Note: Much of the info in this post was obtained via a very thorough Twitter Space about WBTC that I recently hosted with Mike Belshe, CEO of BitGo, and Victor Tran, CEO of Kyber. You can find the full recording at the bottom of this post.
Many have assumed that I am wholly and entirely against the existence of wrapped assets like WBTC. I am not.
It’s clear that wrapped assets on Ethereum have a strong use case for many. However, no two wrapped assets are alike. Most people don’t take the time to understand the nuances of each, and are therefore unable to develop an appropriate risk framework based on those nuances.
Every wrapped asset on Ethereum is an IOU. It’s up to the holder to understand the terms and security involved with that IOU, and then apply their own risk tolerance based on that knowledge. So, let’s take a look at the nuances that define the IOU that is Wrapped Bitcoin (WBTC).
WBTC was one of the very first and most notable custodial wrapped assets on the Ethereum blockchain to achieve widespread use. In late 2019, just as DeFi was in its very nascent stages, the developers behind Kyber and Republic (which went on to become Ren Protocol) decided to develop a new ERC-20 asset that would be pegged to Bitcoin’s price and backed by actual Bitcoin.
The new asset would be called Wrapped Bitcoin, or WBTC. They decided at the outset that the best way to accomplish this (remember, it was 2019) was with a centralized and regulated custodian holding all of the BTC backing the tokens.
The custodian that they approached was BitGo, a massive & well-known crypto custodian.
Taking a step back for a moment, it would have been pretty easy for BitGo to run this project on its own, just like Circle does with USDC or Binance does with BTCB. BitGo could have just created its own BBTC (BitGo BTC) token contract and minted or redeemed tokens as native Bitcoin was deposited or withdrawn.
However, all three parties – Kyber, Ren and BitGo – saw the value in creating something slightly more decentralized than that. This should not be overlooked. Sincere attempts were made to avoid a centrally-controlled token contract.
So they came up with a different plan – the WBTC smart contract would be owned by a multisig consisting of several different DeFi projects. The idea here was that BitGo would hold the native Bitcoin backing the tokens, however BitGo would not be able to control the tokens once they were in circulation on the Ethereum blockchain.
The result is what we have today: BitGo holds billions of dollars worth of native BTC, backing billions of WBTC tokens on the Ethereum blockchain, but BitGo has no ability to freeze, blacklist or otherwise manipulate the circulating WBTC tokens sitting in users wallets, in liquidity pools, or wherever else they may be residing.
The WBTC multisig, which we will detail in a moment, also cannot freeze or blacklist individual addresses, however it can pause the entire token contract, which would freeze everyone’s WBTC tokens in their wallets and make them non-transferrable until the contract was unpaused.
Of course, this doesn’t mean that BitGo doesn’t have any control over WBTC. In fact, it holds all of the control over WBTC in that if it ever manages to lose the native BTC collateral (via hack, bankruptcy or any other malady you can imagine), the WBTC tokens will become worthless. Therefore, BitGo must be trusted to remain solvent, honest and principled (willing to fight the government in case of a regulatory attack).
Multisigs & Merchants
The WBTC ecosystem includes two multisigs with overlapping signers. One is nicknamed “Small DAO” and is a 3 of 5 multisig. The other, “Large DAO” is an 8 of 13 multisig.
The “Small DAO” multisig is responsible for adding and removing merchants from the WBTC ecosystem. Merchants are responsible for minting and burning WBTC. They can send native BTC to BitGo in exchange for WBTC tokens, and they can send WBTC tokens back to BitGo in exchange for native BTC. Merchants must be added by the Small DAO and KYC/AML approved by BitGo before they can participate. Only these fully-approved (and regulated) Merchants can create or burn WBTC.
Because of the KYC/AML obligations, Merchants are at the mercy of BitGo when it comes to getting their BTC back. During the recent FTX scandal, Alameda sent a significant amount of WBTC tokens to BitGo to be redeemed for native BTC. BitGo refused to honor the transaction even though the WBTC tokens were burned. BitGo is the final arbiter for Merchants, but they cannot affect the transferability of WBTC tokens in users’ wallets.
