🛠️ On-Chain Contracts & Message Formats

WORK IN PROGRESS - CHANGES EXPECTED

Overview

KAT Bridge uses two sets of contracts:

  • L2 Bridge Contract (Kasplex EVM):

    • Manages attestations from relayers for deposits (L1 → L2).

    • Auto-mints ERC-20 equivalents once all 5 attestations are present.

    • Stores the set of attestor addresses, which are upgradable via on-chain governance.

  • L1 Release Logic (Kaspa):

    • Validates FROST group signatures for withdrawals (L2 → L1).

    • Releases KRC-20 tokens only when a valid signature from the threshold of relayers is presented.

    • Enforces the “single public key” requirement of KRC-20 transfers by verifying against the aggregate FROST public key.

L2 Bridge Contract (Kasplex EVM)

Core Responsibilities

  • Accept attestation calls from the 5 designated attestor addresses.

  • Ensure all attestations for a given event agree on the same event hash.

  • Once all 5 attestations are recorded, automatically mint the ERC-20 representation to the recipient.

  • Allow governance to update the attestor set if necessary.

Message Format: Attestation

Each attestation includes:

  • eventId – deterministic identifier for the deposit (derived identically by all relayers).

  • eventHash – canonical hash of the deposit payload (ensures all attestations match).

The contract enforces that the first attestation defines the eventHash, and subsequent attestations must match it.

L1 Release Logic (Kaspa)

Core Responsibilities

  • Accept a withdrawal event from L2 (detected and validated by relayers).

  • Verify the FROST group signature against the aggregate public key.

  • Release KRC-20 tokens to the recipient if and only if the signature is valid.

Message Format: Withdrawal

Each withdrawal message signed by the relayers includes:

  • eventId – deterministic identifier for the withdrawal.

  • recipientL1 – Kaspa address to receive tokens.

  • amount – tokens to release.

  • nonce & expiry – prevent replay and enforce uniqueness.

Why a Single Public Key?

Kasplex’s KRC-20 Data Insertion Mechanism requires a single public key at the top of the stack.

  • Traditional M-of-N multisig wallets are invalid for KRC-20 transfers.

  • FROST enables KAT Bridge to maintain a single aggregate public key on-chain, while distributing signing power across 5 independent relayers off-chain.

Event Identifiers

  • eventId is a unique identifier deterministically computed by all relayers from the transaction and metadata.

  • Both L1 and L2 contracts reference this ID to prevent duplication and replay.

  • The precise canonicalization rules are defined in relayer logic (kept outside the smart contracts to minimize on-chain complexity).

Governance Hooks

  • The attestor set on L2 is managed via governance: proposals and votes can add or replace attestors.

  • The aggregate FROST key on L1 is similarly managed, ensuring smooth rotation if a relayer is replaced.

Transparency & Verifiability

  • All contract addresses and ABIs will be published in the Transparency, Audits & Disclosures section.

  • Event logs from both chains can be independently monitored by anyone to verify bridge activity.

  • Governance changes (attestor set or FROST key updates) are on-chain, auditable, and publicly recorded.

Previous⛓️ Protocol: Lifecycle & StatesNext📤 Relayer & Infrastructure