Fedimint: Scaling Bitcoin for Billions of People?
Fedimint is an open-source community custody protocol to scale Bitcoin for billions of people!
How does Fedimint work and what are its benefits and trade-offs?
Not Everybody Can Afford a Lightning Channel in the Future!
As the Bitcoin ecosystem grows, the blockchain transaction fees are expected to go higher.
Unfortunately, 8 billion people in the world can't afford to all have their own Lightning channels!
3rd party custodians have so far filled in the demand:
Centralized exchanges, custodial Lightning wallets, ETFs..
But these solutions bring in counterparty risk and single point of failure.
Federated Chaumian E-Cash
Fedimint reduces this risk with its federated Chaumian e-cash model.
Users' bitcoin is held in a federated multisig operated by "guardians".
These guardians issue e-cash vouchers denominated in sats to the users of a specific Fedimint federation.
I wrote a post about Cashu and e-cash a while ago where the workings of e-cash are explained in more detail: #688053
Issued e-cash can only be transacted within the federation, but with the help of Lightning Network gateways, it can be sent between different Fedimint federations.
Fedimint Bitcoin is an IOU, Not Real Bitcoin!
Although federations are interoperable with Lightning, the guardians can still collude and take users' funds!
If you want to withdraw on-chain, you need the federation's permission.
Effectively, Fedimint bitcoin is an IOU (or weOU) and not real bitcoin!
Not your keys, not your coins!
It's like a community bank or a credit union!
From 3rd Party Custody to "2nd Party Custody"
However, the benefits could outweigh the trade-offs.
If you're already using a hardware wallet or running Lightning nodes, maybe Fedimint is not for you.
The target group for Fedimint federations are the masses who rely on centralized exchanges and 3rd party custody.
Fedimint introduces "second-party custody": instead of trusting a 3rd party company to store funds, federation members can trust individuals who they have a prior relationship with.
These could be family members, friends, tech-savvy people in a community etc.
Federation guardians who have a lot of social capital at stake might be less incentivized to run away with users' funds.
In many developing countries, financial services are already often run by local associations to carry out savings, credit and commerce.
Trust is a great way to scale.
Trust isn't inherently bad.
It just matters who you trust.
Fedimint is meant to scale Bitcoin by eventually having hundreds of thousands of federations that communicate with each other via Lightning gateways.
Know Your Federation!
If one federation becomes too large, the rug pull risk might grow.
For this reason, it's important to know which federation you're joining.
Instead of KYC, it's KYF (Know Your Friend, Family, Federation)!
Larger federations might be better for privacy, whereas smaller ones fit better for custodying funds.
To hedge against the risks, you could reduce your time and transaction amounts in larger federations etc.
The idea behind Fedimint (using Chaumian e-cash in a federated way) was first conceived and implemented by Eric Sirion in mid-2021.
Today, a team of contributors work on the protocol to develop it further.
How to Join a Fedimint?
No phone number, email or KYC is needed.
Then you can request sats by depositing a Lightning payment.
Once you have the "fedi-bitcoin" in the federation, you can interact with other federation members instantly and without any fees.
Because of the blind signatures in the e-cash protocol, the transactions are also private within the mint.
E-cash is a digital bearer asset on your device, so you can also transact with it offline.
Once the receiver is back online, the wallet software makes sure the sats have not been double-spent, and credits the receiver's e-cash balance.
Fedimint Guardians
Fedimint requires a set of guardians to establish the federation, hold the keys to the Bitcoin multisig, and to custody the hardware that runs the Fedimint nodes.
Each Fedimint node can be a lightweight Bitcoin node, e.g. a pruned node.
However, there would be a linear growth in the storage requirement the more e-cash is being spent and redeemed.
Fedimint federations are designed to be Byzantine Fault Tolerant (BFT), and resilient to "m" number of malicious nodes in a federation of 3m + 1.
That means that a federation of 4 guardians is resilient to 1 malicious guardian, a federation of 7 guardians to 2 etc.
A federation can still operate even if a minority of guardians disconnect from the network.
If a majority of guardians are offline, the consensus protocol will halt its operation until a quorum is back online, at which point the protocol execution can continue.
Private Balances and Transactions
Besides distributing 3rd party custody, Fedimint e-cash has privacy benefits.
Guardians don't have a view on federation members' transactions or balances.
