Back to all stories
Blogs
Tech & Dev
Ordinals and the BRC-20 Standard: Overview and Risk Analysis
12/15/2023

TL;DR

  • The BRC-20 token standard is an innovative development in the Bitcoin network, enabling token creation and transfer.

  • It uses unique mechanisms like JSON file inscriptions and operates alongside the Bitcoin Ordinals protocol.

  • Key alternative protocols include Atomical's ARC-20, Runes, and Taproot Assets, each with distinct features and approaches.

  • Risks associated with BRC-20 tokens encompass protocol vulnerabilities, centralization issues, network congestion and inefficiencies, and the potential for scams.

  • Despite these challenges, the BRC-20 standard and Ordinals mark a significant evolution in Bitcoin, expanding its utility and applications.

Since its launch in March 2023, the BRC-20 token standard has swiftly garnered significant attention among investors and developers, emerging as a key influencer in the evolution of the Bitcoin ecosystem. Our previous blog post provided an initial overview of the BRC-20 standard. Following its introduction, the standard experienced a surge in popularity, but then entered a phase of relative dormancy. Recently, however, the ecosystem has witnessed a resurgence in activity, spurred by factors such as the rising price of BTC and Binance's listing of $ORDI. In the last 30 days, the trading volume of both BRC-20 tokens and Bitcoin NFTs has reached unprecedented levels.

This resurgence, however, has not been without controversy, as evidenced by the response from certain segments of the Bitcoin community. A notable development was a Bitcoin Core developer's designation of the method allowing for Ordinal inscriptions on the Bitcoin blockchain as an officially registered code vulnerability.

Building upon our initial overview, this article delves deeper into the nuances of the Ordinals and the BRC-20 standard, as well as other innovative protocols recently emerging in the Bitcoin ecosystem. It also examines the risks associated with their rapid growth and adoption.

Ordinals and the BRC-20 Standard: Overview and Risk Analysis

Introduction

The BRC-20 token standard, proposed in March 2023 by the pseudonymous Twitter/X user @domodata, represents an innovative approach to tokenization on the Bitcoin network. It was conceptualized as a method for creating tokens akin to Ethereum's ERC-20 standard but without relying on smart contracts. The BRC-20 standard utilizes the "Ordinal Theory," which was made possible by prior Bitcoin network upgrades such as SegWit and Taproot. This theory introduces a unique numbering system for satoshis, the smallest Bitcoin unit. Each satoshi is assigned a distinct index, enabling it to be 'inscribed' with various content types, including text, images, videos, and audio. These inscriptions facilitate the indexing and tracking of individual satoshis. The BRC-20 standard employs this Ordinal Theory and operates using a JSON format for inscriptions, encompassing BRC-20-related operations, to facilitate the creation and transfer of tokens on the Bitcoin network.

Key Upgrades in Bitcoin: SegWit and Taproot

Before the emergence of Ordinal Theory and the BRC-20 token standard, the Bitcoin network underwent significant advancements through two major upgrades: Segregated Witness (SegWit) and Taproot. These upgrades played a pivotal role in paving the way for new developments like the BRC-20 standard.

Segregated Witness (SegWit): Enhancing Bitcoin's Efficiency and Scalability

SegWit, introduced as a soft fork, significantly enhanced Bitcoin's efficiency and scalability. Its primary function was to optimize the size of transactions by relocating the digital signatures, referred to as witness data, to the end of each transaction. This reorganization allowed for a more efficient use of block space, enabling the inclusion of more transactions per block.

Comparison of Transaction Structures in Non-SegWit and SegWit Blocks Source: BitPanda

One of the critical issues SegWit addressed was transaction malleability. By moving signatures out of the transaction input, it prevented any alterations to transaction hashes after their issuance. This enhancement was not just about efficiency; it also bolstered security.

SegWit also introduced the concept of block weight, measured in virtual bytes (vBytes) and weight units (wu), effectively increasing the maximum block size from a fixed 1 megabyte (MB) to a more flexible 4 virtual megabytes (vMB). The structure of transactions post-SegWit comprises two parts: the first part includes sender and receiver information, and the second part holds the witness data with transaction signatures.

Taproot: Improving Privacy and Functionality

Following SegWit, the Bitcoin network saw another significant upgrade with Taproot. This soft fork brought about features aimed at enhancing privacy and expanding functionality. A notable introduction was a new type of address, compatible with both normal (Pay-to-Public-Key-Hash or P2PKH) addresses and contract scripts. This dual functionality offered both simplicity and versatility in transactions.

Taproot's shift to Schnorr signatures marked a significant step forward. These signatures not only validate transaction authenticity and confirm sufficient funds, but they also maintain privacy concerning transaction balances and details.

