Bitcoin Knowledge Hub

Overview

Bitcoin sidechains are separate, independent blockchains connected to the main Bitcoin network through a two-way peg, which allows assets to be transferred between them. They act as a scalability solution by handling transactions off the main chain, enabling faster speeds and lower costs, while also allowing developers to experiment with new features like smart; contracts without altering the core Bitcoin protocol.

Two-Way Peg

When you want to use a sidechain, you send Bitcoin to a new address on the main network, where it is locked. The sidechain's contract then issues a token to represent the locked Bitcoin (like Liquid's LBTC) to your wallet. When you're done, you can return the sidechain token to the contract to have your original Bitcoin unlocked and sent back to your main chain wallet.

The design of the two-way peg can vary greatly for each sidechain network. It is important to understand how the peg works for a given network, because ultimately, the is where the bitcoin is custodied. All networks, in some way, currently rely on trusted individuals or entities to custody their bitcoin. But the amount of entities, their relation to one another, and other factors such as track record, are where peg models can differentiate.

Benefits

The primary benefit of Bitcoin sidechains is enhanced programmability and functionality. The Bitcoin script is limited compared to other networks such as Ethereum and Solana. In these networks, decentralized finance (DeFi) thrives, and individuals from around the world interact with highly efficient protocols to unlock trustless financial tools, including lending, perpetual futures/decentralized exchanges, derivatives, prediction markets, and more. Users can interact without intermediaries 24/7, creating a fair and global financial market.

Of course, the nature of these financial systems can often be complex and introduce a variety of risks that aren’t present in traditional finance. Hacks, frequently totalling hundreds of millions in value lost, are a real risk.

Current Bitcoin Sidechains

Rootstock (RSK): Rootstock is one of the earliest Bitcoin sidechains, launched in 2018 with a focus on bringing EVM-compatible smart contracts to Bitcoin. It uses merge mining for security, meaning Bitcoin miners can simultaneously mine both networks without additional energy costs, thereby providing security through the existing Bitcoin mining infrastructure.

Liquid Network: Liquid is a Bitcoin sidechain developed by Blockstream, designed primarily for exchanges, traders, and financial institutions requiring fast, confidential Bitcoin transactions. Since launching in 2018, Liquid has focused on institutional use cases rather than broad consumer adoption.

Mezo: Mezo is a Bitcoin sidechain positioned as the Bitcoin banking platform, allowing users to access liquidity without selling their Bitcoin. Mezo enables Bitcoin holders to borrow against their holdings at fixed rates through MUSD, a Bitcoin-backed stablecoin, while earning yield through network fees paid in BTC. Mezo is built by Thesis*, the team behind tBTC and other Bitcoin infrastructure projects.

Overview

The Lightning Network is a pioneering Bitcoin scaling solution first established in 2015, designed to enable fast and affordable transactions. Lightning processes payments off the main chain through a network of payment channels, reducing congestion on the Bitcoin network while maintaining completely trustless security. As of late 2025, Lightning has over 4,600 BTC in public channel capacity and processes millions of transactions monthly.

Payment Channels

Lightning Network operates through bidirectional payment channels established between participants. To open a channel, two parties each commit funds to a multi-signature address on the Bitcoin blockchain. Within this channel, they can conduct unlimited transactions instantly with minimal fees by simply updating the balance allocation between them—no main chain broadcasts required. When either party wants to close the channel, the final balance is broadcast to the Bitcoin network, settling all transactions at once. The individual transaction details remain private and never touch the main chain.

Security Model

Lightning uses hashed time-lock contracts (HTLCs) to ensure secure, trustless payments even when routing through multiple channels. A hashlock ensures a transaction completes only if the recipient provides specific cryptographic proof, while a timelock adds a deadline—if conditions aren't met, funds automatically return to the sender. This prevents fraud without requiring trust between parties. Channel operators must stay online to monitor for malicious behavior and challenge fraudulent channel closures before timelocks expire, making Lightning better suited for active users rather than passive holders.

Tradeoffs

Lightning's efficiency comes with practical limitations. Channels require active liquidity management—if a channel depletes its funds in one direction, participants must either rebalance or open new channels, which requires on-chain transactions and fees. Routing payments across multiple channels can be complex, as users must discover pathways with sufficient liquidity, sometimes leading to failed payments or higher costs when direct routes don't exist. For these reasons, Lightning growth has been relatively stagnant over the past few years, especially as individuals prefer to simply hold BTC in cold storage.

Overview

The Block Size Wars (2015-2017) pitted immediate scaling through larger blocks against decentralization through constrained growth. The conflict ultimately resulted in SegWit's activation, Bitcoin Cash's creation, and established precedent for Bitcoin's conservative, consensus-driven governance.

Key Proposals

SegWit offered virtual capacity increase through witness data separation. Bitcoin Classic proposed a hard fork to 2MB blocks. The New York Agreement (May 2017) attempted compromise—SegWit plus 2MB increase—but sparked backlash over corporate control of protocol changes and was abandoned.

