##[ARFC] Add FBTC to Aave v3 Main Market on Ethereum

author: @ACI

created: 2024-11-25

Risk Parameters have been provided by Risk Services Providers and ARFC has been updated with that feedback 2024-12-03

Summary

The proposal aims to onboard Ignition’s FBTC, to the Aave v3 protocol Main Market on Ethereum.

Motivation

FBTC is a cross-chain BTC protocol that uses the Threshold Signature Scheme network to enable secure, decentralized Bitcoin scalability across multiple blockchains. By leveraging multi-party computation, FBTC strengthens bridge security, safeguarding user assets and ensuring robust cross-chain interoperability. This setup also integrates a cross-chain hub, allowing seamless BTC transfers while reducing issues linked to Bitcoin L2 growth.

This new asset will broaden opportunities for Bitcoin holders aiming to participate in DeFi on Aave v3. The introduction of FBTC offers users more flexibility in leveraging their Bitcoin, enhancing liquidity and driving increased engagement within the Aave protocol.

With $480M in total value locked (TVL), FBTC is emerging as a compelling solution in Bitcoin bridging, supported by its upcoming Chainlink Oracle integration to accelerate growth across EVM networks.

Aave is positioned to benefit from a material increase in AUM resulting from FBTC deposits. This capital is being sourced by from within the Ignition team’s network. Several sophisticated investors are looking to user Aave at size and some teams have built products specifical for investors in anticipationg of the Aave listing. The Ignition team is expected to provide incentives supporting Aave users directly and also strategy providers built on top of Aave. @TokenLogic has been coordinating with various prospective users to ensure there is adequate demand ahead of the listing.

Benefits of listing FBTC

With the evolving landscape surrounding wBTC, having alternative wrapped BTC tokens available for use on Aave is crucial. With Antalpha and Mantle serving as core contributors, Ignition strong reputations position this initiative as a credible alternative to wBTC. This collaborative effort has already garnered over $850 million in TVL.

The cbBTC listing has demonstrated how impactful an Aave integration can be for both parties involved. Aave successfully captured 74% of the cbBTC supply, showcasing the significant growth potential and mutual benefits such integrations can bring.

Liquidity commitments

FBTC current points campaign is focused on maximizing user engagement and incentivizing interactions within the DeFi ecosystem. As part of this initiative, they aim to highlight Aave by listing it in the featured section, providing prominent exposure to its offerings. Additionally, they plan to create a new DeFi lending category, with Aave being the inaugural protocol, further showcasing its significance in this space.

To enhance user participation, they will introduce boosted points under the Sparks program, with Aave receiving 2x-4x sparks by default; double the rewards compared to other protocols, which offer 1x-2x.

For a limited period, it will further amplify rewards by offering a 4x-8x sparks boost on Aave V3 instance, driving even greater engagement and usage.

Specification

Ticker: FBTC

Contract address on mainnet: 0xC96dE26018A54D51c097160568752c4E3BD6C364

Chainlink oracle: 0xF4030086522a5bEEa4988F8cA5B36dbC97BeE88c

Project: https://fbtc.com/

Reserves addresses: Bitcoin Reserve Address | FBTC

Proof of Assets dashboard: FBTC proof of assets dashboard

GitHub: GitHub - fbtc-xyz/fbtc-contract

Docs: https://docs.fbtc.com/

Audit: fbtc-contract/audits at main · fbtc-xyz/fbtc-contract · GitHub

Twitter: x.com

Risk Parameters have been provided by Risk Services Providers and ARFC has been updated with that feedback 2024-12-03

Disclosure

The ACI is not directly affiliated with Ignition and did not receive compensation for creation this proposal.

Next Steps

1. If consensus is reached on this [ARFC], escalate this proposal to the Snapshot stage.
2. If the ARFC snapshot outcome is YAE, publish an AIP vote for final confirmation and enforcement of the proposal.

Copyright

Copyright and related rights waived via CC0.

Summary

LlamaRisk supports onboarding FBTC as collateral on Aave Core Instance. We welcome diversity in wrapped Bitcoin offerings and believe Aave should remain protocol-agnostic, which aligns with recent tBTC and cbBTC integrations. The asset, launched <6 months ago, exists in locked and unlocked variants, with the locked version showing strong growth (6.6K BTC TVL vs ±350 BTC for unlocked). This integration would unlock new utility and growth potential for FBTC0 (non-yield bearing).

