Layer 2 Bitcoin Wallet
Send and Swap Bitcoin Privately

A statechain is a cryptographic structure that consists of a chain of digital signatures transfering ownership of a specific statecoin between owners. Similar to a blockchain or sidechain, the statechain acts as immutable cryptographic proof of ownership and a proof that a statecoin has not been double spent.

A statecoin is a specific amount of Bitcoin that has been deposited to an address where the corresponding private key is split between the depositor and the Mercury server (or 'statechain entity') and the depositor holds a time-locked 'backup transaction' that allows them to claim full control of the coin after a specified locktime. The full private key of the statecoin is never known by any party, and both the owner and the statechain entity must cooperate to sign a transaction.

The statecoin address (derived from a shared public key) is generated in a multi-party-computation (MPC) between the depositor and the Mercury server as part of the deposit process. Each party then holds a share of the full private key, but the full private key is never known to anyone, however they can both cooperate in a second MPC to generate a valid signature on a spending transaction.

The receiver of a statecoin generates a 'statecoin address' (which is a Bech32 encoded public key with an 'sc' prefix) from their Mercury wallet. The sender then enters this address into their wallet which cooperates with the Mercury server to generate an encoded 'transfer message'.

The transfer message includes a signed backup transaction that superceeds that of the previous owners (it becomes valid sooner), cryptographic proof of ownership, and a blinded key transfer value. The receiver then verfies the transfer message in their wallet and the transfer is completed with the server. The server private key share is updated so that only the reciever's new private key share can be used to sign valid transactions with the server, and the sender private key share becomes invalid.

Any statecoin can be withdrawn by the owner to any standard Bitcoin wallet address at any time from the Mercury wallet. The wallet and the Mercury server cooperate to sign a valid withdrawal transaction using their private key shares, which spends the statecoin to the specified Bitcoin address.

In the Mercury protocol, the Mercury server securely deletes expired private key shares (via Intel SGX based HSM) while it never has custody or control over deposits and cannot be compelled to confiscate or freeze funds. If the Mercury server disappears or is uncontactable then the owner will have to wait until the lock-time of their backup transaction to regain full control of the coin.

All Mercury server key share generation and cryptographic operations are performed within the Mercury Lockbox, which is run as a secure enclave on trusted hardware using the Intel SGX system. This means that even the statechain entity operators cannot view or determine the Lockbox private key shares, and they can be securely deleted after transfer.

Equal value statecoins can be swapped with other anonymous users via a blinded swap protocol to increase privacy. The Mercury wallet can automatically perform swaps with other anonymous users by joining swap groups via the Mercury swap conductor, and the Mercury wallet interface provides information on the privacy status of each statecoin in the wallet.