SatsFlux Whitepaper

v1.0.0

SatsFlux

Multi-Chain Bitcoin Bridging Protocol

Decentralized, Secure, and Efficient Cross-Chain BTC Solution

Version 1.0.0 | September 2025

Decentralized
Non-Custodial
Multi-Chain
High Efficiency

Abstract

SatsFlux leverages Bitcoin's Taproot upgrade and advanced threshold cryptography (MuSig2 and FROST) to enable trustless cross-chain Bitcoin transfers. The protocol maintains a decentralized signer network that collectively controls a Bitcoin vault, ensuring security through cryptographic and economic mechanisms while eliminating single points of failure. sBTC β€” a 1:1 Bitcoin-pegged token β€” can freely circulate across multiple chains including Ethereum, Arbitrum, Base, and Solana.

500B
Total Token Supply
5+
Supported Blockchains
0.2%
Bridge Fee

1. Introduction

1.1 Background

Bitcoin, as the first and most decentralized blockchain network, boasts a market cap exceeding $1 trillion and unparalleled security. However, Bitcoin's limited smart contract capabilities and DeFi ecosystem restrict vast amounts of BTC from participating in the thriving decentralized finance applications.

1.2 Limitations of Existing Solutions

πŸ”΅ Centralized Custodial Solutions

Solutions like wBTC rely on centralized custodians and lack decentralization.

πŸ”΅ Federation Schemes

Federation signing schemes require trust in a small number of validators.

πŸ”΅ Sidechain Solutions

Sidechain solutions require modifications to the Bitcoin protocol or depend on specific consensus mechanisms.

1.3 SatsFlux Innovation

SatsFlux achieves a truly decentralized, secure, and efficient Bitcoin cross-chain bridging solution by combining the latest cryptographic technologies (Taproot, MuSig2, FROST) with economic incentive mechanisms. Our core innovations include:

  • Decentralized BTC vault based on threshold signatures with no single point of failure
  • Economic bonding mechanism: signer nodes must stake SatsFlux tokens, malicious behavior results in slashing
  • Multi-chain routing layer: supports efficient sBTC flow across multiple blockchains
  • Modular smart contract architecture: easy to integrate and extend to new blockchains
  • Transparent governance mechanism: community-driven protocol parameter adjustments

2. System Architecture

The SatsFlux protocol consists of three core layers: the Bitcoin Vault layer, the Signer Network layer, and the Target Chain Smart Contract layer. These layers work together through cryptographic proofs and economic incentives to ensure system security and liveness.

SatsFlux Architecture Overview

β‚ΏBitcoin VaultTaproot + Threshold SigBTC LockedSigner Network15/21Threshold ConsensusMuSig2 & FROSTTarget ChainsETHARBBASESOLsBTC MintingMonitorAttestSatsFlux Multi-Chain ArchitectureDecentralized Bitcoin Bridge Protocol

Figure 2.1: SatsFlux Multi-Chain Bridge Protocol Architecture

2.1 Bitcoin Vault Layer

The Bitcoin vault is the core of the protocol, managed using Taproot addresses and threshold signature technology. All user-deposited BTC is locked in this multi-signature address and can only be moved when more than the threshold number of nodes (e.g. 15/21) in the signer network co-sign.

Technical Features:

  • Taproot Address: Provides privacy protection and script flexibility
  • t-of-n Threshold Signatures: e.g. 15/21, ensuring decentralization and fault tolerance
  • Confirmation Requirements: Minting triggered after 6 Bitcoin block confirmations

2.2 Signer Network Layer

A decentralized network of signer nodes monitors the Bitcoin blockchain, validates transactions, coordinates multi-party signatures, and interacts with smart contracts on target chains. Each signer node must stake SatsFlux tokens as economic collateral.

Node Responsibilities

  • β€’ Monitor Bitcoin deposit transactions
  • β€’ Participate in threshold signature protocols
  • β€’ Submit mint/burn proofs to target chains
  • β€’ Maintain cross-chain state synchronization

Economic Security

  • β€’ Stake tokens as collateral
  • β€’ Malicious behavior results in slashing
  • β€’ Earn bridge fee rewards
  • β€’ Participate in protocol governance voting

2.3 Smart Contract Layer

Each supported target chain deploys a standardized set of smart contracts responsible for sBTC token minting, burning, transfers, and state management. These contracts undergo rigorous audits to ensure fund security and operational correctness.