Primary risks center on liquidity concentrated in a single Uniswap LP (likely Ignition-affiliated) and restrictions limiting minting, burning, and transfers to “qualified users.” Governance operates through a 5/8 multisig with significant permissions and no timelock, with many signers being known, competent, and value-add ecosystem partners. The asset is entirely governed and custodied by a security council that has yet to be fully created, introducing risks from uncertainty and dependence on current contributors’ continued engagement. Custody risk is also to be considered, given that BTC on Bitcoin is held by a security council consisting of Cobo, Mantle, and Antalpha Prime.

The system architecture is well-designed, with planned improvements, including expanding qualified users to KYC’d CEX users and a liquidity incentives program, which should help with diversification. The multisig is controlled by reputable ecosystem partners, and an ImmuneFi bug bounty ($100K) is expected in mid-December.

Expand to reveal our full Collateral Risk Assessment

Collateral Risk Assessment

1. Asset Fundamental Characteristics

1.1 Asset

FBTC is a bitcoin wrapper developed by Ignition. It initially launched in May of this year on Mantle and Mainnet. It is designed to increase BTC usage within DeFi across various networks. Utilizing different strategies such as lending or liquidity provision, this asset offers additional use cases (yield) to a traditionally underutilized coin (in DeFi).

image1037×656 52.3 KB

Source: Ignition Proof of Assets Dashboard, 25 November 2024

The asset complies with the ERC20 standard and has 379 FBTC on mainnet and 292 FBTC on Mantle. There is also 47 FBTC on BNB Chain. It is 1:1 backed by BTC on the Bitcoin chain held in addresses with various security measures, including Threshold Signature Schemes and Multi-Party Computation (MPC) wallets.

The asset is a custodied offchain by a security council (more in Section 4) and can be brought on / off EVM chains through “Qualified Users”, who pass stringent KYB / AML checks. Smart contract permissions enforce this on EVM chains and MPC wallets enforce this on Bitcoin Chain.

The asset has two forms: FBTC0 (liquid) and FBTC1 (locked). This ARFC onboards FBTC0. FBTC1 is the locked, yieldbearing version of FBTC0 with a segregated, programmatic delineation between the two. FBTC1 is used in onchain DeFi strategies, and FBTC0 is held “naked”.

Most FBTC1 is held on Mainnet (see image above).

image712×678 51.1 KB

Source: GoPlus $FBTC Token Security Page, 25 November 2024

This asset is heavily concentrated at this time, with >80% of this asset being held by four addresses.

1.2 Architecture

FBTC operates through two primary components: a Bitcoin Chain deposit address and a mainnet minter, with access restricted to qualified users (entities that meet Ignition’s KYB requirements, including AML analysis, documentation, and industry-standard compliance, as verified by LlamaRisk’s General Counsel under NDA). The system employs three core workflows:

Minting Process:

• Qualified users deposit BTC and initiate a mint request
• Bridge Monitor verifies deposit and forwards to TSS gateway
• Multiple TSS nodes validate requests through risk controls
• FBTC minted upon validation

Burning Process:

• User initiates burn request through Bridge contract
• Bridge Monitor detects burn and sends a withdrawal request
• TSS nodes validate and process BTC withdrawal
• Bridge contract confirms completion

Cross-chain Transfer:

• User initiates bridge contract request
• FBTC burned on the origin chain
• TSS gateway validates and confirms the transfer
• FBTC minted on the destination chain

The system uses Chainlink’s Proof of Reserves to ensure 1:1 BTC backing. While the architecture is conceptually sound and prevents double counting, the qualified user requirement could impact arbitrage efficiency and DEX liquidity.

1.3 Tokenomics

FBTC’s tokenomics are straightforward. The number of FBTC in circulation is directly managed programmatically to ensure that the number of EVM FBTC is always backed 1:1 with BTC Chain BTC. No additional tokenomic considerations are at play with this asset.

