@keep-network/tbtc-v2 0.1.1-dev.42 → 0.1.1-dev.45

package/contracts/bridge/Bridge.sol

@@ -17,16 +17,13 @@ pragma solidity ^0.8.9;
 
 import "@openzeppelin/contracts/access/Ownable.sol";
 
-import {BTCUtils} from "@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol";
-import {BytesLib} from "@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol";
-
 import {IWalletOwner as EcdsaWalletOwner} from "@keep-network/ecdsa/contracts/api/IWalletOwner.sol";
 
 import "./IRelay.sol";
 import "./BridgeState.sol";
 import "./Deposit.sol";
 import "./Sweep.sol";
-import "./Redeem.sol";
+import "./Redemption.sol";
 import "./BitcoinTx.sol";
 import "./EcdsaLib.sol";
 import "./Wallets.sol";
@@ -53,72 +50,24 @@ import "../bank/Bank.sol";
 ///         the sweep operation is confirmed on the Bitcoin network, the ECDSA
 ///         wallet informs the Bridge about the sweep increasing appropriate
 ///         balances in the Bank.
-/// @dev Bridge is an upgradeable component of the Bank.
+/// @dev Bridge is an upgradeable component of the Bank. The order of
+///      functionalities in this contract is: deposit, sweep, redemption,
+///      moving funds, wallet lifecycle, frauds, parameters.
 ///
-// TODO: All wallets-related operations that are currently done directly
-//       by the Bridge can be probably delegated to the Wallets library.
-//       Examples of such operations are main UTXO or pending redemptions
-//       value updates.
+/// TODO: Revisit all events and look which parameters should be indexed.
+/// TODO: Align the convention around `param` and `dev` endings. They should
+///       not have a punctuation mark.
 contract Bridge is Ownable, EcdsaWalletOwner {
     using BridgeState for BridgeState.Storage;
     using Deposit for BridgeState.Storage;
     using Sweep for BridgeState.Storage;
-    using Redeem for BridgeState.Storage;
+    using Redemption for BridgeState.Storage;
     using MovingFunds for BridgeState.Storage;
-    using Fraud for BridgeState.Storage;
     using Wallets for BridgeState.Storage;
-
-    using BTCUtils for bytes;
-    using BTCUtils for uint256;
-    using BytesLib for bytes;
+    using Fraud for BridgeState.Storage;
 
     BridgeState.Storage internal self;
 
-    event WalletParametersUpdated(
-        uint32 walletCreationPeriod,
-        uint64 walletMinBtcBalance,
-        uint64 walletMaxBtcBalance,
-        uint32 walletMaxAge
-    );
-
-    event NewWalletRequested();
-
-    event NewWalletRegistered(
-        bytes32 indexed ecdsaWalletID,
-        bytes20 indexed walletPubKeyHash
-    );
-
-    event WalletMovingFunds(
-        bytes32 indexed ecdsaWalletID,
-        bytes20 indexed walletPubKeyHash
-    );
-
-    event WalletClosed(
-        bytes32 indexed ecdsaWalletID,
-        bytes20 indexed walletPubKeyHash
-    );
-
-    event WalletTerminated(
-        bytes32 indexed ecdsaWalletID,
-        bytes20 indexed walletPubKeyHash
-    );
-
-    event VaultStatusUpdated(address indexed vault, bool isTrusted);
-
-    event FraudSlashingAmountUpdated(uint256 newFraudSlashingAmount);
-
-    event FraudNotifierRewardMultiplierUpdated(
-        uint256 newFraudNotifierRewardMultiplier
-    );
-
-    event FraudChallengeDefeatTimeoutUpdated(
-        uint256 newFraudChallengeDefeatTimeout
-    );
-
-    event FraudChallengeDepositAmountUpdated(
-        uint256 newFraudChallengeDepositAmount
-    );
-
     event DepositRevealed(
         bytes32 fundingTxHash,
         uint32 fundingOutputIndex,
@@ -152,24 +101,94 @@ contract Bridge is Ownable, EcdsaWalletOwner {
         bytes redeemerOutputScript
     );
 
