Statechains is the original layer 2 protocol originally developed by Ruben Somsen in 2018, depending on the Eltoo (or LN symmetry) recommendation. In 2021, variants of the original proposal were built by CommerceBlock. In 2024, the Mercury Layer established a further iteration of the original mercury plan.
The discussion of the Statechain protocol is more complex than other systems such as ARK or Lightning, because there may be a range of variation between the original proposed design (two actually implemented) and other possible proposed designs.
Like Ark, Statechains depends on a centralized coordination server to run. Unlike Ark, their trust model is slightly different from Vutxo in ARK batch processing. They rely on a coordination server to delete the sharing of previously generated private keys to remain trustless, but they provide strong security as long as the server follows a defined protocol and does this.
The overall idea of Statechain is to be able to transfer ownership of the entire UTXO between the different users promoted by the coordinator. There is no need to receive liquidity such as Lightning or coordinate servers to provide any liquidity, such as ARK.
First, we will look at the original protocol proposed by Ruben Somsen.
Original Statechain
Statechains is actually a pre-signed transaction that allows the current owner of Statechain to unilaterally withdraw the chain when needed, and the messages signed on the history prove in the password that past owners and recipients who sent the statechain to approve these transfers.
The original design was built on Eltoo using AnyPrevout, but the current plan on how to enable the same functionality leverages CheckTemplatewastie and CheckSigFromStack (a high-level explanation for this is at the end of the CheckSigsigFromStack article). The basic idea is a script that makes a pre-signed transaction cost any UTXO with that script and locks the appropriate amount of Bitcoin, rather than being associated with spending a single specific UTXO.
In this agreement, users who want to deposit coins into Statechain approach the coordination server and pass the deposit agreement. Deposit user Bob generates a key that will be uniquely owned by him, but also the second “temporary” key that will eventually be shared (more on the details). They then made a deposit transaction that locked the coins to the Dosig, which required the coordinator’s key and temporary signature.
Using this Multisig, Bob and the coordinator signed a transaction that costs coins and creates a UTXO, any other transaction that can be signed with a temporary key and any other transaction that is signed with an LN Symemetry, or the key of the LN Symestry, or the unique key of the Bob. Bob can now fund Multisig with the appropriate amount and creates Statechain.
To transfer Statechain to Charlie, Bob has to go through a multi-step process. First, Bob signed a message with his unique private key, which proves that he would transfer Starkine to Charlie. Charlie also had to sign a message to prove that he had obtained statistics from Bob. Finally, the coordinator server must sign a new transaction that allows Charlie to unilaterally declare the link before Bob sends Charlie a copy of the temporary key.
All of these are atoms made with adapter signatures. These are signatures that modify using random data that invalidates them, but can be valid again once the signature holder receives that information. All messages and new pre-signed transactions are signed by the adapter signature and make the atomic energy valid by publishing the adapter data.
The holder of Statechain must believe that the coordinator server will never conspire with the previous owner to sign that the statistics fund is closed immediately and steal funds from the current owner, but a pre-signed message chain can prove that the coordinator has participated in the theft if they do. If a past owner tries to steal funds using its pre-signed transaction, then using only the time search on the expenditure path of its key allows the current owner to submit a pre-signed transaction and correctly request funds on the chain.
Mercury and mercury layer
The original Statechain architecture requires soft forks to work. CommerceBlock designed a variant of its Statechains to function without a soft fork, but in order to do so, there is a trade-off in terms of functionality.
The basic idea is the same as the original design, all users have pre-signed transactions that allow them to unilaterally claim funds, and the coordinator server still plays a role in facilitating off-link transfers, which requires trusting them to be honest. The two main differences are how these transactions are signed and the structure of the pre-signed transaction users is given.
Where signatures are involved, there are no longer temporary private keys passed from the user to the user. Instead of this, a multi-level protocol (MPC) is used so that the original owner and the coordination server can collaborate to generate parts of the private key without any of them having a complete key. This key is used to sign pre-signed transactions. The MPC protocol allows the current owner and coordinator to conduct a second agreement with the third party, the transfer recipient, to regenerate Different works This adds up to the same private key. In the mercury and mercury layer protocol, after the transmission is completed, the honest coordinator server deletes the critical material corresponding to the previous owner. As long as this is done, it is no longer possible for the coordinator to sign a deal with the previous owners because the new key material they have is incompatible with the works that the previous owners may still have. As long as the coordinator is honest, this is actually a stronger guarantee than the original proposal.
The pre-signed transaction structure of mercury and mercury layers cannot use LN symmetry because there are no soft forks. Instead of this, CommerceBlock chose to use a reduced schedule. The original owner’s pre-signed transaction is a time period from the time period to a future period, starting from the creation point of Statechain. Since each subsequent user receives a Statechain during the transfer, the NLockTime value of the transaction is longer than the previous owner. This ensures that the previous owner cannot even try to submit transactions on the chain before the current owner, but it also means that at some point the current owner ends up at the end must Close its chain chain before previous owner transactions start to become valid.
The main difference between mercury and mercury layers is how these transactions are signed. For Mercury, the coordinator server simply sees the proposed transaction, validates it, and then signs it. The Mercury layer uses a blind signature protocol, which means they don’t actually see any details of the transactions they signed. This requires the server to track the statechains using anonymous records on the server, as well as the current owner’s special authorization key so that they can ensure they only sign valid transfers.
Synergy with other layers
Statechains can work with other layer 2 based on pre-signature transactions. For example, part of the original proposal implies a combination of Statechains and Lightning channels. Because both are just pre-signed transactions, the lightning channel that can be actually nested on the top of Statechain. This only requires the current owner’s unilateral export key as a multi-animal and creates a pre-signed transaction expenditure and then outputs to the Lightning Channel. This allows the lightning channel to be opened and the chain isolates completely.
In a similar way, it is possible to nest on top of vutxo in the ark batch. This requires only constructing the pre-signed transactions required by Statechain, thus spending Vutxo output.
Summarize
Statechains are not entirely trustless, but they are a very minimal program, very efficient liquidity and allow free transfer of UTXOS off-chain between any user willing to accept the Statechains trust model.
Although no original proposal has been established, two implementations of the business block design have been fully implemented. Neither of them achieved greater success except for their edge use in the real world. Is this due to the unwillingness of the user to accept the trust model involved, or is it just a failure of marketing or awareness, which is impossible to be completely certain.
In any case, given the symmetry that can be used on Bitcoin, there are two complete implementations and designs for more flexible changes, which is an option that is always here. The good thing about open source software is that it will always exist regardless of whether people use it now or not.
