Skip to content
Back to Blog
Fundamentals

Merged Mining in Action: Bridging Secured by Miners, Not Just Signers

Read Time: 3 mins
Merged Mining in Action: Bridging Secured by Miners, Not Just Signers

Most people evaluate Bitcoin bridges with a simple shortcut: is it a federation, or is it a validator model?

In that mental model, a federation bridge is a multisig controlled by a set of known parties. A validator model is a separate group that watches one chain and attests to actions on another. Both categories focus on the same thing: who is authorized to move funds.

That framing is useful, but it is incomplete for Rootstock’s PowPeg bridge.

The PowPeg is much more than a federation because its enforcement is anchored into Bitcoin’s Proof of Work through merged mining. The practical question is not only who can sign, but what confirmations must still occur for BTC to move back to Bitcoin L1. To understand why PowPeg is positioned as the most secure way to bring BTC into DeFi, you have to understand merged mining in action.

 

The basics of merged mining

Merged mining is simple: miners can mine Bitcoin and Rootstock simultaneously with no extra cost.

Instead of forcing miners to choose between chains, the same mining effort can secure both networks at once. That matters because it ties Rootstock’s block production, and the bridge enforcement that depends on Rootstock confirmations, directly to Bitcoin’s hashrate.

Key implications:

  • Rootstock’s block production is tied to Bitcoin’s hashrate

  • Rootstock miners are also Bitcoin miners, aligning incentives

  • Outcome: Rootstock inherits the same security guarantees as Bitcoin

This is the foundation that changes how you should think about PowPeg. If a bridge depends on confirmations backed by merged mining, then Bitcoin’s Proof of Work becomes part of the bridge’s security story. It is not only about key custody.


How PowPeg works with merged mining

PowPeg has a custody layer that looks familiar. BTC is locked in a 5-of-9 multisig controlled by independent, global entities. This layer exists because the bridge needs a mechanism to custody BTC on Bitcoin L1 while representing it inside Rootstock.

What the custody layer looks like:

  • BTC is locked in a 5-of-9 multisig

  • The keys are controlled by independent signers
  • Signing keys are secured with hardware security modules (HSMs), adding an additional layer of protection at the custody level.

If you stop there, PowPeg can look like a standard federated multisig bridge. But PowPeg’s design is not only about signing. It is about how peg-outs are enforced.

Peg-outs, releasing BTC back to Bitcoin L1, are not only signed by the multisig. They require confirmation through Rootstock blocks that are merged-mined with Bitcoin. That means miners, not just the signers, act as gatekeepers by verifying and timestamping withdrawals through block confirmation.

What makes PowPeg different:

  • Peg-outs are not only signed, they require merged-mined Rootstock confirmation

  • Miners verify and timestamp withdrawals through block confirmation

  • Even if the signers  colluded, peg-outs still need to be mined and confirmed under Bitcoin security assumptions

Federation alone vs federation plus merged mining

A pure federation model, like Liquid, is controlled by a set of functionaries with no miner involvement. In federation-only designs, risk concentrates in the signer set.

What that means in practice:

  • Collusion between signers can lead to unauthorized movement of funds

  • Key compromise can lead to funds being drained

PowPeg strengthens the model by adding another security layer. On top of signers,  miners validate and secure the transaction flow through merged-mined confirmation.

What PowPeg adds:

  • Signers are not the only gatekeepers in the peg-out path

  • Breaking PowPeg requires compromising the signer set and overpowering Bitcoin’s merged mining consensus

  • That is materially much harder than attacking a pure multisig bridge

This is defense-in-depth. It is not a new trust assumption, it is an additional enforcement layer that reduces single-point-of-failure risk.


Real-world proof: PowPeg’s security track record

Bridge security is ultimately judged by outcomes. Over the last several years, bridges have been one of the most attacked surfaces in crypto, with many of the largest losses tied to validator or key compromise.

That is why PowPeg’s track record matters in this discussion.

What PowPeg has shown:

  • PowPeg has run since early 2018 with no exploits

  • It has secured BTC worth hundreds of millions

  • It has survived multiple market cycles, miner fluctuations, and bridge attacks elsewhere

And the contrast category matters. Wormhole, Ronin, and Multichain are examples of bridges that lost billions due to validator or key compromise. These incidents highlight the failure modes PowPeg is designed to resist by not relying on a single enforcement layer.


Bottom Line: A Bridge Secured by Miners, Not Just Signers

 

PowPeg combines an independent, globally distributed set of signers at the custody layer, and merged mining anchored enforcement at the confirmation layer. Peg-outs are not simply a question of signatures. They still need to be mined and confirmed through Rootstock blocks that are merged-mined with Bitcoin, which means Bitcoin’s Proof of Work assumptions become part of withdrawal enforcement.

 

To go deeper and explore all five layers of PowPeg security, check out the PowPeg bridge webpage and the merged mining webpage.

Recommended articles

Aori Integrates with Rootstock to Unlock Cross-Chain Bitcoin DeFi

Aori Integrates with Rootstock to Unlock Cross-Chain Bitcoin DeFi

The Bitcoin DeFi ecosystem continues to grow as new infrastructure connects it to the broader decentralized finance landscape. A new integration is now making it easier for users to move capital across chains while accessing Bitcoin-based financial applications. Aori is now live on Rootstock, introducing its intent settlement protocol to the Bitcoin smart contract ecosystem. […]

Ecosystem Updates
Introducing the New rBTC Visual

Introducing the New rBTC Visual

In 2022, the Rootstock community voted to adopt a new visual identity for the Rootstock ecosystem, establishing a more modern and unified brand system across the network.  Today, we’re unveiling an updated logo for rBTC designed to align more closely with the Rootstock ecosystem identity and reflect its role in extending Bitcoin into smart contracts, […]

Ecosystem Updates
Vetiver 9.0.3: Patch Release

Vetiver 9.0.3: Patch Release

This patch release fixes the issue reported in #3543 affecting the JSON-RPC API methods trace_transaction and trace_block. It also includes code readability improvements, minor bug fixes, and enhanced logging. Although this is not a mandatory release, nodes that rely on these tracing methods should be updated to this version to avoid potential issues. The latest […]

Ecosystem Updates