+    event WalletMovingFunds(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event MovingFundsCommitmentSubmitted(
+        bytes20 walletPubKeyHash,
+        bytes20[] targetWallets,
+        address submitter
+    );
+
+    event MovingFundsCompleted(
+        bytes20 walletPubKeyHash,
+        bytes32 movingFundsTxHash
+    );
+
+    event MovingFundsTimedOut(bytes20 walletPubKeyHash);
+
+    event NewWalletRequested();
+
+    event NewWalletRegistered(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event WalletClosing(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event WalletClosed(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event WalletTerminated(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
     event FraudChallengeSubmitted(
-        bytes20 walletPublicKeyHash,
+        bytes20 walletPubKeyHash,
         bytes32 sighash,
         uint8 v,
         bytes32 r,
         bytes32 s
     );
 
-    event FraudChallengeDefeated(bytes20 walletPublicKeyHash, bytes32 sighash);
+    event FraudChallengeDefeated(bytes20 walletPubKeyHash, bytes32 sighash);
 
     event FraudChallengeDefeatTimedOut(
-        bytes20 walletPublicKeyHash,
+        bytes20 walletPubKeyHash,
         bytes32 sighash
     );
 
-    event MovingFundsCompleted(
-        bytes20 walletPubKeyHash,
-        bytes32 movingFundsTxHash
+    event VaultStatusUpdated(address indexed vault, bool isTrusted);
+
+    event DepositParametersUpdated(
+        uint64 depositDustThreshold,
+        uint64 depositTreasuryFeeDivisor,
+        uint64 depositTxMaxFee
+    );
+
+    event RedemptionParametersUpdated(
+        uint64 redemptionDustThreshold,
+        uint64 redemptionTreasuryFeeDivisor,
+        uint64 redemptionTxMaxFee,
+        uint256 redemptionTimeout
+    );
+
+    event MovingFundsParametersUpdated(
+        uint64 movingFundsTxMaxTotalFee,
+        uint32 movingFundsTimeout
+    );
+
+    event WalletParametersUpdated(
+        uint32 walletCreationPeriod,
+        uint64 walletMinBtcBalance,
+        uint64 walletMaxBtcBalance,
+        uint32 walletMaxAge,
+        uint64 walletMaxBtcTransfer
+    );
+
+    event FraudParametersUpdated(
+        uint256 fraudSlashingAmount,
+        uint256 fraudNotifierRewardMultiplier,
+        uint256 fraudChallengeDefeatTimeout,
+        uint256 fraudChallengeDepositAmount
     );
 
