深度剖析Merlin Chain:如何筑牢30亿TVL的安全防线
Merlin Chain是由知名的BRC-420蓝盒子及Bitmap的开发团队推出的支持多类原生比特币资产、兼容EVM的ZK Rollup比特币二层网络。从市场来看,BRC-420和Bitmap前期拥有优质的数据表现。
BRC-420是比特币生态上的新型协议,蓝盒子是其上资产,两者分别对标BRC-20协议和ORDI铭文。蓝盒子总量10000个,地板价0.6BTC,总交易量接近480个BTC,目前地板市值是400M。Bitmap对标是元宇宙版的Ordinals协议,随BTC的区块产出而产出,目前每天新增144个新块的Bitmap。在Magic Eden交易量约600个BTC,即40M,地板价0.0037558BTC,总量是833.2K个,地板市值200M左右。
BRC-420、蓝盒子及Bitmap的成功,已然为Merlin Chain凝聚不错的社区共识。今年二月初,主打Fair Launch和Community First的Merlin’s Seal推出至今,在短短的不到一个月时间,TVL迅速突破30亿美金,联手合作的项目方有MPC钱包服务商Cobo、质押服务商Meson和Stakestone,Layer2 ZKFair以及比特币老牌数据服务平台GeniiData,多链DeFi数据综合平台Defillama等。在30亿TVL中,比特币占比高达50%以上,ETH和稳定币资产各有1亿美金左右,其他比特币生态优质资产,除BRC420和Bitmap外,ORDI和SATS也有不错的质押量。
恭喜Merlin's Seal成绩之余,我们也要明白Merlin's Seal并不与Merlin Chain直接画等号,例如当下支撑Merlin's Seal耀眼的TVL数据资产并未直接和Merlin Chain产生关联。另外,由于L2Beat未收录Merlin Chain,我们手动查看和加总Merlin Chain的BTC资产余额,对应L2Beat统计口径的TVL大约是500+BTC,即32.5M左右。
接下来,我们将从Merlin的账户结构,资产类型,安全性等技术方案和生态发展去解析该项目的前景。
Chain-Agnostic的账户抽象
比特币的主流钱包地址格式分别有Legacy-P2PKH、Nested SegWit-P2SH-P2WPKH、Nested SegWit-P2WPKH和Taproot-P2TR,它们是同一个私钥按照椭圆曲线算法(ECDSA)计算的公钥,再依据不同编码规则处理的格式。另外,比特币的助记词是HD钱包的产物(Hierarchical Deterministic Wallet),同一个助记词可以衍生多个私钥,进而控制多个公钥地址和对应格式的地址。对于以太坊而言,其钱包、公钥和私钥体系与比特币类似,不同的地方在于以太坊选择了不一样的编码哈希函数(Keccak-256)。由于要保证和实现EVM兼容性,在公私钥地址设计方面,Merlin Chain沿用以太坊现有方案是最轻便的,这样对于习惯EVM生态的用户而言,进入门槛几乎等于零。但为之而来的挑战是如何将比特币的公私钥地址映射关联进来。
为此,我们在官方的文档里面找到了答案:Particle Network的BTC Connect。这里,通过比特币的公钥可以计算EVM的EOA地址,再用EOA控制智能合约账户进行链上的交互(详细请参考BTC Connect的架构图)。不得不说,没有直接采用比特币公钥计算的EOA地址作为账户,而是在后续增加了实现ERC-4337协议的智能账户(Smart Account),是非常有勇气和前瞻性的。好处当然是ERC-4337涉及的签名抽象、Paymaster、Bundler以及未来的Social Login功能都可以做到快速升级迭代,坏处则是最关键的基础配套设施(钱包和区块链浏览器)都需要重新优化适配,并且生态的dApps项目方也要同步进行配合改造。对于用户而言,在概念理解方面会有蛮高的学习成本,同时,要稍微调整过往一些使用习惯。
下面是使用OKX Wallet(BTC)体验的一些记录
1、默认使用的是P2TR计算EVM的EOA地址(账户抽象地址),交互时候是用BTC钱包授权控制抽象地址;
2、在MerlinSwap发起交易时,是直接以OKX Wallet(BTC)签名形式调用的,此处暂时无法查看和编辑Gas费,交易的内容无法即时确认;
3、区块浏览器可以查看到Smart Account是作为交易发起者,而非我们的EOA地址,对应调用的函数功能是handleOps,里面的参数封装了真实交互的函数功能;
4、由于OKX Wallet是一款内置多链支持的钱包,尽管我们只使用BTC钱包,但是OKX Wallet也会在背后计算关联的EVM地址,此处与Merlin Chain生成的EOA地址不同,因此,很容易以为BTC桥接资产没有到账(Merlin_BTC);
比特币原生资产的进出
不管是Layer2、同构公链或异构公链,只要涉及到原生资产的进出,永远绕不过去最核心的问题:安全性。让我们一块寻找一些圈内永远绕不过去的该死记忆。
?21年8月10日,跨链协议Poly Network被黑客攻击,超过6亿美金被盗。幸运地是,黑客最后因某些原因选择了归还资金;
?22 年2月2日,跨链协议Wormhold被黑客攻击,大约12万枚wETH损失,直至23年2月25日,Jump Crypto联手MakerDAO的Oasis反向发起攻击,从黑客的Vault追回被盗资金;
?22年3月29日,游戏侧链Ronin管理资金的多签验证者体系被攻破,损失超6亿美金;
?22年6月24日,主打分片特性的公链Harmony官方桥Horizon多签体系被攻破,损失约1亿美金;
?22年8月2日,跨链桥Nomad遭遇抢钱攻击,损失约1.5亿美金;
唏嘘不已的2022年,原来不仅有LUNA的崩盘、3AC的破产和FTX的暴雷,更伴随着多起的链上黑客攻击事件。我们常说,如果整个生态承接了亿级别的资金,那么庞大的资金往往伴随着繁荣的生态,同时,也意味着潜藏在黑暗森林中的达摩克利斯之剑。
了解Merlin Chain官方桥是如何实现原生资产的进出路径,有助于我们对资产的安全性做进一步分析。目前,Merlin Chain仅支持BTC资产,暂时不支持BRC-20等新兴资产、EVM系列代币和NFT。Merlin Chain在比特币网络的统一接收地址是bc1qgxdqf7837dxe8xkhvctgc499kwh5xw7ap3uwhs,用户桥接过去的UTXO都是转给这个P2WPKH地址,即单签地址控制的UTXO,也就是背后并没有直接设置多签机制。参考Merlin‘s Seal的BTC处理,我们推测采用的大概也是Cobo MPC协管方案。
回到Merlin Chain的桥接资产模块,负责处理资产的铸造和销毁都是由BTCLayer2Bridge合约负责。铸币逻辑函数是unlockNativeToken,传入防双花的txHash、收款地址和金额,经过鉴权和验证双花与否后即可实现桥接资产的铸造。销毁桥接资产的过程我们尚未完整体验,从BTCLayer2Bridge合约可以发现销毁函数lockNativeToken,其内部逻辑是处理桥接费用,但具体的桥接资产转账打入黑洞的代码我们还未找到。
此外,BTCLayer2Bridge已经包含有ERC20和ERC721铸造销毁代码,因此,Merlin Chain可能很快就会支持ETH及EVM系列资产的桥接。
Merlin Chain官方桥转入页面的数据展示非常贴心,用户可以清晰地找到所需的地址和TxId,并且关联的区块链浏览器也提供了准确的信息。唯一不好的地方是区块浏览器可能被DDoS,一直在索引数据。