Smart Contract Architecture

sBTC TokenERC-20mint() / burn()Bridge ContractMint/Burn LogicVerify SignaturesState ManagerRecords & StatusSigner RegistryGovernanceProposals & VotingParametersStaking ContractStake/UnstakeRewards & SlashingπŸ‘€UsersπŸ”SignersSmart Contract ArchitectureModular and Upgradeable Design

Figure 2.2: SatsFlux Smart Contract Module Architecture

3. Bitcoin Vault

The Bitcoin vault is the core security component of the SatsFlux protocol. It uses Bitcoin's latest technologiesβ€”Taproot and threshold signaturesβ€”to achieve decentralized fund custody.

3.1 Taproot Advantages

πŸ”’ Privacy Enhancement

Taproot makes multi-sig addresses look like regular addresses, protecting vault structure privacy

⚑ Fee Reduction

Schnorr signatures are smaller than traditional ECDSA, reducing on-chain transaction fees

πŸ”§ Script Flexibility

Supports complex spending conditions and recovery mechanisms

3.2 Vault Address Generation

// Pseudocode: Taproot threshold address generation
function generateVaultAddress(signers, threshold) {
  // 1. Aggregate all signer node public keys
  const aggregatedPubKey = aggregatePublicKeys(signers)
  
  // 2. Create threshold script path
  const scriptTree = createThresholdScriptTree(
    signers, 
    threshold  // e.g.: 15-of-21
  )
  
  // 3. Generate Taproot address
  const taprootAddress = createTaprootAddress(
    aggregatedPubKey,
    scriptTree
  )
  
  return taprootAddress  // bc1p...
}

3.3 Security Mechanisms

Security Model

πŸ”’Bitcoin VaultCryptographic LayerEconomic LayerNetwork LayerπŸ”Threshold Signatures15-of-21πŸ’°Economic Bonding1B+ tokens⚑Slashing MechanismPenaltyπŸ›‘οΈMulti-sig Guardians5-of-7πŸ‘οΈReal-time Monitoring24/7πŸ”„Auto RecoveryFailsafeMulti-Layer Security ModelDefense in Depth Strategy

Figure 3.1: SatsFlux Security Model and Protection Mechanisms

πŸ›‘οΈ Cryptographic Security

  • β€’ Threshold Signatures: Requires t-of-n signers to cooperate to move funds
  • β€’ Key Sharding: Private key shards stored and managed in a distributed manner
  • β€’ Verifiable Randomness: Uses VRF for node selection and rotation

πŸ’° Economic Security

  • β€’ Staking Requirements: Each signer node must stake a minimum of 1 billion SatsFlux tokens
  • β€’ Slashing Mechanism: Malicious behavior results in staked tokens being slashed and distributed to other nodes
  • β€’ Over-collateralization: Total staked value far exceeds the BTC value in the vault

⚠️ Emergency Response

  • β€’ Multi-layer Monitoring: Independent monitoring services detect abnormal behavior in real-time
  • β€’ Emergency Pause: Governance contract can pause bridging when attacks are detected
  • β€’ Fund Recovery: Pre-set recovery mechanisms ensure user fund safety

4. Threshold Cryptography

Threshold cryptography is the core technology enabling SatsFlux's decentralization and security. We employ industry-leading MuSig2 and FROST protocols to achieve efficient threshold signatures.

4.1 MuSig2 Protocol

MuSig2 is a multi-party signature protocol for Schnorr signatures, particularly suited for Bitcoin's Taproot upgrade. It allows multiple signers to generate an aggregated public key and signature that appears on-chain as a single signature.

MuSig2 Advantages:

  • Two-Round Protocol: Completes signing in just two rounds of communication
  • Key Aggregation: Aggregates n public keys into one, saving on-chain space
  • Privacy Protection: External observers cannot determine how many signers participated
  • Compatibility: Perfectly compatible with Bitcoin Taproot

4.2 FROST Protocol

FROST (Flexible Round-Optimized Schnorr Threshold) is a threshold signature protocol supporting t-of-n configurations (e.g. 15-of-21), providing higher fault tolerance and decentralization.

FROST Features:

  • Flexible Threshold: Supports arbitrary t-of-n configurations
  • Fault Tolerance: Can tolerate up to n-t nodes being offline
  • Efficiency: Requires only two rounds of communication
  • Security: Resists collusion attacks, meets UC security model

4.3 Signing Process

Three Phases of Threshold Signing:

1
Key Generation

Signer nodes generate key shards through DKG (Distributed Key Generation) protocol without needing a trusted third party.