     constructor(
@@ -205,6 +224,7 @@ contract Bridge is Ownable, EcdsaWalletOwner {
         self.redemptionTxMaxFee = 10000; // 10000 satoshi
         self.redemptionTimeout = 172800; // 48 hours
         self.movingFundsTxMaxTotalFee = 10000; // 10000 satoshi
+        self.movingFundsTimeout = 7 days;
         self.fraudSlashingAmount = 10000 * 1e18; // 10000 T
         self.fraudNotifierRewardMultiplier = 100; // 100%
         self.fraudChallengeDefeatTimeout = 7 days;
@@ -213,123 +233,7 @@ contract Bridge is Ownable, EcdsaWalletOwner {
         self.walletMinBtcBalance = 1e8; // 1 BTC
         self.walletMaxBtcBalance = 10e8; // 10 BTC
         self.walletMaxAge = 26 weeks; // ~6 months
-    }
-
-    /// @notice Allows the Governance to mark the given vault address as trusted
-    ///         or no longer trusted. Vaults are not trusted by default.
-    ///         Trusted vault must meet the following criteria:
-    ///         - `IVault.receiveBalanceIncrease` must have a known, low gas
-    ///           cost.
-    ///         - `IVault.receiveBalanceIncrease` must never revert.
-    /// @dev Without restricting reveal only to trusted vaults, malicious
-    ///      vaults not meeting the criteria would be able to nuke sweep proof
-    ///      transactions executed by ECDSA wallet with  deposits routed to
-    ///      them.
-    /// @param vault The address of the vault
-    /// @param isTrusted flag indicating whether the vault is trusted or not
-    /// @dev Can only be called by the Governance.
-    function setVaultStatus(address vault, bool isTrusted) external onlyOwner {
-        self.isVaultTrusted[vault] = isTrusted;
-        emit VaultStatusUpdated(vault, isTrusted);
-    }
-
-    /// @notice Requests creation of a new wallet. This function just
-    ///         forms a request and the creation process is performed
-    ///         asynchronously. Once a wallet is created, the ECDSA Wallet
-    ///         Registry will notify this contract by calling the
-    ///         `__ecdsaWalletCreatedCallback` function.
-    /// @param activeWalletMainUtxo Data of the active wallet's main UTXO, as
-    ///        currently known on the Ethereum chain.
-    /// @dev Requirements:
-    ///      - `activeWalletMainUtxo` components must point to the recent main
-    ///        UTXO of the given active wallet, as currently known on the
-    ///        Ethereum chain. If there is no active wallet at the moment, or
-    ///        the active wallet has no main UTXO, this parameter can be
-    ///        empty as it is ignored.
-    ///      - Wallet creation must not be in progress
-    ///      - If the active wallet is set, one of the following
-    ///        conditions must be true:
-    ///        - The active wallet BTC balance is above the minimum threshold
-    ///          and the active wallet is old enough, i.e. the creation period
-    ///          was elapsed since its creation time
-    ///        - The active wallet BTC balance is above the maximum threshold
-    function requestNewWallet(BitcoinTx.UTXO calldata activeWalletMainUtxo)
-        external
-    {
-        self.requestNewWallet(activeWalletMainUtxo);
-    }
-
-    /// @notice A callback function that is called by the ECDSA Wallet Registry
-    ///         once a new ECDSA wallet is created.
-    /// @param ecdsaWalletID Wallet's unique identifier.
-    /// @param publicKeyX Wallet's public key's X coordinate.
-    /// @param publicKeyY Wallet's public key's Y coordinate.
-    /// @dev Requirements:
-    ///      - The only caller authorized to call this function is `registry`
-    ///      - Given wallet data must not belong to an already registered wallet
-    function __ecdsaWalletCreatedCallback(
-        bytes32 ecdsaWalletID,
-        bytes32 publicKeyX,
-        bytes32 publicKeyY
-    ) external override {
-        self.registerNewWallet(ecdsaWalletID, publicKeyX, publicKeyY);
-    }
-
-    /// @notice A callback function that is called by the ECDSA Wallet Registry
-    ///         once a wallet heartbeat failure is detected.
-    /// @param publicKeyX Wallet's public key's X coordinate
-    /// @param publicKeyY Wallet's public key's Y coordinate
-    /// @dev Requirements:
-    ///      - The only caller authorized to call this function is `registry`
-    ///      - Wallet must be in Live state
-    function __ecdsaWalletHeartbeatFailedCallback(
-        bytes32,
-        bytes32 publicKeyX,
-        bytes32 publicKeyY
-    ) external override {
-        self.notifyWalletHeartbeatFailed(publicKeyX, publicKeyY);
-    }
-
-    /// @notice Notifies that the wallet is either old enough or has too few
-    ///         satoshis left and qualifies to be closed.
-    /// @param walletPubKeyHash 20-byte public key hash of the wallet
-    /// @param walletMainUtxo Data of the wallet's main UTXO, as currently
-    ///        known on the Ethereum chain.
-    /// @dev Requirements:
-    ///      - Wallet must not be set as the current active wallet
-    ///      - Wallet must exceed the wallet maximum age OR the wallet BTC
-    ///        balance must be lesser than the minimum threshold. If the latter
-    ///        case is true, the `walletMainUtxo` components must point to the
-    ///        recent main UTXO of the given wallet, as currently known on the
-    ///        Ethereum chain. If the wallet has no main UTXO, this parameter
-    ///        can be empty as it is ignored since the wallet balance is
-    ///        assumed to be zero.
-    ///      - Wallet must be in Live state
-    function notifyCloseableWallet(
-        bytes20 walletPubKeyHash,
-        BitcoinTx.UTXO calldata walletMainUtxo
-    ) external {
-        self.notifyCloseableWallet(walletPubKeyHash, walletMainUtxo);
-    }
-
-    /// @notice Gets details about a registered wallet.
-    /// @param walletPubKeyHash The 20-byte wallet public key hash (computed
-    ///        using Bitcoin HASH160 over the compressed ECDSA public key)
-    /// @return Wallet details.
-    function getWallet(bytes20 walletPubKeyHash)
-        external
-        view
-        returns (Wallets.Wallet memory)
-    {
-        return self.registeredWallets[walletPubKeyHash];
-    }
-
-    /// @notice Gets the public key hash of the active wallet.
-    /// @return The 20-byte public key hash (computed using Bitcoin HASH160
-    ///         over the compressed ECDSA public key) of the active wallet.
-    ///         Returns bytes20(0) if there is no active wallet at the moment.
-    function getActiveWalletPubKeyHash() external view returns (bytes20) {
-        return self.activeWalletPubKeyHash;
+        self.walletMaxBtcTransfer = 10e8; // 10 BTC
     }
 