Additionally, Taproot facilitated the bundling of multiple transactions, making complex transactions appear as standard peer-to-peer exchanges. This feature significantly aids in disguising the intricacies of transactions, further enhancing privacy.

Comparative Visualization of Traditional Bitcoin Signatures and Schnorr Signatures Source: CoinTelegraph

The introduction of Merkelized Abstract Syntax Trees (MAST) within Taproot was a leap in smart contract technology, enabling the execution of contracts only when specific criteria were met. Taproot's scripting language, Tapscript, builds upon MAST to offer broader support for scripting in smart contracts.

Moreover, Taproot extended the scope of data that could be recorded in the witness segment of a transaction, allowing for a more comprehensive range of information to be included.

Importantly, these upgrades were designed with backward compatibility in mind, ensuring that older wallets could continue to operate using the existing signature method (ECDSA) if necessary.

These foundational upgrades – SegWit and Taproot – not only enhanced the Bitcoin network's capabilities but also set the stage for the development of innovative concepts like the Ordinal Theory and the BRC-20 token standard. These developments demonstrate the evolving nature of Bitcoin, pushing its boundaries beyond just a cryptocurrency.

Ordinals Theory and its Impact on the BRC-20 Standard

Ordinals Theory, a concept enabled by the Taproot upgrade, is instrumental in facilitating the use of the BRC-20 token standard on the Bitcoin network. This innovative theory introduces a method for the unique identification of each satoshi (sat), the smallest Bitcoin unit. By assigning a distinct identifier to each sat, the Ordinals protocol enables them to be recognized based on the order of their minting. This is a significant advancement, allowing for the creation and recording of various digital assets such as text, images, audio, or video directly on the Bitcoin blockchain. This process does not require the use of side chains or specialized tokens, representing a notable step forward in the blockchain's capabilities.

The Ordinals protocol introduces a concept known as "Ordinal Inscriptions." These are essentially digital artifacts that are stored and recorded on-chain. The storage mechanism for these inscriptions involves taproot script-path spend scripts, which can be thought of as a unique form of Bitcoin transaction. To access the content of an inscription, one would need to spend the output associated with it, allowing the details of the inscription to be viewed on the blockchain. Initially, the content of these inscriptions is encapsulated in an "envelope." This envelope acts as a non-operative function and does not alter the script itself.

The basis of the Ordinals concept in the Bitcoin network revolves around a numbering system. Each sat is sequentially numbered according to the order in which it was mined. Essentially, the Ordinals protocol functions as a type of Non-Fungible Token (NFT) system within the Bitcoin ecosystem. Unlike traditional NFTs, where a new asset token is created to represent each item, Bitcoin Ordinals inscribe raw file data directly onto the blockchain.

BTC NFTs and Sats Names: Innovations in Bitcoin

The introduction of the Ordinals protocol has paved the way for the creation of NFT-like assets on the Bitcoin network, often referred to as BTC NFTs. A unique aspect of Bitcoin Ordinals is the direct inscription of raw file data onto the blockchain, as opposed to creating a new asset token as is done with conventional NFTs. This approach represents a significant innovation in how digital assets are managed within the Bitcoin ecosystem.

In addition to this, services like Sats Names have emerged, operating in a manner similar to the Ethereum Name Service (ENS). Sats Names allows users to register and claim ownership of unique nicknames or identifiers for their Bitcoin addresses. Once a nickname is registered, it effectively assigns ownership of that specific nickname to the satoshi that first inscribed it. This feature adds another layer of utility and personalization to the Bitcoin network, enhancing the user experience and expanding the network's functionality.

The BRC-20 Token Standard

The BRC-20 token standard represents a novel development in the Bitcoin ecosystem, where tokens are conceptualized not as independent units but as specific data recorded within satoshis (sats). This perspective shift in token creation is integral to the functionality and uniqueness of the BRC-20 standard.

Central to the operation of BRC-20 tokens is the use of JSON files. These files play a crucial role in appending data onto sats, encapsulating vital information such as the token's name, symbol, and total supply. To deploy a collection of tokens, one must create a JSON file that clearly defines the attributes and specifics of the collection. This process, known as 'minting,' refers to the actual creation of tokens based on the deployment data contained in these JSON files.

Transferring BRC-20 tokens involves utilizing sats as a medium for the exchange of inscriptions or instructions. To execute these operations, specialized wallets such as the UniSat wallet are necessary. These wallets are designed to facilitate the control and indexing of sats, crucial for handling BRC-20 tokens. They employ off-chain indexing mechanisms to efficiently track the status and balance of BRC-20 tokens, offering a centralized solution for token management.