2
Signing Request

When signing is needed (e.g., user withdrawal request), signer nodes collect nonce commitments and generate partial signatures.

3
Signature Aggregation

After collecting threshold number of partial signatures, aggregate into final Schnorr signature and broadcast to Bitcoin network.

πŸ” Security Guarantee

Even if an attacker controls fewer than the threshold number of signer nodes, they cannot: (1) steal BTC from the vault; (2) forge valid signatures; (3) prevent honest nodes from completing signatures. This ensures protocol security under the Byzantine fault-tolerant model.

5. Bridge Process

The SatsFlux bridging process includes two core operations: Peg-in (BTC β†’ sBTC) and Peg-out (sBTC β†’ BTC). Both are coordinated through threshold signatures and smart contracts.

Bridge Process Flow

Peg-in (BTC β†’ sBTC)1. User deposits BTCSend to vault address2. Wait for confirmations6 blocks (~60 min)3. Signers validateThreshold consensus4. Generate proofAggregate signature5. Mint sBTCOn target chainPeg-out (sBTC β†’ BTC)1. User burns sBTCCall burn() function2. Contract validatesEmit burn event3. Signers detectMonitor chain events4. Threshold signingFROST protocol5. Send BTCBroadcast to BitcoinPeg-in: ~60-90 minutesPeg-out: ~30-60 minutesTimes include blockchain confirmationsSatsFlux Bridging Process

Figure 5.1: Complete SatsFlux Peg-in and Peg-out Process

5.1 Peg-in Process (BTC β†’ sBTC)

1

User Requests Deposit Address

User specifies target chain (e.g., Ethereum) through DApp or SDK, and system generates a unique deposit address.

Deposit address example: bc1p...xyz (Taproot address)
2

User Sends BTC

User sends BTC from any Bitcoin wallet to the deposit address. Transaction propagates through Bitcoin network and awaits confirmation.

⏱️ Recommended wait time: 6 block confirmations (~60 minutes)
3

Signer Nodes Monitor and Validate

Signer nodes continuously monitor the Bitcoin blockchain, detecting deposit transactions and validating their validity (amount, confirmations, target chain, etc.).

4

Generate Minting Proof

Threshold number of signer nodes sign the minting request, generating an aggregated proof (including Bitcoin transaction hash, amount, recipient address, etc.).

5

Mint sBTC on Target Chain

Signer nodes submit proof to target chain smart contract, which verifies signatures and mints corresponding amount of sBTC to user address.

βœ… Minting complete! User can now use sBTC on target chain

5.2 Peg-out Process (sBTC β†’ BTC)

1

User Initiates Withdrawal Request

User calls smart contract's burn function on target chain, specifying amount of sBTC to redeem and receiving Bitcoin address.

2

Smart Contract Burns sBTC

Smart contract validates request validity, burns corresponding amount of sBTC, and records withdrawal request to on-chain event log.

3

Signer Nodes Listen to Burn Event

Signer nodes monitor target chain smart contract events, detecting burn event and beginning to prepare Bitcoin transaction.

4

Threshold Sign Bitcoin Transaction

Signer nodes collaborate via FROST protocol to sign a transaction from vault to user's Bitcoin address.

5

Broadcast to Bitcoin Network

Signed transaction is broadcast to Bitcoin network, user receives native BTC after confirmations.

βœ… Withdrawal complete! User has received native BTC

5.3 Cross-Chain Transfer

SatsFlux supports direct transfer of sBTC between different target chains without returning to the Bitcoin mainnet.

Multi-Chain Routing Layer

SatsFluxRouterETHEthereumARBArbitrumBASEBaseSOLSolanaMATICPolygonOPOptimismMulti-Chain Routing LayerHub-and-Spoke Model with Cross-Chain Messaging

Figure 5.2: SatsFlux Multi-Chain Routing and Messaging Mechanism

Method 1: Burn & Mint

Burn sBTC on source chain, mint equivalent sBTC on target chain

  • βœ“ Simple and straightforward
  • βœ“ No Bitcoin confirmation needed
  • βœ“ Lower fees

Method 2: Atomic Swap

Use hash time-locked contracts for atomic cross-chain swaps

  • βœ“ Atomicity guaranteed
  • βœ“ No trusted third party needed
  • βœ“ Higher security

6. Smart Contracts

SatsFlux deploys a standardized smart contract system on each supported blockchain, responsible for sBTC lifecycle management and cross-chain state synchronization.