     /// @notice Used by the depositor to reveal information about their P2(W)SH
@@ -417,139 +321,23 @@ contract Bridge is Ownable, EcdsaWalletOwner {
         self.submitSweepProof(sweepTx, sweepProof, mainUtxo);
     }
 
-    /// @notice Submits a fraud challenge indicating that a UTXO being under
-    ///         wallet control was unlocked by the wallet but was not used
-    ///         according to the protocol rules. That means the wallet signed
-    ///         a transaction input pointing to that UTXO and there is a unique
-    ///         sighash and signature pair associated with that input. This
-    ///         function uses those parameters to create a fraud accusation that
-    ///         proves a given transaction input unlocking the given UTXO was
-    ///         actually signed by the wallet. This function cannot determine
-    ///         whether the transaction was actually broadcast and the input was
-    ///         consumed in a fraudulent way so it just opens a challenge period
-    ///         during which the wallet can defeat the challenge by submitting
-    ///         proof of a transaction that consumes the given input according
-    ///         to protocol rules. To prevent spurious allegations, the caller
-    ///         must deposit ETH that is returned back upon justified fraud
-    ///         challenge or confiscated otherwise.
-    ///@param walletPublicKey The public key of the wallet in the uncompressed
-    ///       and unprefixed format (64 bytes)
-    /// @param sighash The hash that was used to produce the ECDSA signature
-    ///        that is the subject of the fraud claim. This hash is constructed
-    ///        by applying double SHA-256 over a serialized subset of the
-    ///        transaction. The exact subset used as hash preimage depends on
-    ///        the transaction input the signature is produced for. See BIP-143
-    ///        for reference
-    /// @param signature Bitcoin signature in the R/S/V format
-    /// @dev Requirements:
-    ///      - Wallet behind `walletPubKey` must be in `Live` or `MovingFunds`
-    ///        state
-    ///      - The challenger must send appropriate amount of ETH used as
-    ///        fraud challenge deposit
-    ///      - The signature (represented by r, s and v) must be generated by
-    ///        the wallet behind `walletPubKey` during signing of `sighash`
-    ///      - Wallet can be challenged for the given signature only once
-    function submitFraudChallenge(
-        bytes calldata walletPublicKey,
-        bytes32 sighash,
-        BitcoinTx.RSVSignature calldata signature
-    ) external payable {
-        self.submitFraudChallenge(walletPublicKey, sighash, signature);
-    }
-
-    /// @notice Allows to defeat a pending fraud challenge against a wallet if
-    ///         the transaction that spends the UTXO follows the protocol rules.
-    ///         In order to defeat the challenge the same `walletPublicKey` and
-    ///         signature (represented by `r`, `s` and `v`) must be provided as
-    ///         were used to calculate the sighash during input signing.
-    ///         The fraud challenge defeat attempt will only succeed if the
-    ///         inputs in the preimage are considered honestly spent by the
-    ///         wallet. Therefore the transaction spending the UTXO must be
-    ///         proven in the Bridge before a challenge defeat is called.
-    ///         If successfully defeated, the fraud challenge is marked as
-    ///         resolved and the amount of ether deposited by the challenger is
-    ///         sent to the treasury.
-    /// @param walletPublicKey The public key of the wallet in the uncompressed
-    ///        and unprefixed format (64 bytes)
-    /// @param preimage The preimage which produces sighash used to generate the
-    ///        ECDSA signature that is the subject of the fraud claim. It is a
-    ///        serialized subset of the transaction. The exact subset used as
-    ///        the preimage depends on the transaction input the signature is
-    ///        produced for. See BIP-143 for reference
-    /// @param witness Flag indicating whether the preimage was produced for a
-    ///        witness input. True for witness, false for non-witness input
-    /// @dev Requirements:
-    ///      - `walletPublicKey` and `sighash` calculated as `hash256(preimage)`
-    ///        must identify an open fraud challenge
-    ///      - the preimage must be a valid preimage of a transaction generated
-    ///        according to the protocol rules and already proved in the Bridge
-    ///      - before a defeat attempt is made the transaction that spends the
-    ///        given UTXO must be proven in the Bridge
-    function defeatFraudChallenge(
-        bytes calldata walletPublicKey,
-        bytes calldata preimage,
-        bool witness
-    ) external {