Deploying a BRC-20 Token

The deployment of a BRC-20 token involves setting up the foundational information required for the token's creation and subsequent minting. This process entails defining various parameters, such as the ticker, maximum supply, mint limit (which is optional), and decimal precision (also optional). An example of a BRC-20 token deployment can be seen in the case of the token ordi. The inscription for deploying ordi specifies these key elements, laying the groundwork for the token's creation and circulation within the Bitcoin network.

BRC-20 Token Event Data Structure and Field Descriptions

Minting a BRC-20: Ensuring Compliance with Limits

The minting process of BRC-20 tokens involves assigning the minted balance to the first owner of the mint function inscription. Critical to this process is adherence to pre-set limits: the minting must not exceed the defined mint limit, if one is established, and the total minted amount must not surpass the total supply of the token. If a mint limit is set, users have the option to mint batches up to the maximum amount by creating a mint inscription across multiple satoshis. For instance, in the case of "ordi" with a mint limit of 1000, minting 5000 ordi tokens would necessitate inscribing instructions on five different satoshis.

JSON Structure and Key Descriptions for BRC-20 Token Minting Event

BRC-20 Token Transfers: Managing Balances and Inscriptions

To transfer BRC-20 tokens, an inscription similar to the example below needs to be appended to a distinct satoshi and then sent to the receiver’s address. This process ensures the completion of the transaction. The amount transferred cannot exceed the available balance or the overall balance minus the transferable balance, which includes balance from pending transfers.

BRC-20 Token Transfer Event Structure and Key Descriptions

Trading BRC-20 Tokens: Secondary Markets and the PSBT Standard

Secondary markets for BRC-20 tokens have emerged, offering opportunities for users to engage in the buying and selling of these BRC-20 tokens. A notable example is the UniSat Marketplace, which connects Bitcoin wallets and facilitates the trading of BRC-20 tokens. A key component in these transactions is the Partially Signed Bitcoin Transaction (PSBT) standard, introduced by Bitcoin Improvement Proposal (BIP) 174. PSBT swaps are utilized for trading ordinal inscriptions. Essentially, the seller signs an off-chain PSBT, allowing anyone to complete the swap by transferring a specified amount of BTC. This transaction is held securely by the marketplace and only executed when the trade is finalized.

PSBT's primary objectives include simplifying multi-signature transactions, enhancing wallet interoperability, and supporting offline signing – crucial for maintaining security in trading environments. The process involves several steps: a creator initiates an unsigned transaction, updaters add necessary information for each input, signers use their private keys for signing, combinators merge partially signed PSBTs, finalizers ensure complete signing, and broadcasters then transmit the fully signed transaction to the Bitcoin network.

This multi-step signing process, made feasible by PSBT, is instrumental in the trading of BRC-20 tokens on secondary markets. By utilizing PSBT, users can collaborate and finalize transactions securely without the need for intermediaries or custodial services, enhancing the decentralized nature of BRC-20 token trading on secondary markets. PSBT also enhances the trading experience by supporting offline signing devices like hardware wallets, which provide additional security benefits. While PSBT has been widely adopted in the Bitcoin ecosystem, there's room for broader compatibility and continuous enhancements in functionality and efficiency. As the ordinals ecosystem evolves, PSBT is expected to play a more important role in future Bitcoin NFT transactions and trades.

Sequential Steps in a Multisignature Bitcoin Transaction Using PSBT

Risks Associated with Ordinals and BRC-20 Tokens

Protocol Risks: Security Challenges in BRC-20 Tokens

BRC-20 tokens are accompanied by certain risks. A primary concern is that these tokens do not inherit the same robust security level as Bitcoin itself, leading to potential vulnerabilities and increased risks for token holders. A notable example of such a vulnerability is the BRC-20 Pinning Attack. This attack involves an assailant inscribing a transfer to an exchange that contains their entire account balance, thereby hindering the exchange's transaction processing capability. This vulnerability was exploited in a high-profile incident on December 7th, 2023, where Binance had to halt ORDI withdrawals for three hours.

Blockchain Transaction Records Display

Centralization Risks: Reliance on Indexers and Custodians

There are also centralization risks to consider. Unlike ERC-20 tokens, where token balances are stored on-chain, BRC-20 tokens rely on a centralized indexer to process and record balance information from JSON inscriptions in an off-chain database. This reliance on a centralized indexer introduces risks, such as the possibility of recording incorrect token balances due to errors in the indexing program. Additionally, the complexity of BRC-20 tokens often leads to increased dependence on custodians and centralized exchanges (CEXs) for trading and management, creating potential points of failure susceptible to attacks. The risk of unfair distribution arises if the inscription service mints tokens to itself first before distributing them. Moreover, there's a risk of incorrect balance recording or double-spending due to flaws in the indexer's logic. This was evident in the double-spending attack on Unisats on April 24th, 2023, resulting in losses exceeding $1 million.

