Writz Protocol — Technical Architecture Overview
Version: 0.1 (draft — pending Phase 0 validation) Last updated: 2026-06-22 Status: Preliminary — subject to change after Phase 0 benchmarksSystem Architecture
Writz Protocol operates across two blockchains: Bitcoin and Stellar. The architecture is designed to be trustless on the verification layer while using Stellar’s ZK infrastructure to make positions private.Component Breakdown
1. P2WSH Locking Script (Bitcoin)
The BTC locking mechanism lives entirely on Bitcoin. It is a Pay-to-Witness-Script-Hash (P2WSH) address whose redeem script encodes two spending conditions using Bitcoin Script. Script design (simplified):- Both the protocol and the user sign the release transaction
- This is triggered when the user repays their USDC loan
- The Soroban contract generates the co-signature upon verifying repayment
- After a predefined locktime (e.g., loan maturity + 30 days), the user can spend without the protocol’s signature
- Protects users if the protocol becomes unavailable
2. Bitcoin SPV Contract (Soroban)
The core of Writz’s technical innovation. A Soroban smart contract that verifies Bitcoin transactions cryptographically. Approach: Stateless SPV Rather than maintaining a chain of Bitcoin block headers on Stellar (expensive, creates relayer dependency), Writz uses stateless SPV: the caller provides the relevant headers at verification time, and the contract verifies them without storing state. Core functions:SHA256d(double-SHA256): Bitcoin’s primary hash function — used for block hashes, txids, Merkle tree nodes- Merkle proof verification: O(log n) SHA256d operations for n transactions in the block
- Block header PoW verification: check that
SHA256d(header) < target - Header chain continuity: verify each header’s
prev_block_hashmatches the previous
summa-tx/bitcoin-spv Rust library provides all these functions. The Soroban port will adapt this library.
3. ZK Privacy Layer (Soroban + Protocol X-Ray)
Writz uses Stellar’s Protocol X-Ray to implement zero-knowledge proofs that hide position details. What is hidden:- The collateral amount (how much BTC a user deposited)
- The loan amount (how much USDC was borrowed)
- The health ratio (how close a position is to liquidation)
- The user’s identity (positions are identified by ZK proof, not public key)
- Total protocol TVL (aggregate, not individual)
- Total USDC outstanding (aggregate)
- Liquidation events (that a liquidation occurred, but not who or how much)
4. PrivateLend Contract (Soroban)
The lending logic that sits above the SPV and ZK layers. Key parameters (to be finalized in Phase 0):- Collateralization ratio: 150% minimum (BTC value must be 1.5x the USDC borrowed)
- Liquidation threshold: 120% (position liquidated if BTC/USDC ratio drops below this)
- Liquidation penalty: 10% (liquidator receives a 10% discount on the BTC)
- Borrow rate: variable, determined by utilization ratio (similar to Blend/Aave)
- Supply rate: borrow rate × (1 - protocol fee percentage)
- Protocol fee: 15–20% of interest spread
- A keeper bot continuously monitors positions (it has access to private position data via operator key)
- When a position drops below 120% collateralization, the keeper submits a ZK proof that the position is liquidatable — without revealing the specific amounts
- Anyone can liquidate by providing the proof
- Liquidator pays USDC, receives protocol co-signature for BTC release + 10% bonus
5. USDC Liquidity Pools (Stellar native)
The supply side of PrivateLend. USDC lenders deposit into pools and earn yield. This is standard Stellar asset mechanics — no novel engineering required.- Lenders supply USDC → receive interest-bearing receipt tokens
- Borrowers draw from these pools against their BTC collateral
- Interest accrues continuously; claimable at any time
6. Open SDK
A Rust crate that wraps the SPV verification logic, making it consumable by any other Soroban developer.Data Flow — Full User Journey
Deposit + Borrow
Repay + Withdraw
Liquidation
Security Considerations
Bitcoin-side risks
| Risk | Mitigation |
|---|---|
| Bitcoin reorg (chain reorganization) | Require 6 confirmations — a 6-block reorg is extremely rare (has not happened in Bitcoin’s history) |
| P2WSH script bug | Formal verification of locking script; multiple independent reviews |
| Protocol key compromise | Use MPC (multi-party computation) or HSM for protocol co-signing key |
Soroban-side risks
| Risk | Mitigation |
|---|---|
| SPV contract bug | External audit; stateless approach limits attack surface |
| ZK proof soundness failure | Use battle-tested Groth16; rely on Stellar’s Protocol X-Ray rather than custom circuits |
| Oracle/price feed manipulation | Use median of multiple price oracles (Pyth, DIA, Stellar native) |
| Interest rate model edge cases | Stress-test model against historical volatility; cap max borrow rate |
Economic risks
| Risk | Mitigation |
|---|---|
| BTC price crash → mass liquidations | Conservative 150% collateral ratio; liquidation discount creates keeper incentive |
| USDC supply drought | No minimum borrow guarantee; utilization-based rates auto-adjust |
| Keeper failure (no liquidations) | Open liquidation — anyone with USDC can liquidate an eligible position |
Technology Stack
| Component | Technology |
|---|---|
| Stellar smart contracts | Soroban (Rust) |
| ZK proofs | Noir circuits + Groth16 via Protocol X-Ray |
| Bitcoin SPV library | summa-tx/bitcoin-spv (Rust) — adapted |
| Bitcoin scripting | P2WSH (Phase 1) → Taproot (Phase 3) |
| Frontend | React/Next.js |
| Bitcoin wallet | Xverse (via PSBT standard) |
| Stellar wallet | Stellar Wallets Kit (Freighter, Lobstr, others) |
| Price oracles | Pyth Network + DIA (multi-oracle median) |
| Header service | Custom Node.js service connecting to Bitcoin full node |
Last updated: 2026-06-22 — This document is preliminary. Architecture will be updated after Phase 0 benchmarks confirm feasibility of SPV in Soroban.