体验完Merlin Chain官方桥以后,连带试着使用Meson的Bridge。从BNB Chain将BTCB跨入Merlin Chain,整个交易流程也是很流畅,并且费用比官方桥要便宜很多。Meson的Fee是0.0009BTC(约5-7U),官方桥是固定的0.0003BTC加上动态费用,大概是20U以上。值得注意的是,Meson桥接资产使用的自身在Merlin Chain部署的智能合约,发起directRelease交易上链以后,资产仅能在Meson官方平台查看到资产,需要等待一定的时间才能在MerlinSwap等地方确认。
继承比特币的安全性
Merlin Chain是由Lumoz团队基于Polygon CDK框架开发的zkEVM Layer2。官网概括为定序器通过去中心化的预言机,将二层交易数据发送到比特币网络。具体方案,我们通过查阅Polygon CDK和Lumoz的文档资料了解。在Polygon CDK架构中,有Rollup和Validium两种架构类型,而Merlin Chain采用的是CDK Validium。CDK Validium在Polygon这边被描述为Polygon zkEVM + DAC的结合。该方案是以太坊链上多签形式做有效性证明的。
为此,正好与比特币的Taproot支持多签形式一致,也就是说,Merlin Chain的去中心化预言机实际上扮演了DAC的角色。Merlin Chain定序器负责收集和打包用户交易,并将其验证后交由ZKP证明的聚合器和Prover处理(该部分由Lumoz的ZK-POW功能负责)。通过去中心化的预言机将二层交易数据打包哈希和签名一同发送到比特币网络。
我们认为这样的方案对于比特币社区和以太坊社区都有所兼顾,既可以保持EVM的兼容性迅速建立生态,也可以快速地最大化继承比特币的安全性。在一些技术细节方面,例如EVM的账户模型和比特币UTXO模型的适配,以及定序器的去中心化路线等,暂时还未有过多公开资料,我们也期待官方在未来更新文档后会有更多信息,到时候再做进一步研究。
清流般的生态
也许是因为Merlin Chain需要兼容比特币和EVM系的抽象账户,也或许是因为比特币作为原生Gas的特性,Merlin Chain的生态发展相比于一些纯粹的EVM Layer2,面临的挑战和困难要多得多。
截至目前,Merlin Chain在DefiLlama的生态概览仅有MerlinSwap这一个主流dApp,且几乎贡献了全部TVL,达到14M。当前尚未发现借贷和衍生品平台,以及NFT Marketplace等dApps。然而,我们通过官方社媒和各类AMA发现,实际已经合作的生态项目远远不止一个,从钱包、基建、DeFi等都有所包含。
除去一些我们耳熟能详的产品和平台,我们倾向于将关注点放在具有比特币专属创新机制和原生社区氛围的项目,例如bitSmiley。单从协议机制分析,bitSmiley可以简单理解为稳定币MakerDAO和借贷协议Compound的结合体,但在实现方面,为了兼容BRC-20协议和克服比特币区块确认时长的限制,bitSmiley提出了一套扩展版的bitRC-20以及设计了不一样的清算保险机制(bitInsurance和CDP,详见白皮书等资料)。作为释放比特币流动性的关键生态产品,bitSmiley是值得我们期待的。此前,bitSmiley以白名单和公开Free Mint形式发售了生态的OG Pass黑卡,持有黑卡的用户享有bitSmiley产品和协议的优先体验权以及未来的积分加成权益等。后续,我们也会根据bitSmiley的进展做进一步分享。
为了避免在安全方面踩雷,我们在体验公链或者Layer2的生态项目时,通常会查看项目是否有经过安全公司的审计和背书,或者是在Bug赏金平台的合作悬赏。虽然不至于唇寒齿亡,但对于生态稳定和用户资产安全的考虑,Merlin Chain明显做了不少的思考,其最近联合多家知名安全公司(SlowMist、BlockSec、Salus、Secure3、ScaleBit)成立的Merlin Security Council,在我们看来,正是为了后续的生态发展和建设提前做好保驾护航。
正是基于上述的研究,我们都应当更加重视Merlin Chain,更别说单单Merlin‘s Seal吸引的TVL就足以显示出Merlin Chain未来的潜力,其TVL至少也将达到数十亿级别。那么,在认真了解Merlin Chain的账户体系、资产桥接和安全性之后,对我们来说,尽可能地体验其中的生态,何尝不是一次与生态同行的最佳旅程呢?
It is a well-known blue box and its development team, which supports the compatibility of many kinds of native bitcoin assets. From the market point of view and the early stage, it has high-quality data performance. It is a new agreement in bitcoin ecology. The blue box is the asset on it, and the blue box is marked with the agreement and the inscription. The total transaction volume of the floor is close to one. At present, the market value of the floor is marked with the agreement of the meta-universe version, which is output with the block output. At present, the transaction volume of new blocks added every day is about one, that is, the total floor price is The success of Blue Box Sum with a floor market value of around 100 million yuan has already condensed a good community consensus. Since its launch in early February this year, the main sum has rapidly exceeded 100 million dollars in a short period of less than one month. The joint cooperation projects include wallet service providers, pledge service providers, and multi-chain data integrated platform, an old bitcoin data service platform, etc. Bitcoin accounts for more than 100 million yuan, and stable currency assets each have about 100 million dollars. Congratulations on the pledge of other bitcoin ecological high-quality assets. In addition, we should also understand that it is not directly related to drawing an equal sign, for example, the current dazzling data assets are not directly