6.1 Core Contract Modules

πŸ“„ sBTC Token Contract

ERC-20 compatible token contract implementing sBTC basic functions (transfer, approval, etc.)

interface IsBTC is IERC20

πŸŒ‰ Bridge Contract

Handles minting and burning requests, verifies signer node proofs

function mint(bytes proof, address to, uint256 amount)

πŸ“Š State Manager Contract

Maintains bridge state, transaction records, and signer node set

mapping(bytes32 => BridgeRecord) public records

πŸ›οΈ Governance Contract

Manages protocol parameters, signer node updates, and proposal voting

function propose(bytes calldata proposalData)

6.2 Security Features

Reentrancy Protection

All external calls use ReentrancyGuard protection to prevent reentrancy attacks

Access Control

Role-based access control (RBAC), only authorized signer nodes can execute critical operations

Emergency Pause

Upgradeable emergency pause mechanism for quick response when anomalies detected

7. Security Model

SatsFlux employs a multi-layer security architecture combining cryptography, economics, and engineering best practices to ensure protocol robustness and user fund safety.

Cryptographic Security

  • βœ“ Threshold Signatures (15-of-21)
  • βœ“ Schnorr Signatures + Taproot
  • βœ“ Verifiable Random Function (VRF)
  • βœ“ Zero-Knowledge Proofs (Future)

Economic Security

  • βœ“ Over-collateralization Requirements
  • βœ“ Slashing Mechanism
  • βœ“ Dynamic Fee Adjustment
  • βœ“ Insurance Fund

Security Protection Mechanisms

πŸ›‘οΈ Scenario 1: Node Consensus Protection

Mechanism: High staking requirements (each node 1B+ SatsFlux tokens) ensure honest node behavior

Advantage: Real-time monitoring and slashing mechanism ensure rapid response, economic incentives protect network security

πŸ›‘οΈ Scenario 2: Smart Contract Security

Mechanism: Multiple security audits, formal verification, bug bounty program

Advantage: Timelocks and multi-sig upgrade mechanisms provide additional security guarantees

πŸ›‘οΈ Scenario 3: Network Fault Tolerance

Mechanism: Redundant communication channels, automatic failover

Advantage: Graceful degradation mechanism ensures system remains available

Audits & Certification

3+
Security Audits
$500K
Bug Bounty
24/7
Monitoring Service

8. Tokenomics

The SatsFlux token is the protocol's native governance and utility token, with a total supply of 500 billion tokens, used for staking, governance, and fee distribution.

Token Distribution

Ecosystem 40%Signers 25%Team 18%R&D 12%Partners 5%500BTotal SupplyEcosystem 40%Signers 25%Team 18%R&D 12%Partners 5%SatsFlux Token DistributionTotal Supply: 500 Billion Tokens

Figure 8.1: SatsFlux Token Distribution and Vesting Schedule

8.1 Token Allocation

CategoryAllocationAmountTGEVesting
Ecosystem & Rewards40%200B30%48 months
Signer Node Rewards25%125B20%36 months
Core Team & Advisors18%90B10%12mo cliff + 36mo vesting
R&D & Infrastructure12%60B25%24 months
Strategic Partners5%25B15%6mo cliff + 18mo vesting

8.2 Token Utility

Signer Node Staking

Becoming a signer node requires staking a minimum of 1 billion SatsFlux tokens as economic collateral, earning bridge fee rewards.

Governance Voting

Token holders can vote on protocol upgrades, parameter adjustments, new chain integrations, and influence protocol direction.

Fee Distribution

80% of bridge fees distributed to signer node stakers, 20% to protocol treasury for development and operations.

Ecosystem Incentives

Tokens used to incentivize DApp integration, liquidity provision, community contributions, and ecosystem building activities.

Fee Model Example

$50M
Monthly Bridge Volume
$100K
Total Fees
$80K
Staker Earnings
$20K
Protocol Treasury

* Example calculation based on 0.2% bridge fee rate and $50M monthly transaction volume

9. Governance

SatsFlux adopts a decentralized governance model where token holders can participate in key protocol decisions through proposals and voting mechanisms.

