser can see that Smart Account is the transaction initiator. Instead of our EOA address, the corresponding function function called is handleOps, and the parameters inside encapsulate the real interactive function function;

4. Since OKX Wallet is a A wallet with built-in multi-chain support. Although we only use the BTC wallet, OKX Wallet will also calculate the associated EVM address behind the scenes, which is different from the EOA address generated by Merlin Chain. Therefore, it is easy to think that the BTC bridge asset has not arrived. (Merlin_BTC);

 In and out of Bitcoin native assets 

Whether it is Layer 2, isomorphic public chain or heterogeneous public chain, as long as it involves the entry and exit of native assets, the core issue can never be bypassed: security. Let's look for some damn memories that can never be bypassed.

On August 10, 2021, the cross-chain protocol Poly Network was hacked and more than $600 million was stolen. Fortunately, the hacker finally chose to return the funds for some reasons;

On February 2, 2022, the cross-chain protocol Wormhold was hacked, about 12 Tens of thousands of wETH were lost until February 25, 2023, when Jump Crypto teamed up with MakerDAO’s Oasis to launch a reverse attack and recover the stolen funds from the hacker’s Vault;

On March 29, 2022, the multi-signature verifier system of the game side chain Ronin’s fund management was broken, resulting in a loss of over 600 million US dollars;

22 years On June 24, the Horizon multi-signature system of Harmony’s official bridge, which focuses on sharding features, was breached, resulting in a loss of approximately US$100 million;

? August 22 On the 2nd, the cross-chain bridge Nomad suffered a money-grabbing attack and lost approximately US$150 million;

In the year of 2022, it turns out that there is not only the collapse of LUNA, but also the collapse of 3AC The bankruptcy and FTX thunder were accompanied by multiple on-chain hacker attacks. We often say that if the entire ecosystem receives hundreds of millions of funds, then huge funds are often accompanied by a prosperous ecosystem, and at the same time, it also means the Sword of Damocles hidden in the dark forest.

Understanding how the Merlin Chain official bridge realizes the entry and exit paths of native assets will help us further analyze the security of assets. Currently, Merlin Chain only supports BTC assets and does not currently support emerging assets such as BRC-20, EVM series tokens and NFTs. The unified receiving address of Merlin Chain in the Bitcoin network is bc1qgxdqf7837dxe8xkhvctgc499kwh5xw7ap3uwhs. UTXOs bridged by users are transferred to this P2WPKH address, which is a UTXO controlled by a single signature address. That is, there is no direct multi-signature mechanism behind it. Referring to Merlin’s Seal’s BTC processing, we speculate that the Cobo MPC co-management solution is probably used.

Going back to the bridging asset module of Merlin Chain, the BTCLayer2Bridge contract is responsible for handling the casting and destruction of assets. The minting logic function is unlockNativeToken, which inputs the anti-double-spending txHash, payment address and amount. After authentication and verification of double-spending, the bridging assets can be minted. We have not fully experienced the process of destroying bridge assets. The destruction function lockNativeToken can be found from the BTCLayer2Bridge contract. Its internal logic is to process bridge fees, but we have not yet found the specific code for the bridge asset transfer into the black hole.

In addition, BTCLayer2Bridge already contains ERC20 and ERC721 minting and destruction codes, so Merlin Chain may soon support bridging of ETH and EVM series assets.

The data display on the Merlin Chain official bridge transfer page is very considerate. Users can clearly find the required address and TxId, and the associated blockchain browser Accurate information is also provided. The only downside is that the block explorer may be DDoSed and keeps indexing data.

After experiencing the official Merlin Chain bridge, I also tried to use Meson's Bridge. When crossing BTCB from BNB Chain to Merlin Chain, the entire transaction process is also very smooth, and the cost is much cheaper than the official bridge. Meson's fee is 0.0009BTC (about 5-7U), and the official bridge is a fixed 0.0003BTC plus dynamic fees, which is about 20U or more. It is worth noting that Meson bridge assets use their own smart contracts deployed on Merlin Chain. After initiating a directRelease transaction and uploading the assets to the chain, the assets can only be viewed on the Meson official platform, and it will take a certain period of time before they can be confirmed on MerlinSwap and other places.