UniSat Wallet's Tweet on Security Issue

Performance Risks: Inefficiency and Network Congestion

BRC-20 tokens are criticized for their inefficiency, particularly in their use of the JSON format, where a binary format could potentially enhance storage and resource optimization on the blockchain. The introduction of BRC-20/BTC NFT tokens can also lead to increased transaction fees and network congestion. An example of this was the observation of over 270,000 unconfirmed transactions on the Bitcoin chain at one point, majorly exacerbating transaction costs. Memory usage has also spiked due to the larger size of inscription transactions compared to regular transactions.

Blockchain Mempool Memory and Fee Statistics

In an example of the effects of this congestion, the Ethereum layer-2 network Arbitrum One experienced an outage on December 15, lasting about 78 minutes. It occurred due to a significant surge in network traffic, specifically caused by inscriptions. These inscriptions overwhelmed the network, leading to only two transactions being processed in each block during the downtime. Although the sequencer stalled, users could still withdraw assets to Ethereum, albeit with a delay. The issue was resolved, and the network is now back online.

Scam Risks: Low Barriers to Entry and Potential Frauds

Barriers to entry for BRC-20 tokens are low since their creation is relatively simple and does not require mining. With the ordinal wallet, creating these tokens simply involves adding a file within a transaction and future transactions to move the UTXO of the tokens. This ease of production can cause a potential influx of low-quality tokens and scams, making it challenging to distinguish between legitimate projects and fraudulent ones.

Other Implementations

The introduction of the BRC-20 token standard has highlighted the untapped potential within the Bitcoin network, leading to the emergence of other innovative protocols and applications. These include Atomical's ARC-20 protocol, the Runes protocol, and Taproot Assets, each bringing unique contributions to the Bitcoin ecosystem.

Atomical's ARC-20 Protocol: Combining the UTXO Model with POW

The ARC-20 token standard, developed by Atomicals, is based on the UTXO (Unspent Transaction Output) model for token minting and transfer. Its fundamental unit, the "atomic" unit, is equivalent to the smallest Bitcoin unit, the Satoshi (sat). This equivalence ensures that every ARC-20 token is backed by 1 Satoshi, maintaining a fixed ratio of 1 ARC-20 Token to 1 Satoshi. Notably, ARC-20 is the first token protocol to implement Proof of Work (POW) for minting inscriptions and NFTs, enabling users to mine these assets similarly to Bitcoin mining. This approach offers a unique blend of traditional Bitcoin mining principles with modern tokenization concepts.

Runes Protocol: Efficient Data Storage

Runes, introduced by Ordinals creator Casey Rodarmor, is a fungible token protocol that differs from BRC-20 in its data storage method. Runes stores data in the OP_RETURN field, in contrast to BRC-20's use of the transaction's witness field. This approach aligns more closely with Bitcoin's UTXO model, facilitating the efficient management of token balances and transactions while ensuring smooth integration within the Bitcoin ecosystem. The use of the OP_RETURN field also results in a smaller on-chain footprint, enhancing scalability and reducing blockchain bloat. In Runes, tokens are managed within UTXO transactions, with transfers and creations tracked via OP_RETURN outputs, providing a clear and traceable method for token operations. This feature offers the same level of security to rune tokens compared with BTC itself.

Taproot Assets: An Alternative to BRC-20

Taproot Assets presents itself as an alternative to BRC-20, operating as a side-chain on the Bitcoin network to alleviate congestion. Utilizing virtual Partially Signed Bitcoin Transactions (vPSBTs) in a manner similar to Bitcoin PSBTs, Taproot Assets manages complex transactions efficiently. This system facilitates efficient off-chain state transitions and secure anchoring to the Bitcoin chain. The Multi-Mint assets feature in Taproot Assets enhances scalability and stability by allowing multiple Taproot assets to be included in a single on-chain transaction.

The Future of BRC-20 and Ordinals in the Bitcoin Ecosystem

In this blog post, we've explored the intricacies of Ordinals and the BRC-20 token standard, shedding light on their innovative aspects as well as the security challenges they present. The BRC-20 token standard marks a significant advancement in the Bitcoin network, enabling the creation and transfer of tokens in a manner previously unseen on the platform. This development opens up new avenues for Bitcoin, potentially enhancing its utility and broadening its range of applications to rival the dynamic ecosystems of other blockchain platforms.

However, it's crucial to recognize that the BRC-20 standard is still in its nascent stages and, as with any experimental technology, it brings with it a unique set of risks and uncertainties. These challenges require a careful and informed approach to adoption and implementation. Despite these potential hurdles, the emergence of Ordinals and the BRC-20 standard, along with their innovative offshoots, underscores the continual evolution and exploration within the Bitcoin ecosystem. These advancements herald a future ripe with possibilities for innovation and wider adoption, signaling an exciting era of growth and transformation for Bitcoin.