-        self.defeatFraudChallenge(walletPublicKey, preimage, witness);
-    }
-
-    /// @notice Notifies about defeat timeout for the given fraud challenge.
-    ///         Can be called only if there was a fraud challenge identified by
-    ///         the provided `walletPublicKey` and `sighash` and it was not
-    ///         defeated on time. The amount of time that needs to pass after
-    ///         a fraud challenge is reported is indicated by the
-    ///         `challengeDefeatTimeout`. After a successful fraud challenge
-    ///         defeat timeout notification the fraud challenge is marked as
-    ///         resolved, the stake of each operator is slashed, the ether
-    ///         deposited is returned to the challenger and the challenger is
-    ///         rewarded.
-    /// @param walletPublicKey The public key of the wallet in the uncompressed
-    ///        and unprefixed format (64 bytes)
-    /// @param sighash The hash that was used to produce the ECDSA signature
-    ///        that is the subject of the fraud claim. This hash is constructed
-    ///        by applying double SHA-256 over a serialized subset of the
-    ///        transaction. The exact subset used as hash preimage depends on
-    ///        the transaction input the signature is produced for. See BIP-143
-    ///        for reference
-    /// @dev Requirements:
-    ///      - `walletPublicKey`and `sighash` must identify an open fraud
-    ///        challenge
-    ///      - the amount of time indicated by `challengeDefeatTimeout` must
-    ///        pass after the challenge was reported
-    function notifyFraudChallengeDefeatTimeout(
-        bytes calldata walletPublicKey,
-        bytes32 sighash
-    ) external {
-        self.notifyFraudChallengeDefeatTimeout(walletPublicKey, sighash);
-    }
-
-    /// @notice Returns the fraud challenge identified by the given key built
-    ///         as keccak256(walletPublicKey|sighash).
-    function fraudChallenges(uint256 challengeKey)
-        external
-        view
-        returns (Fraud.FraudChallenge memory)
-    {
-        return self.fraudChallenges[challengeKey];
-    }
-
-    /// @notice Requests redemption of the given amount from the specified
-    ///         wallet to the redeemer Bitcoin output script.
-    /// @param walletPubKeyHash The 20-byte wallet public key hash (computed
-    ///        using Bitcoin HASH160 over the compressed ECDSA public key)
-    /// @param mainUtxo Data of the wallet's main UTXO, as currently known on
-    ///        the Ethereum chain
-    /// @param redeemerOutputScript The redeemer's length-prefixed output
-    ///        script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock
-    ///        redeemed BTC
-    /// @param amount Requested amount in satoshi. This is also the TBTC amount
-    ///        that is taken from redeemer's balance in the Bank upon request.
-    ///        Once the request is handled, the actual amount of BTC locked
-    ///        on the redeemer output script will be always lower than this value
-    ///        since the treasury and Bitcoin transaction fees must be incurred.
-    ///        The minimal amount satisfying the request can be computed as:
-    ///        `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.
-    ///        Fees values are taken at the moment of request creation.
+    /// @notice Requests redemption of the given amount from the specified
+    ///         wallet to the redeemer Bitcoin output script.
+    /// @param walletPubKeyHash The 20-byte wallet public key hash (computed
+    ///        using Bitcoin HASH160 over the compressed ECDSA public key)
+    /// @param mainUtxo Data of the wallet's main UTXO, as currently known on
+    ///        the Ethereum chain
+    /// @param redeemerOutputScript The redeemer's length-prefixed output
+    ///        script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock
+    ///        redeemed BTC
+    /// @param amount Requested amount in satoshi. This is also the TBTC amount
+    ///        that is taken from redeemer's balance in the Bank upon request.
+    ///        Once the request is handled, the actual amount of BTC locked
+    ///        on the redeemer output script will be always lower than this value
+    ///        since the treasury and Bitcoin transaction fees must be incurred.
+    ///        The minimal amount satisfying the request can be computed as:
+    ///        `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.
+    ///        Fees values are taken at the moment of request creation.
     /// @dev Requirements:
     ///      - Wallet behind `walletPubKeyHash` must be live
     ///      - `mainUtxo` components must point to the recent main UTXO
@@ -665,6 +453,61 @@ contract Bridge is Ownable, EcdsaWalletOwner {
         self.notifyRedemptionTimeout(walletPubKeyHash, redeemerOutputScript);
     }
 
