[Design]: Cap on max sBTC pegged per transaction

[aldur]

Completing the issue description and arriving at a conclusion is the deliverable of this issue.

Design - Cap on max sBTC pegged per transaction / account

If #562 is implemented, then a whale might take over the full amount of sBTC available for peg-in.
This would be detrimental to other users, DeFi, etc.

1. Summary

2. Context & Purpose

Relevant Research Discussions

External Resources

3. Design

3.1 Proposed Component Design

Similarly to #562, Signers could discretionarily refuse peg-in requests over a given threshold. This would not solve the sybil attack, nor user peg-ins spanning multiple transactions. The implementation of the Signer binary can expose such feature through a configuration option.

3.1.1 Design Diagram

3.1.2 Considerations & Alternatives

As for #562, the max amount could be written on-chain for public display.

3.2 Areas of Ambiguity

---

Closing Checklist

• The design proposed in this issue is clearly documented in the description of this ticket.
• Everyone necessary has reviewed the resolution and agrees with the proposal.
• This ticket has or links all the information necessary to familiarize a contributor with the design decision, why it was made, and how it'll be included.

[djordon]

Capping the maximum of sBTC pegged in per transaction is simple to implement in the signers. We can do it per account too, but it's a bit more annoying.

[cylewitruk]

My concern with the account-level cap is the tracking of withdrawals. If the user has sent/spent the sBTC then should their current peg be reduced? If not, then they may not have any sBTC left to peg-out and thus reduce their peg-in limit and be able to peg-in more.

Otoh, it's also really easy to just do multiple peg-ins to multiple addresses, thus circumventing any account caps.

So the question I have is if this is even feasible (without some advanced tracking of sBTC across the entire blockchain)?

[andrerserrano]

@cylewitruk an account-level cap is not the intent of this issue. The intention of this issue is simply meant to encourage broad participation in the sBTC launch. The idea is to prevent a single entity from buying out one Bitcoin block and taking the entire cap (roughly 1,000 BTC), squeezing everyone else out in the process. By creating a mechanism that requires at least several Bitcoin blocks to fill, it may result in wider participation and increase the overall distribution of sBTC at launch.

[cylewitruk]

@andrerserrano yeah I get the high-level goal -- this issue specifically mentions an account-level cap (in the title) so I was just giving my spontaneous thoughts on that particular point.

[andrerserrano]

Good call. I've updated the title to reflect this.