Resolution

Bitcoin Cash hard forked in August 2017 with 8MB blocks, continuing as a separate cryptocurrency with lower adoption. User Activated Soft Fork (UASF), a grassroots movement led by pseudonymous developer Shaolinfry, gave nodes power to force SegWit by rejecting non-compliant blocks. When major mining pools recognized the credible threat, they signaled for SegWit, which activated in August 2017—establishing that users, not just miners or companies, control Bitcoin's evolution.

Overview

Segregated Witness (BIP 141), activated in August 2017, fixed transaction malleability while effectively increasing block capacity. The soft fork separated signature data from transaction data, enabling Lightning Network and other second-layer solutions. Despite initial controversy during the Block Size Wars, SegWit achieved majority adoption and enabled Taproot and modern Bitcoin infrastructure.

Transaction Malleability Fix

Before SegWit, transaction IDs could be altered by modifying signature data without invalidating the transaction—crippling protocols like Lightning that require chains of pre-signed transactions. By removing witness data from txid calculation, SegWit made transaction IDs immutable, enabling trustless off-chain protocols and complex smart contracts.

Capacity Increase

SegWit introduced "block weight" measurement—witness data is discounted by 75%, allowing blocks to handle roughly 2-2.5x more transactions while maintaining the 1MB technical constraint for backward compatibility.

Overview

Taproot, activated in November 2021, enhanced privacy, improved efficiency, and expanded scripting capabilities through BIP 340 (Schnorr Signatures), BIP 341 (Taproot), and BIP 342 (Tapscript). The soft fork received over 90% miner support and maintained backward compatibility while enabling sophisticated use cases.

Key Improvements

Schnorr Signatures enable signature aggregation—multiple signers create a single signature indistinguishable from simple payments, improving privacy and reducing transaction size by up to 30% for multi-sig setups. Taproot uses Merkle trees to hide complex spending conditions until execution—time-locked vaults, Lightning channels, and regular payments look identical on-chain. Tapscript extended Bitcoin's script capabilities to support Schnorr and laid groundwork for future opcodes like OP_CAT.

Overview

Bitcoin covenants are scripts that restrict how bitcoins can be spent in future transactions, imposing conditions not just on who can spend them, but on where and how those coins move next.

Unlike standard Bitcoin scripts that only validate the current transaction, covenants allow coins to carry forward spending rules that persist across multiple hops. This creates "programmable money" where specific bitcoins follow predetermined paths—enabling use cases like trust-minimized vaults, congestion-controlled payment pools, and inheritance schemes that automatically distribute funds according to encoded rules. Covenants represent a fundamental expansion of Bitcoin's scripting capabilities, though they require new opcodes or significant workarounds to implement.

Current Limitations

Implementing covenants on Bitcoin today requires either proposed soft forks or complex workarounds with significant tradeoffs. Without new opcodes, developers must use techniques like pre-signed transactions (which require storing large amounts of data and coordinating multiple parties) or rely on trusted operators. The Bitcoin development community remains divided on which covenant proposal—if any—should be activated, with concerns ranging from increased script complexity to potential for recursive covenants that could create unusual economic dynamics. This debate has left covenant functionality in limbo despite clear demand from developers building vaults, payment pools, and other advanced Bitcoin applications.

Overview

BitVM is a proposed computing paradigm for Bitcoin that would enable Turing-complete computations and complex smart contracts without requiring changes to Bitcoin's consensus rules. Introduced by Robin Linus in October 2023, BitVM allows arbitrary programs to be executed off-chain with disputes settled on-chain, similar to optimistic rollups on Ethereum. While Bitcoin's scripting language has intentionally remained limited to preserve security, BitVM works within these constraints by representing complex computations as logic gates that can be verified using Bitcoin's existing Script opcodes.

How BitVM Works

Computations happen off-chain between participants who pre-sign a series of Bitcoin transactions that encode the program's logic. These transactions create a challenge-response game: one party (the prover) claims a computation result is correct, while another party (the verifier) can challenge it if they believe it's fraudulent. This optimistic approach keeps the blockchain free from computation data unless fraud is detected.

BitVM 2, announced in August 2024, represents a significant evolution with a permissionless verification model that allows anyone to challenge invalid state transitions, not just pre-designated verifiers. This upgrade dramatically improves capital efficiency and reduces on-chain footprint by introducing a more scalable architecture.

Tradeoffs

BitVM's practical implementation faces meaningful challenges. The system requires significant off-chain coordination and data storage, as participants must maintain large transaction trees representing all possible computation paths. On-chain verification, while rare, can be expensive when disputes occur due to the number of transactions needed to resolve challenges.

The current two-party model (prover and verifier) limits the types of applications that can be built, though BitVM 2's permissionless verification improves this substantially. Most critically, BitVM remains largely theoretical—while the cryptographic foundations are sound, production-ready implementations with real economic activity have yet to emerge at scale.

