Bitcoin Layer 2s and User Assumptions

Users assume L2 security inherits Bitcoin's finality. In reality, most L2s are federated sidechains or optimistic rollups with their own validator sets.

• Security is not inherited, it's delegated to a new, smaller set of actors.
• Attack surface shifts from 51% hash power to multisig key compromise.
• True Bitcoin-backed security requires complex protocols like BitVM, which are nascent.

Users think their L2 assets are native Bitcoin UTXOs. They're almost always wrapped representations (e.g., wBTC on L2) or tokens in a separate state chain.

• Withdrawal delays of hours to days are common for 'bridging' back.
• Liquidity fragmentation creates slippage and reliance on centralized bridges.
• This re-creates the very custodial and trust issues Bitcoin was designed to solve.

Developers port EVM tooling expecting a seamless experience. Bitcoin's limited scripting forces major architectural compromises.

• No native smart contract execution means complex, slow fraud proofs (BitVM).
• Data availability solutions are clunky, often relying on off-chain committees.
• The ecosystem lacks the standardized rollup stack (OP Stack, Arbitrum Nitro) that enabled Ethereum's L2 explosion.

Most 'L2s' are federated sidechains secured by a 9-of-15 multi-sig. Users implicitly trust a permissioned cartel, not Bitcoin's proof-of-work. This is a regression to the EVM sidechain model of 2017.

• Assumption: Signers are honest and non-colluding.
• Reality: Signer identity is opaque, creating a $2B+ TVL honeypot.
• Consequence: Zero Nakamoto Coefficient; a single regulatory action can freeze funds.

BIP-300/Drivechain proposes a Bitcoin soft fork to enable blind merged mining. Sidechains are secured by the full Bitcoin hashrate, with withdrawals enforced by a decentralized miner vote.

• User Assumption: Miners are economically rational and will vote honestly to preserve fee revenue.
• Sovereignty Gain: No trusted third parties; security is bitcoin-native.
• Trade-off: Requires a contentious soft fork and introduces a ~3-month withdrawal delay as a security parameter.

BitVM uses Bitcoin script to create optimistic rollups without a soft fork. A single honest verifier can challenge and slash a fraudulent operator by publishing a fraud proof on-chain.

• User Assumption: At least one technically capable watcher exists in the system.
• Sovereignty Gain: 1-of-N trust model; security scales with the number of verifiers.
• Trade-off: Complex, computationally intensive fraud proofs; currently theoretical with no mainnet TVL.

L2s like Merlin Chain and BOB rely on wBTC, tBTC, or WBTC as the canonical bridge asset. This imports the security and custodial assumptions of Ethereum or other chains onto Bitcoin.

• Assumption: The Ethereum bridge (e.g., MakerDAO, Threshold Network) is secure and solvent.
• Reality: Adds counterparty risk and depeg risk; a failure on Ethereum cascades to Bitcoin L2.
• Consequence: Sovereignty is outsourced, creating a cross-chain fragility vector.

Protocols like RGB and Taro use client-side validation and single-use-seals. State is stored off-chain, with ownership proven via on-chain commitments. Users validate the entire history of their assets.

• User Assumption: You can store and process your own data (~megabytes).
• Sovereignty Gain: Maximal censorship resistance; no global consensus required.
• Trade-off: Poor UX, requires personal data availability and high technical literacy.

Projects like Citrea and Chainway aim to build ZK-rollups that post validity proofs and data availability to Bitcoin. Security derives from Bitcoin's data availability and the cryptographic soundness of the ZK proof.

• User Assumption: The ZK proof system is correct and the sequencer posts data.
• Sovereignty Gain: Trust-minimized execution with Bitcoin-finalized settlement.
• Trade-off: Early stage; relies on fraud-proof-less models or Ethereum-inspired DA layers.

You cannot assume smart contract composability. Bitcoin's L1 is for value finality, not execution. This forces L2s like Stacks (Clarity VM) and Rootstock (EVM sidechain) to build entirely separate execution environments.\n- Key Consequence: Your protocol's security is now a hybrid of Bitcoin's PoW and the L2's consensus.\n- Key Consequence: Cross-chain messaging to Bitcoin is a major bottleneck, not a simple bridge call.

Forget about global state. Protocols must be designed around proof-of-inclusion and fraud proofs. This is the core innovation of RGB and Lightning. Users validate their own state transitions off-chain.\n- Key Benefit: Enables massive scalability and privacy by moving computation off-chain.\n- Key Benefit: Shifts trust from a centralized operator to cryptographic proofs and Bitcoin's blockchain.

You cannot assume native Bitcoin can be seamlessly used in DeFi. Moving BTC to an L2 requires a trusted bridge or a complex federation, creating a centralization vector (see Multichain collapse). Solutions like Babylon (staking) and BitVM (optimistic rollups) are years from production.\n- Key Consequence: Your TVL is capped by bridge security, not market demand.\n- Key Consequence: Every interaction may require a multi-step, multi-signature process.

Don't fight Bitcoin's UTXO model; build on it. Design protocols where a single UTXO can represent complex, stateful logic. This is the path of Taproot Assets and discrete log contracts.\n- Key Benefit: Native compatibility with Bitcoin's security and wallet ecosystem.\n- Key Benefit: Enables non-custodial, scalable applications without a separate token or chain.

You cannot assume a mempool or block builder market like Ethereum. Bitcoin's block space is a fixed, expensive commodity with limited transaction ordering complexity. MEV manifests as time-bandit attacks and fee sniping on high-value transactions.\n- Key Consequence: Your protocol's economic security must account for different incentive attacks.\n- Key Consequence: Front-running protection requires novel cryptography, not just PBS.

Your primary user is someone who values self-custody and censorship resistance over convenience. Protocols must be verifiable by a light client. Think Fedimint (community custody) and Cashu (ecash mints), not Uniswap.\n- Key Benefit: Aligns with Bitcoin's core ethos, attracting high-conviction capital.\n- Key Benefit: Creates defensible moats against more centralized, faster chains.