related. In addition, because the asset balance that we manually check and add up is not included, the corresponding statistical caliber is about left and right. Next, we will analyze the prospect of the project from the technical scheme and ecological development of the account structure, asset type security, etc. The mainstream wallet address formats of Bitcoin are the same private key and they are calculated according to the elliptic curve algorithm. In addition, the mnemonic of bitcoin is the product of wallet, and the same mnemonic can derive multiple private keys to control multiple public key addresses and addresses with corresponding formats. For Ethereum, the public key and private key system of wallet is similar to that of bitcoin, but the difference is that Ethereum has chosen different coding hash functions, so it is the lightest to follow the existing scheme of Ethereum in terms of public and private key address design to ensure and realize compatibility, which is the most convenient for the habitual ecology. For users, the entry threshold is almost zero, but the challenge is how to relate the public and private key address mapping of Bitcoin. For this reason, we found the answer in the official document. Here, the address that can be calculated through the public key of Bitcoin is used to control the interaction on the chain with the smart contract account. For details, please refer to the architecture diagram. I have to say that instead of directly using the address calculated by the public key of Bitcoin as the account, it is very brave and forward to add the smart account that realizes the agreement. The advantage of foresight is, of course, that the signature abstraction involved and the future functions can be rapidly upgraded and iterated. The disadvantage is that the most critical infrastructure, wallet and blockchain browser need to be re-optimized and adapted, and the ecological project side should also cooperate with the transformation. For users, there will be a high learning cost in concept understanding, and at the same time, some past usage habits should be slightly adjusted. The following are some records of the use experience. By default, the calculated address account abstract address interaction is used. Sometimes the abstract address is controlled by wallet authorization, which is called directly in the form of signature when the transaction is initiated. It is temporarily impossible to view and edit the content of the fee transaction here, and it is impossible to immediately confirm that the block browser can view the function called as the transaction initiator instead of our address. The function is that the parameters inside encapsulate the real interactive function. Because it is a wallet with built-in multi-chain support, although we only use the wallet, we will also calculate the associated address and the generated address here. Different, so it's easy to think that the bridge assets didn't arrive. Whether it's a homogeneous public chain or a heterogeneous public chain, as long as it involves the entry and exit of the primary assets, it can never be bypassed. The core issue is security. Let's look for some damn memories that can never be bypassed in the circle. The cross-border agreement was hacked and more than 100 million dollars were