USDCxBL - Cross-Chain USDC on Stacks

A Clarity implementation of USDCx (USD Coin Cross-Chain) for the Stacks blockchain, designed as an educational project to demonstrate cross-chain token bridging.

Table of Contents

• Overview
• Architecture
  • Token Contract
  • Bridge Contract
• How Cross-Chain Bridging Works
  • Deposit Flow
  • Withdrawal Flow
• Key Components
  • Deposit Intent Structure
  • Role System
  • Security Features
• Token Contract Details
• Bridge Contract Details
• Setup and Installation
• Testing
• Contract Deployment
• Educational Value
• Differences from Production USDCx
• Contributing
• License
• Resources

Overview

USDCxBL implements a cross-chain stablecoin protocol that allows USDC to be bridged between Stacks and other blockchain networks. This project is based on the official USDCx implementation and serves as a learning resource for understanding:

• SIP-010 fungible token standards
• Cross-chain bridging mechanisms
• Role-based access control in smart contracts
• Deposit intent validation and signature recovery
• Protocol pausing and governance

Architecture

The project consists of two main contracts:

1. Token Contract (bradley-learn-usdcx.clar)

The core USDCx token implementing the SIP-010 standard with additional protocol features:

• SIP-010 Compliance: Standard fungible token interface
• Role-Based Access Control: Governance, mint, and pause roles
• Protocol Functions: Minting, burning, and transferring with protocol controls
• Pausable Protocol: Emergency stop functionality

Key Features:

• Token name: USDCxBradleyLearn
• Symbol: USDCxBL
• Decimals: 6
• Total supply: Dynamic (minted/burned as needed)

graph TD
    A[User/Contract] --> B[SIP-010 Interface]
    B --> C[get-name]
    B --> D[get-symbol]
    B --> E[get-decimals]
    B --> F[get-balance]
    B --> G[get-total-supply]
    B --> H[transfer]

    A --> I[Protocol Interface]
    I --> J[validate-protocol-caller]
    I --> K[is-protocol-paused]
    I --> L[protocol-transfer]
    I --> M[protocol-mint]
    I --> N[protocol-burn]
    I --> O[protocol-mint-many]

    A --> P[Governance Interface]
    P --> Q[set-active-protocol-caller]
    P --> R[protocol-set-name]
    P --> S[protocol-set-symbol]
    P --> T[protocol-set-token-uri]

    A --> U[Pause Interface]
    U --> V[pause]
    U --> W[unpause]

    J --> X[Role Validation]
    K --> Y[Pause Check]
    M --> X
    N --> X
    O --> X
    Q --> X
    R --> X
    S --> X
    T --> X
    V --> X
    W --> X

Loading

2. Bridge Contract (bradley-learn-usdcx-v1BL.clar)

The cross-chain bridge implementation handling deposits and withdrawals:

• Deposit Processing: Validates and processes cross-chain deposits
• Signature Verification: Uses Circle attestors for deposit validation
• Minting Logic: Mints USDCx tokens upon successful deposit verification
• Burning Logic: Burns tokens for cross-chain withdrawals
• Nonce Management: Prevents replay attacks

graph TD
    A[External Chain] --> B[Deposit Intent Created]
    B --> C[Circle Attestor Signs]
    C --> D[Deposit Intent + Signature]

    D --> E[Bridge Contract: mint]
    E --> F[parse-and-validate-deposit-intent]
    F --> G[verify-deposit-intent-signature]
    G --> H[Check Nonce Used]
    H --> I[Protocol Mint USDCx]
    I --> J[Mark Nonce Used]

    K[Stacks User] --> L[Bridge Contract: burn]
    L --> M[Check Min Withdrawal]
    M --> N[Check Native Domain]
    N --> O[Protocol Burn USDCx]
    O --> P[Emit Burn Event]

    F --> Q[Parse Deposit Intent]
    Q --> R[Validate Magic/Version]
    R --> S[Validate Amounts]
    S --> T[Validate Domains/Tokens]
    T --> U[Get Remote Recipient]

    G --> V[Recover PK from Sig]
    V --> W[Check Attestor Map]

Loading

How Cross-Chain Bridging Works

Deposit Flow (Other Chain → Stacks)

1. Deposit Intent Creation: User creates a deposit intent on the source chain
2. Attestation: Circle attestors sign the deposit intent
3. Validation: Bridge contract verifies the signature and intent parameters
4. Minting: USDCx tokens are minted to the recipient on Stacks

Withdrawal Flow (Stacks → Other Chain)

1. Burn Request: User calls burn function with withdrawal details
2. Token Burning: USDCx tokens are burned from user's balance
3. Event Emission: Burn event is emitted for off-chain processing
4. Cross-Chain Transfer: External system processes the withdrawal on destination chain