These are the current merchants according to BitGo (note that this info is not included in any publicly available documentation that I could find at the time of this post):
- Symbiotic Capital Partners
- Grapefruit Trading
- Alameda (redemptions no longer being honored by BitGo)
The “Small DAO” (5 of 7) multisig signers can come together to add & remove merchants. BitGo holds 3 of the 7 keys on this multisig. This means that BitGo can effectively veto any transaction on this multisig through inaction, as the other 4 signers can never reach the threshold of 5 signatures without BitGo’s support (again, this information is not found in any existing documentation that I could find). But it also means that BitGo cannot act on its own, which prevents BitGo from adding Merchants without the support of at least 2 other signers. This is an important point, because if BitGo could unilaterally add Merchants, it could easily add itself and infinitely mint WBTC without commensurate collateral, killing the value of the token. The signers are:
- Tom Bean (bZx)
The “Large DAO” (8 of 13) multisig signers who can come together to pause & unpause the WBTC token smart contract and all WBTC tokens are:
- B Protocol
- Tom Bean (bZx)
HELP ME STAY INDEPENDENT!
Enjoying this post?
Risks and Concerns
Now that you understand how WBTC works on a technical level, let’s talk about some of the theoretical risks that come along with using and holding it.
As mentioned above, WBTC is a custodial token. It has no value without the BTC being held by BitGo. If BitGo becomes compromised in any way and the BTC gets stolen or becomes inaccessible, WBTC will lose its peg.
Beyond that, even if all of the BTC remains present, it’s important to remember that if there’s even a rumor of BitGo having problems, WBTC can lose its peg. WBTC does not have a “hard peg” to BTC. It is only valued at what the market decides that it’s worth.
Neither BitGo nor either of the WBTC multisigs can take the WBTC out of your Ethereum wallet. The Large Multisig can, however, freeze the WBTC smart contract, thereby freezing all WBTC tokens in place.
You, as an individual, cannot be targeted via the WBTC smart contract. However, the entire ecosystem could be targeted if the Large Multisig were to become compromised and used in a malicious way.
Also, you may notice that the multisig signers do not have human names. We only know which projects hold keys, but not which individuals within each project holds the key. This means that if someone leaves a project, or if a project goes belly-up, that key could easily become compromised.
Recently, Kyber and BitGo were forced to initiate a move to a new Large Multisig because too many of the original multisig signers had lost their keys or disappeared. The Large Multisig could have easily become compromised during this period of uncertainty.
The WBTC Large Multisig has a history of inactivity and dormancy. Until a process is put in place to continually ensure that these keys are being secured properly, WBTC holders should assume that there is a considerable risk of this multisig becoming compromised.
BitGo is a heavily regulated company. There is a very real risk that comes along with this. All BTC collateral supporting WBTC is subject to the jurisdiction of US regulators. If that collateral were to ever be seized or frozen due to legal action – or even due to the possibility of legal action – the market would likely value WBTC much lower than it values native BTC.
We have seen regulated actors in the crypto space take extreme measures out of an abundance of caution before. If BitGo executives are given a choice between freezing WBTC collateral or going to jail, I believe they will pick the former.
Aside from BitGo, every multisig signer is also operating in a regulated environment. If they were threatened, they could easily come together to indefinitely freeze all WBTC tokens in user wallets, making them effectively worthless.
As an aside, I should note that one party (Tom Bean of bZx) who is a signer on both the Large and Small multisigs is the subject of an ongoing CFTC enforcement action. Personally, I don’t like seeing this kind of regulatory action anywhere near a critical multisig such as WBTC’s.
Remember – thinking adversarially is not about only considering what is likely. It’s about considering what is possible.
Once you establish what’s possible, only then can you develop an adequate risk profile. Now that you have a better understanding of who you need to trust to use WBTC (and how much you need to trust them), you can decide for yourself how much trust you want to delegate to them.
Due to the above risks, based on my own risk profile, I do not suggest holding WBTC for extended periods of time. If you want to hold BTC, then hold BTC on the native chain. However, there obviously may be times when you find it useful to hold WBTC on the Ethereum chain for shorter periods for trading, staking, etc. If you find that the benefit outweighs the risk, then go for it, but always keep the above risks at the forefront of your mind when evaluating WBTC or any wrapped & tokenized asset.
If you found this information valuable and would like to see more Blec Reports, please consider an ETH donation to my Juicebox.
This is a complex topic and there may be unintentional errors or omissions in this post. If any updates or corrections are made to this post after publication, I will list them in this space. 👇