ChainX BTC Cross-Chain Roadmap

The BTC cross-chain custody scheme of ChainX 1.0 has been successfully operated for nearly two years. Based on Substrate technology, ChainX adopts a cross-chain solution that combines BTC’s light node, side-chain relays, and witnesses. It was once at the forefront of the industry in the cross-chain field of decentralized assets. It was launched in a very short time in May 2019. The chain exceeded 10 million US dollars of BTC, but because BTC does not have Turing completeness, the bottleneck of the light node cross-chain custody scheme itself became apparent.

At present, the latest X-BTC custody solution is being re-designed and developed further. This article will introduce in detail the cross-chain roadmap of ChainX BTC assets based on the research results from the development team.

XBTC 2.0: Introduce Vault (asset custodian) mechanism to realize trustless asset cross-chain

In this XBTC 2.0 version, based on the XCLAIM framework, two protocols have been introduced through XCLAIM (BTC, XBTC) to achieve a decentralized, transparent, consistent, automatic, and anti-censorship cross-blockchain transaction.


XCLAIM overcomes the limitations of centralized methods in the following ways:

  • Security audit log: Builds a log to record all users’ behavior on Bitcoin and ChainX.
  • Proof of transaction inclusion: Chain relay is used to prove to ChainX the correct behavior on Bitcoin.
  • Proof or punishment: XCLAIM does not rely on timely fraud-proof (passive), but requires proactive proof of correct behavior.
  • Over-guarantee: The untrusted Vault (asset custodian) is bound by collateral (PCX) and has established a mechanism to mitigate exchange rate fluctuations.

With this design, users can use BTC to generate XBTC 1:1 faster than before without any centralized organization, and the introduction of Vaults (asset custodian) allows more people to participate in asset cross-chain.

A visual representation of the process

Issue process: Generate XBTC on ChainX

Depositing BTC and minting X-BTC

Redeem: Burn XBTC on ChainX and get 1:1 BTC

Withdrawing BTC and burning X-BTC

This system is currently under development and will enter the testing phase in early 2021. Active members of the ChainX community will be given priority to register with the Vault (asset custodian). When the program is officially launched, users can register as Vault as long as they have PCX. The generous commission rewards (BTC and PCX) will encourage all Vaults to actively participate in user transactions and maintain the operation of the system.

XBTC 3.0: A threshold signature method based on MPC (secure multi-party computing)

The threshold signature method based on MPC (secure multi-party computing) is used for the asset cross-chain. The computing network is composed of Trader Nodes to provide computing power and maintain the normal operation of the system.


Most of the current blockchain technologies do not have privacy protection functions, so security, confidentiality, and privacy are key obstacles that have not been widely developed.

The ChainX team has conducted experiments and researched secure computing protocol algorithm technology, including multi-party computing (MPC), homomorphic encryption (HE), trusted execution environment (TEE), zero-knowledge proof (ZKP), zk-SNARK.

Finally, through comparison (Table 1), we believe that in the case of mutual distrust, MPC is a very suitable solution for secure computing in the blockchain network environment.

Comparison of multi signature methods


For MPC (Multi-party Computation), the two most used branches are “secure multi-party computation based on obfuscation circuit” and “secure multi-party computation based on secret sharing”. We choose the latter, complete data encryption based on Shamir’s Secret Sharing.

The specific working method is as follows: There are currently N participants. One of the participants divides a private key, password, or sensitive information into N encrypted fragments. The recovery threshold is set at M (M<N), and each unique fragment is distributed to each participant and kept safe. To recover the original private key, password, or sensitive information, at least M encrypted fragments are required. We refer to this type of encryption and decryption as multi-signature. For example, if a 3/5 multi-signature is set, at least 3 personal signatures (encrypted fragments) are required to send transactions, decrypt the original private key, password, or sensitive information.

Splitting of a private key into n pieces

The encrypted fragments are stored by the Trader Node, and each node cooperates to complete the signature when a transaction occurs. All users who want to participate can become a Trader Node by mortgaging assets, and contributing their computing resources to earn economic returns. Their node identities will not be disclosed in the ChainX network.

100 seats will be opened in the early stages and each election period lasts 28 days. Every 48 hours, all Trader Nodes will be randomly grouped and each node is guaranteed to be insulated from each other. At the same time, the private key fragments held by each node will be refreshed. Each group will have N nodes, and each transaction requires at least m nodes to work together to successfully sign (M<N).

We have also designed a punishment system that punishes Trader Nodes who violate the agreement, with the punishment exceeding the expected return from colluding with others.


As shown in the figure, the MPC-based threshold signature is only responsible for the right-side part of signature creation.

The MPC-based threshold signature is completely decoupled from the contract module. It only needs to distinguish the signature algorithm. As long as the signature algorithm is supported by the chain system, it can be connected to the chain. This means the compatible algorithm can be used in many chains. MPC-based key management can be multi-chain friendly and is off-chain, avoiding risks of the contract being hacked.

As shown in the figure, multi-signature counts the number of legal signatures in the smart contract and transfers the money when the threshold has been met. This method is unchanged by using different signature algorithms, whether it is Schnorr or BLS. This is an advantage of multi-signature, which can achieve a certain degree of decoupling from the underlying signature algorithm. But its problem lies in adapting to different chain systems. One thousand chains require one thousand smart contracts, and the compatibility of multiple chains is weak.

XBTC 4.0: Decentralized and autonomously controlled asset custody method

Optimizing and upgrading the basis of 2.0, by modifying the MPC algorithm, enables users to become the owners of private key encryption fragments themselves and become part of the fragments system.


Every time a user wants to make a transaction, he needs to contribute his fragment for signature. This eliminates the risk of nodes performing malicious acts to a greater extent and reduces the amount of collateral needed for Trader Nodes, helping to maintain the stability of collateral prices. This is the most ideal solution.


For example, if the user initiates an XBTC redemption request, his steps will be:

  1. The user uses his key share to calculate the message signature share and send it to all relevant Trader Nodes;
  2. N Trader Nodes use their key shares to calculate the message signature share;
  3. The Trader Node sends the generated signature share to all other Trader Nodes in the same group;
  4. After a certain node receives more than M signature shares, it reconstructs Signature_share_nodes and adds Signature_share_user to calculate the signature private key and complete the transaction.
Splitting of a private key into n pieces, divided between Trader Nodes and the User

We will uphold asset security, decentralization, and high efficiency, adopting a custody scheme that combines light nodes and continuous improvement to achieve true openness, transparency, and extremely high security.

The ChainX cross-chain solution will lead us to complete the second-layer cross-chain of BTC and expand a second-layer derivative platform with BTC as the base currency. This will integrate the functions of BTC + ETH, and truly realize decentralized currency + decentralized smart contracts. The centralized financial platform is integrated. ChainX is committed to achieving the optimal solution for BTC cross-chain!

To make the plan more complete and absorb the wisdom of more people, community fans, developers, etc. are welcome to leave a message or join the community discussion.

About ChainX

ChainX is the largest Layer-2 network of Bitcoin, based on Substrate, and will evolve into the Polkadot Secondary Relay Chain.