Join ACCESS EU, the first-of-its-kind digital assets security and DLT summit
Halborn Logo

// Blog

Blockchain Security

The Security Challenge of Bitcoin Layer-2 Protocols


Rob Behnke

April 9th, 2024

Bitcoin and other Layer-1 protocols are independent blockchains. They have their own digital ledgers, consensus algorithms, and decentralized networks of nodes maintaining them. This design provides certain security benefits to them since a large, healthy network of miners or validators makes it more difficult for an attacker to rewrite the history of the network.

However, these Layer-1s also have their limitations. For example, Bitcoin has limited scalability, throughput (less than 10 transactions per second), high transaction fees, and limited programmability.

Layer-2 protocols are designed to address these limitations in various ways. All of these protocols are built on top of a Layer-1, like Bitcoin, and base their security on its security.

The Two Main Types of Bitcoin Layer-2s

Layer-2 protocols can be designed in a few different ways. Due to the nature of Bitcoin — and its lack of full smart contract support — there are two main types of Bitcoin Layer-2 protocols, including:

  • State Channels: State channels like the Lightning Network create a network of bi-directional payment channels between pairs of Bitcoin users. State channels are opened and closed via transactions on the Layer-1 Bitcoin network and can be used for instantaneous, cheap transactions.

  • Sidechains: Sidechains are independent blockchains that exist alongside the main blockchain and connect to it via a two-way peg. Users can transfer tokens between the mainchain and the sidechain, enabling them to take advantage of the advantages and features of each.

Other types of Layer-2 protocols are available on different blockchain platforms. For example, smart contract platforms often support rollups, a Layer-2 scaling solution that is not yet available on the Bitcoin blockchain.

The Layer-2 Security Challenge

Layer-2 protocols are designed to move some transactions off of the Layer-1 blockchain (Bitcoin, Ethereum, etc.). This can provide various benefits, such as improved scalability, transaction fees, transaction confirmation times, and available features.

Normally, moving transactions off of a Layer-1 protocol would be a bad idea. Layer-1 blockchains are designed to take advantage of consensus algorithms and networks of miners or validators to protect the blockchain against invalid transactions or malicious modifications. Each node in the network validates every transaction included within a block, and the consensus algorithm helps to ensure that only a valid version of the blockchain is accepted by the network.

More established Layer-1 blockchains offer much more security than a newer blockchain. For example, the cost of performing a 51% attack — controlling over half of the network’s mining power and using it to rewrite history — on the Bitcoin blockchain is estimated at over $3 million for a one hour attack. In contrast, an attack on many other, smaller blockchains can be performed for less than $1K.

The protections that Layer-1 protocols offer only apply to the data included within a block on the Layer-1 blockchain. Any information that isn’t included in a block — or securely summarized within it — lacks the protection of the Layer-1 consensus algorithm and chain of immutable blocks.

The main security challenge that Layer-2 protocols face is moving transactions and data off-chain without jeopardizing their security. By doing so, they get the best of both worlds, reducing the load on the Layer-1 blockchain while taking advantage of the security that it provides.

How Layer-2 Protocols Are Secured

Layer-2 protocols are a viable option because they inherit their security from the Layer-1 protocol that they are built on top of. The way that this is accomplished depends on the Layer-2 protocol in question.

How State Channels Are Secured

A state channel — like those used in the Lightning Network — creates a bidirectional payment channel between two users. This channel enables instantaneous, fee-less transactions between those two users.

State channels derive their security from a couple of factors. The first is that they are opened and closed via transactions recorded on the Layer-1 blockchain. The initial transaction funds the channel, specifying how much each participant is contributing to it and locking that Bitcoin until the channel is closed.

Between the opening and closing transactions are the state channel transactions. Each of these requires both the sender and the recipient to digitally sign a declaration of the updated state of the state channel, including the allocation of funds within it. Since these are the only two parties affected by an incorrect allocation, they’re the only ones that really need to consent to or confirm it.

Upon channel teardown, one of the users submits another transaction to the blockchain containing the latest version of the channel’s state. After this comes a challenge period where the other party can submit a newer version if their counterpart attempted to cheat. Since each update is sequentially numbered and digitally signed by each party, it’s easy to determine which is newer and impossible to dispute its authenticity.

By opening and closing state channels on-chain, Layer-2 protocols like the Lightning Network get many of the benefits of Bitcoin’s security. While depending on a challenge period for security isn’t perfect, it’s a common approach and provides numerous benefits.

How Sidechains Are Secured

Sidechains are blockchains that connect to another blockchain for security. Sidechains can take a few different approaches to inheriting the security of the mainchain.

For example, the Rootstock sidechain — which implements smart contract functionality for Bitcoin — bundles multiple transactions into a single Bitcoin transaction. This ensures that the bundled transactions have the same level of security as if they were performed directly on Bitcoin. Rootstock also supports merged mining, which enables simultaneous mining of Bitcoin and Rootstock blocks.

Other Bitcoin Layer-2 sidechains use custom consensus algorithms to tie themselves to the Bitcoin blockchain. For example, Stacks uses Proof of Transfer, which enables Stacks transactions to be settled on Bitcoin, while Liquid Network uses Strong Federation.


Layer-2 protocols are designed to combine the best of an established blockchain like Bitcoin and off-chain transactions. These protocols have the ability to dramatically expand the capabilities of Bitcoin while also taking advantage of Bitcoin’s security. By ensuring that, in some way, every transaction performed in a state channel or sidechain is recorded on Bitcoin, they inherit the security against 51% attacks offered by Bitcoin’s large pool of active miners.