2. Market Risk

2.1 Liquidity

image966×790 59.5 KB

Source: CoW Swap, 25 November 2024

Liquidity for this asset is good, with 7% slippage at a 620 FBTC / $55M trade size.

image2984×1546 184 KB

Source: Revert.Finance, 25 November 2024

The Uniswap V3 liquidity provision is staggered, preparing the asset for some potential depeg. All Uniswap liquidity is provided by one address that offers significant FBTC liquidity across many chains. This address was deployed by a Mantle address. Given Mantle addresses sit on the FBTC Security Council; it is unlikely that this liquidity will disappear as it would restrict product growth. Nevertheless, this high LP concentration presents significant risk as it may be immediately withdrawn, leaving liquidators unable to purchase and exchange FBTC collateralized in the protocol profitably.

This makes liquidity risk manageable in the short term but considerable if it does not improve in the future.

2.2 Volatility

image2016×1154 101 KB

Source: FBTC/WBTC via Coingecko Terminal , 25 November 2024

This asset has kept a tight peg on the value of underlying collateral.

2.3 Exchanges

image2710×1296 437 KB

Source: Coingecko FBTC, 25 November 2024

This asset is available on various decentralized exchanges, especially on Mantle. The majority of liquidity on Mainnet is paired to WBTC and held in one pool. This presents some degree of concentration risk in a black swan event. Liquidators may struggle to profitably buy collateral and swap it if the WBTC/FBTC pool goes out of range of the configured LP tick. Notably, no centralized exchanges are trading FBTC.

2.4 Growth

image2020×1144 125 KB

Source: FBTC/WBTC via Coingecko Terminal, 25 November 2024

FBTC has enjoyed limited growth when denominated in BTC prices. 2 BTC have been added to its market cap, an increase of 0.2% in BTC terms. Nevertheless, in USD terms, the asset has grown by ±$23,000,000.

3. Technological Risk

3.1 Smart Contract Risk

This asset has been audited three times. Neither BlockSec, MixBytes, nor Secure3 found any high or critical issues. This indicates a team with robust development practices, reducing smart contract risk.

No bug bounty is currently active. The Ignition team is working to have one running through ImmuneFi by mid-December. It will, on launch, be $100K for critical smart contract findings and Ignition reports. This is likely to increase as FBTC grows in adoption.

3.2 Price Feed Risk

An FBTC/BTC exchange rate Chainlink Feed is available. This robust oracle posts the exchange rate of BTC to FBTC onchain for smart contracts. Given its onchain, verifiable, programmatic data source, it is more robust than any web2-based pricing solution.

Chainlink Proof of Reserves verify that the asset is more than 1:1 backed, but this does little to price the asset in dollar terms. It is not enforced at minting. It functions through Blocksec, an onchain security firm that counts the amount of BTC held in FBTC contracts. This is shared to Chainlink via an API, with 10 nodes then posting this data to an aggregator contract. It introduces a dependency on Blocksec attesting the correct ratio of Bitcoin.

Given that all mainnet liquidity is paired with WBTC in a Uniswap pool, this is not a suitable oracle. An exchange rate oracle may be used in line with other wrapped Bitcoin assets on Aave. This presents some friction for liquidations should “qualified users” not be able to redeem / mint the asset and, therefore, risk.

3.3 Dependency Risk

This system has a variety of dependencies:

• Architectural
  Significant technological dependencies exist in this system architecture, including Threshold Signature Schemes, Bridge Monitors, and Bridge Contracts. The system may function in an unintended way if any of them fail.
• Custodian
  This Bitcoin is custodied on Bitcoin chain. This introduces custodian risk.
• MPC
  EVM chain contracts are managed by Cobo MPC wallet. This introduces a dependency on the continued operation of this wallet. Many assets use this MPC solution.
• PoR
  FBTC benefits from the continued operation of the Chainlink PoR. Our eyes believe its continued operation is necessary for this asset’s maintenance.
• Qualified users
  “Qualified users” are a significant dependency in this system. Given the difficult nature of becoming one, few will achieve this status. This results in a concentration of those able to mint / burn / transfer the asset, potentially reducing FBTC velocity. The FBTC system is dependent on these qualified users.

While these dependencies present risk, they are not so great that we cannot recommend onboarding the asset.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

This asset has no onchain governance. Ignition has yet to make plans to decentralize asset management. Should these change, Ignition has indicated that they will inform LlamaRisk (who will monitor this matter).