Knowing the exact bitcoin balance of all community members could be troublesome for security reasons!
Fedimints could therefore be used for coinjoins, and since the protocol is private by default, it could defeat the KYC surveillance system!
Lightning Gateways Make Fedimints Interoperable
Federation guardians don't need to run Lightning nodes.
Any user can act as a Lightning gateway, and generate a profit by charging fees from converting Lightning sats to e-cash and vice versa via HTLCs (hash time-locked contracts).
Without Lightning, fedimints would have limited utility because they wouldn't be interoperable with the rest of the Bitcoin ecosystem.
Fedimints are like little islands, and Lightning gateways are the bridges that connect them.
There could be thousands, millions or even billions of Fedimint users, but only hundreds or thousands of actors running Lightning services.
Fedimints can also boost demand for Lightning service providers, which could in turn increase liquidity in the Lightning Network.
"Temporary Private Money Storages"?
To mitigate the rug pull risk, users should choose their federation wisely, and consider the amount of funds they lock in a federation.
Also, the time duration to store the funds is a question to consider.
Maybe treat fedimints as "temporary private money storages"?
Federations could be audited by creating new standards, or by implementing "automated bank runs" regularly to check if federations' assets and liabilities match.
To protect users, maybe wallets could let users automatically withdraw after a specified time?
No Profit for Guardians, No KYC?
Will federation guardians be forced to perform KYC to the federation members?
This is an open question, but some argue that if the guardians don't make a profit from running the federation, they could be exempt from performing KYC.
You don't need a license to custody your child's piggy bank either, right?
This could save smaller federation communities from strict regulation standards.
The Lightning gateways represent the economic actors in the system, but they operate outside the Fedimint protocol.
It remains to be seen though whether the first major rug pull (it will eventually happen, right?) would stoke discussion whether the sole custodying (without generating a profit) would require some kind of a permit.
Also, a "shotgun KYC" is possible: federations can grow larger, and then by government pressure require KYC from users in order for them to be able to withdraw funds.
Modules for "Trusted Smart Contracting"
The Fedimint protocol enables various "modules" for financial services within the federation.
By default, these are Bitcoin, Lightning and Chaumian e-cash.
But it can also enable "trusted smart contracting".
Theoretically, you could build e.g. a P2P exchange, lending, automated market makers, stability pools, prediction markets, oracles, encrypted password management or social communication inside a Fedimint federation.
A fedimint can execute any command in exchange for sats.
The federation could offer a hosted access to an AI model for its members.
Or a Nostr account for communities with federated signing keys.
Or a community Nostr relay.
Fedimint is an open protocol and no permissions are needed to build new modules and business models.
Federations can be seen as online spaces where members can use their phone to send each other messages and money, and store sensitive individual or community data in an encrypted manner.
Sharded Data Back-Up
If a federation member loses her phone, or access to her funds or data within the Fedimint, the federation can help recover it.
Fedimint uses Shamir's Secret Sharing for data back-up:
This allows data to be broken up to shards.
These shards can be placed with different parties, and reassembled only if a threshold of shards can be found.
You can think of the process as an encrypted password back-up to a mini private Dropbox or Google Drive run by the federation.
Building on the recovery process, Fedimint federations could help with estate planning and inheritance, so that the funds and data would be available at one's passing.
You could set up a federation for your family Bitcoin treasury and act as an Uncle Jim preserving generational wealth across geographical boundaries and multiple people and devices!
Testing Environment for Bitcoin?
Ideally, federations have relatively few guardians because having more nodes in the protocol makes its execution slower.
With future upgrades, Fedimint could have more guardians than many proof-of-stake blockchains have nodes, and could thus provide a more decentralized alternative to many smart contract blockchains.
The programmable environment within fedimints could also provide a testing ground for experimentation and for possible soft forks for Bitcoin.
"Bitcoin Adoption Technology"
Fedimint is a step away from centralized exchanges, but self-custodying your bitcoin is still the best option!
Fedimint can be seen as "Bitcoin adoption technology".
Once federation members collect more sats, they will hopefully "graduate" to self-custody.
Maybe they will even become federation guardians for other new Bitcoin users in their circles!
Are you "fedipilled"?
What do you think about the protocol?
Will it help scale Bitcoin or will rug pulls galore and everybody will lose their money?