Custody Models Used in Bitcoin DeFi

Early DeFi required trusting a centralized custodian to lock your BTC and mint a synthetic asset (e.g., WBTC) on another chain.\n- Single Point of Failure: Custodian risk (e.g., FTX collapse) is systemic.\n- Capital Inefficiency: Locked BTC earns zero yield.\n- Synthetic Exposure: You don't own the underlying asset, just an IOU.

Distributes key management across a federation or uses Multi-Party Computation (MPC) to reduce single-entity risk, as seen in tBTC, Babylon, and Stacks.\n- Enhanced Security: Requires a threshold of signers for transactions.\n- Permissioned Decentralization: Safer than a single custodian, but trust is still placed in a known set of entities.\n- Foundation for Native Yields: Enables staking and restaking of actual BTC.

Bitcoin is secured by its own script, using covenants and Bitcoin L2s like Rootstock, Liquid, and Lightning to enable self-custodied DeFi.\n- Non-Custodial by Design: User retains control via time-locks and multisig scripts.\n- Native Smart Contracts: DeFi logic executes on Bitcoin or a tightly coupled sidechain.\n- Final Frontier: Unlocks trust-minimized lending, DEXs, and yield directly on the Bitcoin monetary base.

Native Bitcoin cannot be natively programmed. DeFi requires smart contract logic for lending, trading, and yield. Wrapped assets (WBTC) solved this but introduced a massive centralized custodian risk and regulatory attack surface.

• $10B+ TVL reliant on trusted minters/custodians.
• Counterparty Risk: Users must trust entities like BitGo.
• Capital Inefficiency: Locked BTC earns no yield.

Protocols like Threshold Network (tBTC) and Babylon use decentralized, permissionless signer sets to custody Bitcoin. This replaces a single company with a cryptoeconomic security model.

• Non-Custodial: Users retain ownership via cryptographic proofs.
• Overcollateralized: Signers stake ETH or other assets, slashed for malfeasance.
• Permissionless Minting: Anyone can mint/redeem without KYC.

Sidechains and L2s like Rootstock (RSK) and Stacks bring smart contracts to Bitcoin via merged mining or a separate blockchain. BTC is cryptographically locked on L1 and represented on L2.

• Non-Custodial Bridges: Users control keys via SPV proofs or Clarity smart contracts.
• Yield Generation: Locked BTC can be used in L2 DeFi (e.g., Sovryn, ALEX).
• Bitcoin Finality: Security is anchored to Bitcoin's hashrate.

Protocols like Sovryn and emerging BitVM-inspired designs use Musig2 and adaptor signatures to enable complex, conditional logic without moving BTC from a user's wallet.

• Self-Custody First: Assets never leave user's UTXO.
• Atomic Swaps & DEXs: Enables trustless, on-chain trading (e.g., LNSwap).
• Minimal Trust: Eliminates bridge and federator risk entirely.

Bitcoin's UTXO model and lack of native smart contracts force all DeFi logic off-chain. This creates a custodial bottleneck where users must trust a third party to hold their keys and execute logic. Every solution is a workaround for this core limitation.

• Trust Assumption: Shifts from code to counterparty.
• Composability Barrier: Isolated liquidity and state.
• Security Surface: Expands beyond Bitcoin's battle-tested base layer.

Delegate custody to a known, permissioned set of entities (federation) that manage a sidechain or L2. This is the incumbent model for speed and functionality.

• Trade-off: Security for ~1-2s finality and Turing-complete smart contracts.
• Risk Profile: Byzantine Fault Tolerant; trust in federation honesty.
• Use Case: High-throughput DeFi (ALEX, Sovryn) where users accept federated trust.

Use cryptographic schemes like Schnorr signatures and Multi-Party Computation (MPC) to create a distributed custodian. The signing key is never assembled in one place.

• Trade-off: Enhanced security over federations with similar latency.
• Key Innovation: Enables non-custodial staking of Bitcoin (Babylon) and asset issuance.
• Limitation: Still requires a committee, but compromise threshold is cryptographically enforced.

Push all contract logic to the user's client. Bitcoin settles; everything else happens off-chain via pre-signed transactions (like Lightning). Ordinals/Inscriptions piggyback on this paradigm.

• Trade-off: Maximum self-custody for complex user experience and state management.
• Purest Form: DLCs for derivatives; user holds keys, oracle provides outcome.
• Future: Drives Bitcoin L2s like Ark and state channels that prioritize sovereignty.

The liquidity gateway. Custody is centralized (WBTC) or decentralized via overcollateralized staking (tBTC). Bitcoin is locked on L1, a representation is minted on Ethereum or another chain.

• Trade-off: Sacrifice Bitcoin-native security for Ethereum's DeFi composability.
• Dominant Model: ~$10B+ in bridged value, proving demand for cross-chain utility.
• Vulnerability: Bridge becomes the single point of failure (see Wormhole, Nomad).

Architect your choice based on the Security <> Functionality <> Sovereignty trilemma. Federations and MPC offer features now. Client-side validation is the endgame but isn't ready. Wrapped assets are for liquidity, not innovation.

• For Yield: Use federated L2s or stake via MPC (Babylon).
• For Sovereignty: Build with DLCs or client-validated L2s.
• For Liquidity: Bridge to Ethereum DeFi and accept the custodial layer.