Instead, the asset is entirely managed by Ignition. This team is largely based in Singapore and Hong Kong. Singapore, which is known for being one of the more forward-thinking cryptocurrency regulatory regimes, has no existing DeFi specific laws. Nonetheless, Singapore’s Monetary Authority (MAS) is paying more attention to decentralized finance—uncertainty stemming from limited clarity results in risk.

Hong Kong is likewise similarly unclear on Decentralized Finance legislation. While not the most hostile jurisdiction to cryptocurrency activity, limited clarity on this issue in Hong Kong once more introduces regulatory risk.

A security council consisting of Cobo, Mantle, and Antalpha Prime currently runs TSS nodes and is responsible for Bitcoin custody MPC utilizing contracts. This introduces additional counterparty risk. It is worth mentioning that Cobo and Mantle are established DeFi actors with a long history of good faith contributions. Antalpha Prime appears to be in part owned by BITMAIN and ANTPOOL, both Chinese cryptocurrency mining entities collectively responsible for >25% of Bitcoin’s hash rate. This introduces risk driven by these entities’ obscurity, mitigated by the clear council power limits detailed in protocol documentation. This security council is expected to grow in membership, presenting further uncertainty risk.

4.2 Access Control Risk

The FBTC system employs a 5/8 GnosisSafeProxy ownership model across its core contracts with significant permissions:

FBTC Contract Powers:

• Pause functionality
• Qualified user management
• Ownership transfer
• FBTC rescue capabilities
• Fee structure modifications
• Parameter adjustments

Bridge Contract Powers:

• Qualified user management
• Contract pausing
• Fee parameter control
• Ownership transfer
• Self-upgrade capability

Minter Contract Powers:

• Role management
• Mint request confirmation
• Ownership transfer
• Bridge address modification
• Self-upgrade capability

The Safe signers include several addresses associated with the Mantle deployer and ecosystem partners. While the system clearly documents roles and permissions, it lacks timelocks and concentrates significant control in a single Gnosis Safe.

This introduces centralization risk - a compromise of sufficient signer addresses could affect the entire system. While the 5/8 threshold provides some security, the concentration of critical permissions in one Safe presents notable risks. Therefore, the access control risk is high but actively managed through multi-signature requirements.

Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.

Aave V3 Specific Parameters

We will present joint parameters recommendations with @ChaosLabs. LlamaRisk suggests parameters aligned with other, growing wrapped BTC assets, with some LT/LTV premium accounting for the centralized and developmental ownership.

Price feed

Like tBTC and cbBTC, we propose using the BTC/USD Chainlink feed as a price oracle. This is the most reliable, decentralized solution available, and that will provide accurate pricing in times of stress.

Disclaimer

This review was independently prepared by LlamaRisk, a community-led non-profit decentralized organization funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.

The information provided should not be construed as legal, financial, tax, or professional advice.

@TokenLogic supports the proposed integration of FBTC into the Core instance of Aave v3. After spending some time discussing the near term roadmap for FBTC with Ignition, we present some other considerations complimentary to the risk analysis provided by LlamaRisk and Chaos Labs.

We expect the following from onboarding FBTC:

• Over 300M stablecoin debt at competitive market rates;
• Incentives for users who deposit FBTC;
• Enhance liquidity upon ByBit listing; and,
• Ignition Aave deployment with stablecoin supply.

Provided reasonable borrowing conditions exist, we expect strong FBTC adoption on the Core Market.

There exists considerable upside via deploying a dedicated instance of Aave that has both stablecoin liquidity and FBTC commitments being progressed. Further details are to emerge when the TEMP CHECK is submitted for governance consideration.

Given the information from @TokenLogic there seems to be a chance for the DAO to capture some good revenue with fBTC and maybe a dedicated market for Ignition.
Although the DAO is currently voting on having a 3 instance based system, if there are good reasons to create a market outside of this I would be fine. As long as the rationale behind it is good enough to justify it towards the DAO.

Overview

Chaos Labs supports listing FBTC on Aave V3’s Ethereum Main instance. Below is our analysis and initial risk parameter recommendations.

