# System Overview ## Architecture at a Glance The CBTC system bridges the Bitcoin Layer‑1 UTXO model to Canton’s Daml‑based smart‑contract network. It operates through a coordinated, decentralized process to ensure every Bitcoin deposit is securely verified before minting CBTC The bridge architecture consists of: 1. **Bitcoin Layer** - Bitcoin transactions are monitored and verified with required confirmations (currently 6) 2. **Attestor Network** - A decentralized network of Attestors monitor and manage Bitcoin deposit/withdrawal transactions, and translate them via a governance module on Canton to validate and execute actions 3. **Canton Asset Layer** - Daml contracts that mint and burn CBTC tokens, but only after a threshold of Attestor nodes contribute their Canton signatures to the contract execution. No CBTC can be minted or burned without this decentralized approval process For the full technical specification, see the CBTC Token Standard Info ## Core Actors & Roles **Actor** **Responsibilities** **Coordinator** Executes periodic checks every 60-120 seconds, monitors deposit accounts, constructs Bitcoin transactions, and submits governance actions **Attestors** Independent nodes that verify deposits/withdrawals and submit confirmations via Canton's governance module. Every important action requires group approval **Minter** Create deposit accounts, send Bitcoin to generated addresses, initiate withdrawals, and hold CBTC tokens ## Trust & Threat Model The CBTC system relies on a decentralized network of Attestors who must coordinate via a governance module on Canton to validate and execute actions, and a group threshold signing process on the Bitcoin L1. Every important action requires group approval. This shared decision-making keeps CBTC decentralized, reliable, and secure Because Canton provides deterministic finalityarrow-up-right, once a mint or burn is executed its state transition is irrevocably committed, removing the roll‑back risk that probabilistic Layer‑1s face This ensures that no single party, including the Coordinator, can unilaterally mint CBTC or withdraw Bitcoin ## On-Ledger Governance Flow The CBTC system relies on a decentralized network of Attestors who must coordinate via a governance module on Canton to validate and execute actions. The governance process works as follows: * For actions like **ConfirmDepositAction** (for minting) or **ArchiveWithdrawRequest** (for withdrawal finalization), each Attestor must submit their confirmation signature independently * Each attestor member submits its signed confirmation message, and once a threshold of signatures has been reached on the contract, the Coordinator executes the action --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bitsafe.finance/product-suite/cbtc/system-overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.