Bitcoin L2s that claim their BitVM-based bridge is "trustless" are being dishonest in their marketing.

BitVM bridges see a set of operators process peg-outs. A set of watchtowers (a.k.a. verifiers) watch these requests to ensure they align with the current state of the L2. If they do not, a fraud proof can be submitted onchain.

In short, a BitVM peg-out works as such. - Alice withdraws 1 BTC from bridge - Operator fronts 1 BTC of their own liquidity to cover costs of the peg-out - After completing this request, Operator requests a reimbursement from the bridge contract - If honest, Operator can redeem their funds. If dishonest, a watch tower can submit a fraud proof This is oversimplifying it, but sufficient for our argument.

Within this system, there are a number of additional moving parts. Users must also trust: - Operators being able to satisfy this withdrawal request (via being online and having sufficient capital to front the withdrawal request) - Sidesystem validators not creating malicious private forks attesting to malicious peg outs - Sidesystem data being made available to advance sidesystem state Among other things.

BitVM bridges seek to have 1-of-N trust assumptions related to their operator sets and 1-of-N unbounded trust assumptions related to their verifiers. But, users must additionally trust the BitVM bridge operator set for liveness and operators of alternative, external protocols to not “trick” the bridge (in most scenarios).

Ethereum has a well-defined “stages” framework for L2s, created by @L2Beat. If you analyzed BitVM-based bridges against this framework, they would not meet stage 1 due to the fact that users cannot circumvent BitVM bridge operators to facilitate their own peg-outs.

And this thread ignores the fact that many BitVM bridges will launch with “training wheels” - meaning a centralized admin will have upgrade permissions over the bridge.

In practice, no one has been able to create an overcollateralized two-way peg. All live two-way pegs are honest majority federations. BitVM bridges offer us an alternative. That is why it’s so exciting.

In recent announcements, teams are claiming that bridges between Ethereum L2s and BitVM bridges are "trustless". As this thread shows, this is incorrect.