Technical overview

FBTC is a BTC wrapper by Ignition that allows holders to participate in DeFi activities. As described in its documentation, the token is minted by users depositing native BTC to a custodial address (each “qualified user” is assigned their own) and initiating a mint request with the Bridge contract; the Bridge Monitor then detects the minting request and sends the request to the TSS Gateway, which initiates a contract to confirm minting, after which, TSS Nodes (using independent risk control systems) co-sign using the MPC algorithm to create a transaction signature. Following these procedures, the FBTC token is minted. Redemptions work in a similar, reversed flow, as shown below.

image - 2024-12-04T000749.5641920×1080 80.7 KB

The FBTC protocol employs custodial addresses, managed through Multi-Party Computation (MPC) and Multi-Signatures, to maintain the security of the assets backing FBTC. The protocol also utilizes Chainlink’s Proof of Reserves (its total native BTC backing, including FBTC1), which can be found here for Ethereum. This aims to provide real-time verification of reserve assets.

image - 2024-12-04T000753.4011284×786 26.8 KB

FBTC employs a different fee structure based on the type of operation. Minting FBTC incurs no fee (0%), with an average request completion time of approximately 4 hours. In contrast, burning FBTC is subject to a variable fee structure that starts at 0.2% and decreases for larger amounts, alongside a flat fee of 0.01 FBTC. Burn requests typically take significantly longer to process compared to minting, making arbitrages of a downside deviation impractical. For cross-chain transfers between EVM-compatible networks, a fixed fee of 0.0001 FBTC is applied, enabling cost-efficient arbitrage opportunities across chains.

image - 2024-12-04T000756.2281417×473 10.9 KB

The token contract on Ethereum is currently controlled by a 5-of-8 Gnosis Safe multisig. Since September, the multisig has only completed one transaction, adding destination chains to the FireBridge contract, which also maintains the qualified users’ list.

FBTC Backing Exposure

There are two forms of the asset: FBTC0 and FBTC1; the two assets represent circulating and deposited assets, respectively. FBTC0 is the standard, fully liquid FBTC token backed 1:1 by BTC in Ignition’s custody. Conversely, FBTC1 represents FBTC that has been deposited into a protocol, effectively transferring custody of the underlying BTC to the protocol’s strategy address. This conversion occurs when a user deposits FBTC into a protocol (e.g., Avalon, Pump, Solv), which withdraws the corresponding Bitcoin from the FBTC contract to its strategy. FBTC1, therefore, is not “locked” in the traditional sense; rather, it serves as a representation of the protocol’s BTC owed to the FBTC ecosystem. When users withdraw their FBTC from the protocol, the underlying Bitcoin must be returned to the FBTC contract, converting FBTC1 back to FBTC0. This design makes FBTC1 a dynamic measure of FBTC utilized in DeFi protocols, indirectly reflecting protocol adoption and TVL.

image - 2024-12-04T000759.6941920×1080 70.1 KB

Thanks to the dynamic mint and burn flow of FBTC1, the risks stemming from the partners’ contracts are isolated from the FBTC0 token. During a hack of a partner protocol, if the underlying BTC is stolen, the partner protocol is unable to convert the FBTC1 back to FBTC0, hence not inflating the FBTC supply relative to the backing. Meanwhile, if the partner’s Ethereum contracts get hacked, the FBTC1 is likely to be the asset stolen, which cannot be redeemed to FBTC0 without having control of the underlying BTC assets in the partner’s strategy address.

On the other side, this dual-token system offers significant benefits to FBTC, ensuring that the supply deposited into partners’ vaults, such as restaking, does not get redeemed and converted to a different wrapped BTC asset prior to the redemption from the users.