 Inherit the security of Bitcoin 

Merlin Chain is a zkEVM developed by the Lumoz team based on the Polygon CDK framework Layer2. The official website summarizes that the sequencer sends the second-layer transaction data to the Bitcoin network through a decentralized oracle. We can learn about the specific solution by consulting the documentation of Polygon CDK and Lumoz. In the Polygon CDK architecture, there are two architecture types: Rollup and Validium, and Merlin Chain uses CDK Validium. CDK Validium is described on the Polygon side as a combination of Polygon zkEVM + DAC. This solution is a multi-signature proof of validity on the Ethereum chain.

For this reason, it is consistent with Bitcoin’s Taproot supporting multi-signature form. In other words, Merlin Chain’s decentralized oracle actually acts as a DAC. Role. The Merlin Chain sequencer is responsible for collecting and packaging user transactions, and passing them to the ZKP-proven aggregator and Prover for processing after verification (this part is taken care of by Lumoz’s ZK-POW function). The second-layer transaction data is packaged with hashes and signatures and sent to the Bitcoin network through a decentralized oracle.

We believe that such a solution will take into account both the Bitcoin community and the Ethereum community. It can not only maintain the compatibility of EVM and quickly establish an ecosystem, but also quickly maximize the security of Bitcoin. In terms of some technical details, such as the adaptation of the EVM account model and the Bitcoin UTXO model, as well as the decentralization route of the sequencer, there is not much public information yet. We also look forward to the official update of the document in the future. Will do further research when more information becomes available.

 A clear stream of ecology 

Maybe This is because Merlin Chain needs to be compatible with Bitcoin and EVM-based abstract accounts, or perhaps because of the characteristics of Bitcoin as a native Gas. Compared with some pure EVM Layer2, the ecological development of Merlin Chain faces many more challenges and difficulties. .

Up to now, Merlin Chain’s ecological overview in DefiLlama only has one mainstream dApp, MerlinSwap, which has contributed almost all of the TVL, reaching 14M. Lending and derivatives platforms, as well as dApps such as NFT Marketplace, are currently undiscovered. However, we found through official social media and various AMAs that we have actually cooperated with far more than one ecological project, including wallets, infrastructure, DeFi, etc.

Excluding some products and platforms that we are familiar with, we tend to focus on projects with Bitcoin-specific innovative mechanisms and native community atmosphere, such as bitSmiley. From the analysis of the protocol mechanism alone, bitSmiley can be simply understood as a combination of the stable currency MakerDAO and the lending protocol Compound. However, in terms of implementation, in order to be compatible with the BRC-20 protocol and overcome the limitation of Bitcoin block confirmation time, bitSmiley proposed a set of extensions version of bitRC-20 and designed different liquidation insurance mechanisms (bitInsurance and CDP, please see the white paper and other information for details). As a key ecological product that releases Bitcoin liquidity, bitSmiley is worth looking forward to. Previously, bitSmiley released the ecological OG Pass black card in the form of whitelist and public Free Mint. Users holding the black card enjoy the priority experience of bitSmiley products and protocols, as well as future points bonus rights. In the future, we will also make further sharing based on the progress of bitSmiley.

In order to avoid stepping on the trap of security, when we experience public chain or Layer 2 ecological projects, we usually check whether the project has been audited and endorsed by a security company, or has a cooperative reward on a bug bounty platform. Although it is not a dead end, Merlin Chain has obviously put a lot of thought into the considerations of ecological stability and user asset security. It recently established a joint venture with a number of well-known security companies (SlowMist, BlockSec, Salus, Secure3, ScaleBit). Merlin Security Council, in our opinion, is to protect the subsequent ecological development and construction in advance.

Based on the above research, we should all pay more attention to Merlin Chain, not to mention that the TVL attracted by Merlin's Seal alone is enough to show the future potential of Merlin Chain, and its TVL will at least reach billions. So, after carefully understanding the account system, asset bridging and security of Merlin Chain, for us, experiencing the ecology as much as possible is not the best journey to go with the ecology?