stolen. Fortunately, the hacker finally chose to return the funds for some reason. The cross-border agreement was hacked and lost about 10,000 pieces until the day of the month. The hand attacks in the opposite direction to recover the stolen funds from hackers. The multi-signing verifier system of the side chain management funds of the game was broken, and the loss exceeded US$ 100 million. The multi-signing system of the official bridge of the public chain, which was characterized by fragmentation, was broken, and the loss was about US$ 100 million. In the year of crying, there were not only crashes, bankruptcies and thunderstorms, but also many hacker attacks on the chain. We often say that if the whole ecology undertook hundreds of millions of funds, Our capital is often accompanied by a prosperous ecology, and it also means the sword of Damocles hidden in the dark forest. Understanding how the official bridge realizes the access path of the original assets will help us to further analyze the security of the assets. At present, only the emerging asset series tokens such as assets are temporarily not supported, and the unified receiving address in Bitcoin network is bridged by users, which is transferred to this address, that is, the single-sign address control, that is, there is no direct reference place for the multi-sign mechanism behind it. We speculate that the bridge asset module, which is probably the co-management scheme, is responsible for handling the casting and destruction of assets, and the contract is responsible for minting coins. The logic function is to pass in the collection address and amount of anti-double flowers. After authentication and verification, the process of casting and destroying bridge assets can be realized. We have not fully experienced the destruction function from the contract, and its internal logic is to deal with the bridge cost, but we have not found the specific code for transferring bridge assets into the black hole. It already contains and casts destruction code, so it may soon support the bridge of series assets. The data display of the official bridge into the page is very intimate. Users can clearly find the required address and the associated blockchain browser also provides accurate information. The only bad thing is that the blockchain browser may be tried and used after indexing the data and experiencing the official bridge. The whole transaction process is also very smooth and the cost is much cheaper than that of the official bridge. The official bridge is fixed and the dynamic cost is probably the above. It is worth noting that the bridge assets are used by themselves. After the deployed smart contract initiates the transaction winding, the assets can only be viewed on the official platform. It takes a certain period of time to confirm the security of inheriting Bitcoin in other places. official website, who was developed by the team based on the framework, summarized it as a sequencer to send the second-tier transaction data to the Bitcoin network through a decentralized Oracle. We learned that there are two types of architectures in the architecture by consulting the documents of Sum, and what we adopted is described as the combination here. This scheme is the Ethereum Chain. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。
