The Bridge System: Arbiters
The main chain and sidechains (ESC for smart contracts, EID for identity) are separate blockchains with separate state. The bridge is how ELA moves between them at a 1:1 ratio. It is operated by the 12 elected Council members, who run arbiter software that watches both sides and coordinates cross-chain transactions.
Council members serve dual roles: governance and bridge operation. Their stake, reputation, and election mandate secure both governance decisions and bridge transfers.
Deposit Addresses
Each sidechain has a unique deposit address on the main chain, derived deterministically from that sidechain's genesis block hash. This prevents cross-wiring chains.
Cross-chain fee: 10,000 sela (0.0001 ELA) per cross-chain output.
How Deposits Are Proven (SPV)
Sidechains do not blindly trust arbiters. Deposits are backed by SPV verification:
- A Merkle path links the deposit transaction to its block header on the main chain
- The sidechain checks the path against headers it considers valid
- Pattern: transaction -> Merkle proof -> header chain (the same light-client approach as Bitcoin SPV)
For the main chain to sidechain direction, the sidechain independently verifies that the deposit happened. Compromised arbiters cannot mint sidechain ELA without a valid main-chain proof.
Deposit Flow (Main Chain to Sidechain)
- Arbiter detects a qualifying deposit via its SPV bloom filter
- The deposit is recorded durably (SQLite) so it survives restarts
- The on-duty arbiter relays the tx hash to the sidechain via RPC
- The sidechain fetches the tx + Merkle proof, verifies it, and credits the user
If a deposit fails (wrong format, sidechain rejection), a return flow sends ELA back to the original sender.
Withdrawal Flow (Sidechain to Main Chain)
- Arbiter polls the sidechain for pending withdrawals
- After 6 block confirmations, the withdrawal enters the arbiter pipeline
- Arbiters exchange proposals over P2P to coordinate signing
- Once 2/3+1 of validators sign, the main-chain transaction is submitted
After SchnorrStartHeight, withdrawals use Schnorr aggregate signatures (single 64-byte signature instead of N individual ones).
Sidechain to main chain relies on an honest quorum among the 12 Council-operated arbiters. A two-thirds supermajority must approve withdrawals, a risk mitigated by stake, elections, and on-chain transparency.
Small Transfer Fast Path
Transfers below a configured threshold (typically 1 ELA) use a simplified single-signature path where only the on-duty arbiter signs. Faster, but with stronger trust in that single operator.
Trust Summary
| Direction | Trust Model | Fee |
|---|---|---|
| Main to sidechain | SPV proof (trustless) | 0.0001 ELA per output |
| Sidechain to main | 2/3+1 arbiter quorum | 0.0001 ELA per output |
SPV Proof Verification
When a sidechain accepts a deposit, it checks:
- Is the transaction included in a Merkle root from a known-good block header?
- Is that header part of the finalized main-chain history the sidechain tracks?
- Does the output match bridge rules (amount, fee, destination)?
If any check fails, the credit is rejected.
Track both chains: main-chain locks and sidechain mints/burns should reconcile for every successful transfer. Persistent mismatch indicates an issue worth escalating.