Key Components

Deposit Intent Structure

{
  magic: 0x5a2e0acd,
  version: u1,
  amount: uint,
  remote-domain: uint,
  remote-token: (buff 32),
  remote-recipient: (buff 32),
  local-token: (buff 32),
  local-depositor: (buff 32),
  max-fee: uint,
  nonce: (buff 32),
  hook-data: (buff 80)
}

Role System

• Governance (0x00): Contract updates, role management
• Mint (0x01): Token minting and burning operations
• Pause (0x02): Protocol pause/unpause controls

Security Features

• Signature Verification: ECDSA signature recovery using secp256k1
• Nonce Tracking: Prevents deposit replay attacks
• Fee Management: Configurable fees for cross-chain operations
• Minimum Withdrawal Amounts: Prevents dust transactions

Token Contract Details

SIP-010 Functions

• transfer(amount, sender, recipient, memo): Transfers tokens between accounts. Validates ownership and emits memo if provided.
• get-name(): Returns the token name ("USDCxBradleyLearn").
• get-symbol(): Returns the token symbol ("USDCxBL").
• get-decimals(): Returns the decimal places (6).
• get-balance(owner): Returns the token balance of an account.
• get-total-supply(): Returns the total supply of tokens.
• get-token-uri(): Returns the optional token metadata URI.

Protocol Functions

• validate-protocol-caller(role, caller): Checks if a caller has the required role.
• is-protocol-paused(): Returns whether the protocol is paused.
• validate-protocol-active(): Ensures the protocol is not paused.
• protocol-transfer(amount, sender, recipient): Transfers tokens with protocol validation (mint role required).
• protocol-mint(amount, recipient): Mints new tokens (mint role required).
• protocol-burn(amount, owner): Burns tokens from an account (mint role required).
• protocol-mint-many(recipients): Mints tokens to multiple recipients (mint role required).

Governance Functions

• set-active-protocol-caller(caller, role, enabled): Adds or removes protocol roles (governance role required).
• protocol-set-name(new-name): Updates token name (governance role required).
• protocol-set-symbol(new-symbol): Updates token symbol (governance role required).
• protocol-set-token-uri(new-uri): Updates token URI (governance role required).

Pause Functions

• pause(): Pauses the protocol (pause role required).
• unpause(): Unpauses the protocol (pause role required).

Bridge Contract Details

Deposit Functions

• parse-deposit-intent(deposit-intent): Parses raw bytes into a structured deposit intent.
• recover-deposit-intent-pk(deposit-intent, signature): Recovers the public key from a signature.
• verify-deposit-intent-signature(deposit-intent, signature): Verifies signature against known attestors.
• get-remote-recipient(remote-recipient-bytes, hook-data): Converts bytes to principal, supporting contract recipients.
• parse-and-validate-deposit-intent(deposit-intent): Full validation including Stacks-specific checks.
• mint(deposit-intent, signature, fee-amount): Main minting function - validates and mints USDCx.

Withdrawal Functions

• set-min-withdrawal-amount(new-min): Sets minimum withdrawal amount (custom role 0x04 required).
• get-min-withdrawal-amount(): Returns the current minimum withdrawal amount.
• burn(amount, native-domain, native-recipient): Burns tokens for withdrawal, emits burn event.

Attestor Management

• add-or-remove-circle-attestor(public-key, enabled): Adds/removes Circle attestors (governance role required).

Setup and Installation

Prerequisites

• Clarinet - Stacks development environment
• Node.js (for testing)
• npm or yarn

Installation

1. Clone the repository:

git clone <repository-url>
cd USDCx

2. Install dependencies:

npm install

3. Check contracts:

clarinet check

Testing

Run the test suite:

npm test

Watch mode for development:

npm run test:watch

Contract Deployment

The contracts are configured in Clarinet.toml for local development. For mainnet deployment:

1. Update contract names and parameters
2. Set appropriate Circle attestor public keys
3. Configure domain identifiers
4. Deploy token contract first, then bridge contract

Educational Value

This implementation demonstrates:

• Smart Contract Architecture: Modular design with separate token and bridge contracts
• Cross-Chain Communication: Handling deposits from external chains
• Cryptographic Operations: Signature verification and public key recovery
• State Management: Maps for attestors, nonces, and protocol state
• Error Handling: Comprehensive error codes and validation
• Event Logging: Print statements for off-chain monitoring

Differences from Production USDCx

This educational version includes:

• Simplified attestor management
• Learning-focused naming and comments
• Test-friendly configurations
• Additional logging for debugging

Contributing

This is an educational project. For production use, refer to the official Circle USDCx implementation.

License

ISC License

Resources

• Stacks Documentation
• Clarity Language Reference
• SIP-010 Standard
• Circle USDCx