9.1 Governance Scope

Protocol Parameters

  • β€’ Bridge fee rate adjustments
  • β€’ Threshold signature parameters (t-of-n)
  • β€’ Confirmation block requirements
  • β€’ Minimum staking requirements

Network Expansion

  • β€’ New blockchain integrations
  • β€’ Signer node set updates
  • β€’ Smart contract upgrades
  • β€’ Emergency response measures

Treasury Allocation

  • β€’ Protocol treasury usage
  • β€’ Ecosystem fund distribution
  • β€’ Development grant programs
  • β€’ Security audit budgets

Economic Model

  • β€’ Fee distribution ratios
  • β€’ Staking reward adjustments
  • β€’ Slashing parameter settings
  • β€’ Token vesting schedules

9.2 Proposal Process

1

Draft Proposal (7-day Discussion)

Any address holding 1M+ SatsFlux can initiate a proposal draft on the forum for community discussion and improvement.

2

On-Chain Proposal (Requires 10M SatsFlux)

After meeting threshold, proposer can submit proposal to on-chain governance contract, initiating formal voting process.

3

Community Voting (7-day Period)

Token holders vote with SatsFlux, 1 token = 1 vote. Requires 4% participation rate and 66% approval rate.

4

Timelock Execution (2-day Delay)

Passed proposals execute automatically after 48-hour timelock, allowing time for emergency response.

🚨 Emergency Governance

In emergencies (e.g., critical security vulnerability), a multi-sig guardian committee (5-of-7) can activate emergency pause mechanism, but must submit to community vote within 7 days for confirmation, or automatically resume.

10. Roadmap

Q1 2025 βœ…

Testnet Launch

  • βœ“ Core protocol development completed
  • βœ“ Ethereum Sepolia testnet deployment
  • βœ“ Basic documentation and SDK release
  • βœ“ Community testing program launch
Q2 2025 πŸ”„

Security Audits

  • πŸ”„ 3 reputable security firms auditing
  • πŸ”„ Bug Bounty program launch
  • πŸ”„ Formal verification of critical modules
  • ⏳ Economic model stress testing
Q3 2025

Mainnet Beta

  • β€’ Ethereum mainnet deployment
  • β€’ Limited sBTC minting (100 BTC cap)
  • β€’ Signer node recruitment program
  • β€’ Token Generation Event (TGE)
Q4 2025

Multi-Chain Expansion

  • β€’ Arbitrum & Base support
  • β€’ Solana integration
  • β€’ Cross-chain routing layer launch
  • β€’ Governance module activation
2026+

Future Plans

  • β€’ Lightning Network integration
  • β€’ Additional L2/L3 support
  • β€’ Zero-knowledge proof privacy layer
  • β€’ Native DeFi protocol integrations
  • β€’ Fully decentralized governance

11. Conclusion

SatsFlux represents a significant advancement in Bitcoin cross-chain technology. By combining cutting-edge cryptographic breakthroughs (Taproot, threshold signatures) with proven economic incentive mechanisms, we've achieved a truly decentralized, secure, and efficient Bitcoin bridge solution.

Compared to existing centralized custody solutions, SatsFlux adopts a decentralized architecture; compared to federation models, we provide robust security guarantees through economic staking and slashing mechanisms; compared to sidechain solutions, we achieve efficient cross-chain liquidity without modifying the Bitcoin protocol.

Through multi-layer security architecture, flexible governance mechanisms, and sustainable economic models, SatsFlux is positioned to become the trusted infrastructure for Bitcoin cross-chain bridges, unlocking Bitcoin's value across the entire multi-chain ecosystem.

Our Vision

Enable Bitcoin's value to flow freely across any blockchain ecosystem, allowing BTC holders to participate in DeFi, NFTs, gaming and other innovative applications while maintaining Bitcoin's security and decentralization.

∞
Unlimited Potential
πŸ”’
Security First
🌐
Global Access

References

[1] BIP 340-342: Schnorr Signatures and Taproot

[2] Maxwell, G. et al. (2019). MuSig2: Simple Two-Round Schnorr Multi-Signatures

[3] Komlo, C. & Goldberg, I. (2020). FROST: Flexible Round-Optimized Schnorr Threshold Signatures

[4] Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System

[5] Buterin, V. (2014). Ethereum White Paper

Contact Us

Twitter / X
@SatsFlux

Β© 2025 SatsFlux Protocol. All rights reserved.

SatsFlux - Connecting Bitcoin to Multi-Chain Ecosystems