This ARFC is intended to onboard FBTC0, and currently, the plurality of FBTC0 are on Ethereum, followed by Mantle. While FBTC1 is deposited into DeFi protocols, it still represents accessible TAM for the Aave protocol.

image - 2024-12-04T000802.3331103×721 29.2 KB

Market Cap and Liquidity

FBTC’s market cap has grown consistently on Ethereum since September 2024. While the FBTC0 supply on the chain has remained stable, fluctuating between 1200 and 385, the FBTC deposited into DeFi protocols (FBTC1) has shown strong growth, reaching a peak of 8100 FBTC.

image - 2024-12-04T000807.4621200×800 54.6 KB

The entirety of the asset’s liquidity is concentrated within 2 WBTC/FBTC Pools on Uniswap V3. Both pools are recognized by Odos, although the 0.01% WBTC/FBTC pool is the largest and facilitates the vast majority of volume.

image - 2024-12-04T000811.2241656×1048 60.6 KB

This 0.01% pool is currently skewed, with 100.76 WBTC and 27.67 FBTC, indicating sufficient liquidity for FBTC. The 0.3% pool, on the other hand, has just 0.99 WBTC and 87.66 FBTC.

image - 2024-12-04T000814.1031058×292 20.7 KB

Overall, the asset maintains a total TVL of $20M between the two pools, of which $10M is in WBTC buy-side liquidity. The DEX liquidity of FBTC is increasing steadily, even though the asset’s liquidity is provided by a singular entity that we were able to identify as Ignitia. Its average daily trading volume across all venues over the last 180 days was $26.7M.

image - 2024-12-04T001115.5331200×800 45 KB

Volatility

Relative to BTC, FBTC has a 30-day annualized volatility of 7.96%, down from 12.14% over the past 180 days.

image - 2024-12-04T001120.6841500×500 61 KB

This is slightly high for a pegged asset, though the decreasing volatility is a positive sign that the asset’s pricing is improving even as BTC volatility has increased. FBTC has displayed no persistent discounts relative to WBTC in its primary Uniswap pool.

image - 2024-12-04T001123.5861654×1120 71.7 KB

LTV, Liquidation Threshold, and Liquidation Bonus

Given the volatility relative to BTC, we recommend a Liquidation Bonus of 7.5%, an LTV of 73%, and an LT of 78%, aligned with other BTC wrappers like cbBTC on Base.

Supply and Borrow Cap

Chaos Labs’ typical approach to setting initial supply caps involves setting the supply cap to 2x the liquidity available under the Liquidation Bonus. This leads us to a recommendation of 200 FBTC, more than 50% of supply on Ethereum. While we normally would not recommend setting it higher than 50%, the fact that FBTC1 can be burned into FBTC0 means that the asset’s “true” on-chain supply is significantly higher than the 390 FBTC figure.

Thanks to its prolific utilization within restaking protocols, FBTC represents a prime asset for borrow demand to be utilized within the DeFi ecosystem. Hence, we recommend setting a borrow cap of 50% of the proposed supply cap.

Interest Rate Curve

Given the current absence of BTC LRTs on Aave, we anticipate limited initial demand for FBTC. As such, we recommend setting the UOptimal at 45% to reflect expected utilization rates, with plans to increase this value following the listing of additional BTC assets.

Additionally, we suggest aligning the Interest Rate Curve for FBTC with that of WBTC, as the two assets are expected to exhibit comparable demand dynamics.

Oracle Configuration/Pricing

Below is a chart of the FBTC/BTC Chainlink exchange rate, showing numerous surges in the exchange rate likely derived from minting and burning delays in which FBTC’s reserves exceed its supply. The spikes make this exchange rate infeasible to use, as users borrowing the asset could be liquidated in the event of an exchange rate spike that is not indicative of the asset’s value changing.

Given all the risks outlined previously in this post and the unfeasibility of using the FBTC/BTC Chainlink exchange rate, it is preferable to price the asset using the BTC/USD market oracle.

image - 2024-12-04T001126.8421200×900 50.5 KB

Specification

Following the above analyses, we have aligned with @LlamaRisk on the following parameter recommendations:

Disclaimer

Chaos Labs has not been compensated by any third party for publishing this ARFC.

Copyright

Copyright and related rights waived via CC0

Thank you @LlamaRisk and @ChaosLabs .

We have escalated the proposal to ARFC Snapshot.

Vote will start tomorrow, we encourage everyone to participate.

After Snapshot monitoring, the current ARFC Snapshot ended recently, reaching both Quorum and YAE as winning option, with 383K votes.

Therefore, the [ARFC] Add FBTC to Aave v3 Main Market on Ethereum has PASSED.

Next step will be the publication of an AIP for final enforcement and confirmation of the proposal.