Overview

OP_CAT, formally proposed as BIP-420 is an opcode proposal for a consensus change to Bitcoin script, also known as a 'soft fork'. Short for "concatenate," this opcode would allow Bitcoin Script to combine two pieces of data on the stack—a simple operation with profound implications. Originally part of Bitcoin's scripting language, OP_CAT was disabled by Satoshi Nakamoto in 2010 due to concerns about potential denial-of-service attacks. The 2017 SegWit upgrade introduced script size limits and other protections that supporters argue have addressed these historical security concerns, making OP_CAT's reinstatement safe and valuable.

What OP_CAT Enables

The ability to concatenate data enables covenant construction—scripts that impose conditions on how Bitcoin can be spent in future transactions. This opens the door for more secure and expressive vault structures, sophisticated multi-signature schemes, and the building blocks for validity proof verification systems like those needed for BitVM and rollups.

The opcode essentially acts as a primitive that, when combined with other Script operations, creates a significantly more powerful computational environment without making Bitcoin Turing-complete.

Cultural Significance and Current Status

The movement to reinstate OP_CAT gained significant cultural momentum with Quantum Cats, an NFT collection launched in January 2024 by Taproot Wizards that became a rallying point for the BIP-420 campaign. However, despite grassroots enthusiasm and technical support from prominent developers, progress has stalled.

The Bitcoin development process is deliberately conservative, requiring overwhelming consensus before any consensus rule changes. As of late 2024, OP_CAT remains in discussion phase with no clear activation path—caught between developers who see it as essential infrastructure and those who argue Bitcoin should maintain its current minimal scripting complexity. The debate reflects Bitcoin's broader tension between ossification and evolution.

Overview

OP_CHECKTEMPLATEVERIFY, proposed as BIP-119 by Jeremy Rubin in 2020, enables transaction templates on Bitcoin by allowing scripts to commit to specific future transaction structures. When spending OP_CTV-protected coins, the spending transaction must exactly match a pre-committed template—including outputs, amounts, and scripts—or the transaction fails.

This simple primitive enables vaults, payment pools, and congestion control without requiring complex pre-signed transaction trees or multi-party coordination.

Use Cases

OP_CTV's primary applications include vault constructions where stolen funds must pass through time-delayed addresses before reaching their destination, and congestion control where exchanges can commit to batched withdrawals during high-fee periods. Ark protocol and similar payment pool designs rely on OP_CTV-like functionality for shared UTXO ownership with unilateral exit guarantees.

Despite years of discussion and clear technical specifications, OP_CTV remains unactivated—caught in debate over whether its specific design is optimal or whether more general proposals like OP_CAT might be preferable.

Comparison to OP_CAT

OP_CTV is purpose-built for covenants—efficient and limited in scope. OP_CAT is a general primitive that enables covenants but also unlocks broader Script functionality. OP_CTV transactions are smaller and simpler to verify; OP_CAT offers more flexibility for experimental constructions. The debate reflects Bitcoin's tension between narrow, purpose-specific opcodes (lower risk, potentially requiring future additions) versus general, composable primitives (maximum flexibility, higher complexity). Both remain proposed with no clear activation path.

Overview

The Cantillon Effect explains why inflation doesn't hurt everyone equally—it's about proximity to newly created money. Named after Franco-Irish economist Richard Cantillon, the effect reveals that first recipients of new money gain purchasing power at the expense of the last. This systematic transfer of wealth from wage earners to those closest to central banks is how fiat currency enters the economy since the inception of arbitrary money creation by the Federal Reserve and other central banks.

How It Works

New money enters through specific channels—financial institutions, government contractors, asset markets—not simultaneously in everyone's wallet. First recipients spend at current prices before inflation adjusts. By the time new money reaches wage earners and pensioners, prices have already risen. Incomes may eventually catch up, but purchasing power is lost in the interim. The result: covert wealth transfer from Main Street to Wall Street.

Modern Impact

Quantitative easing following 2008 injected trillions into financial markets, inflating assets before wages responded. Between 2008 and 2020, the S&P 500 tripled while median household income barely kept pace.

Bitcoin eliminates this by removing the ability to print and selectively distribute money—fixed supply means no structural advantage from proximity to money creation.

Overview

Free banking describes competitive monetary systems where private banks issue currency backed by commodity reserves without central bank monopolies. Market forces determine which banks survive: institutions that overissue face redemption runs and fail, while prudent banks earn trust and grow. This creates natural limits on money creation without centralized control.

Scotland's Success

Scotland operated free banking from 1716 to 1845 with remarkable stability. Bank failures were rare, and overissue was immediately punished through competitive redemption. The system pioneered branch banking, interest-bearing deposits, and overdraft facilities. It ended through political intervention when Parliament granted the Bank of England monopoly powers in 1845.

Eliminating the Cantillon Effect

Free banking eliminates selective money creation advantages. All banks compete equally and face immediate market discipline for overissuing—no mechanism for systematic wealth transfer from savers to insiders.