+    /// @notice Submits the moving funds target wallets commitment.
+    ///         Once all requirements are met, that function registers the
+    ///         target wallets commitment and opens the way for moving funds
+    ///         proof submission.
+    /// @param walletPubKeyHash 20-byte public key hash of the source wallet
+    /// @param walletMainUtxo Data of the source wallet's main UTXO, as
+    ///        currently known on the Ethereum chain
+    /// @param walletMembersIDs Identifiers of the source wallet signing group
+    ///        members
+    /// @param walletMemberIndex Position of the caller in the source wallet
+    ///        signing group members list
+    /// @param targetWallets List of 20-byte public key hashes of the target
+    ///        wallets that the source wallet commits to move the funds to
+    /// @dev Requirements:
+    ///      - The source wallet must be in the MovingFunds state
+    ///      - The source wallet must not have pending redemption requests
+    ///      - The source wallet must not have submitted its commitment already
+    ///      - The expression `keccak256(abi.encode(walletMembersIDs))` must
+    ///        be exactly the same as the hash stored under `membersIdsHash`
+    ///        for the given source wallet in the ECDSA registry. Those IDs are
+    ///        not directly stored in the contract for gas efficiency purposes
+    ///        but they can be read from appropriate `DkgResultSubmitted`
+    ///        and `DkgResultApproved` events.
+    ///      - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]
+    ///      - The caller must be the member of the source wallet signing group
+    ///        at the position indicated by `walletMemberIndex` parameter
+    ///      - The `walletMainUtxo` components must point to the recent main
+    ///        UTXO of the source wallet, as currently known on the Ethereum
+    ///        chain.
+    ///      - Source wallet BTC balance must be greater than zero
+    ///      - At least one Live wallet must exist in the system
+    ///      - Submitted target wallets count must match the expected count
+    ///        `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))`
+    ///        where `N > 0`
+    ///      - Each target wallet must be not equal to the source wallet
+    ///      - Each target wallet must follow the expected order i.e. all
+    ///        target wallets 20-byte public key hashes represented as numbers
+    ///        must form a strictly increasing sequence without duplicates.
+    ///      - Each target wallet must be in Live state
+    function submitMovingFundsCommitment(
+        bytes20 walletPubKeyHash,
+        BitcoinTx.UTXO calldata walletMainUtxo,
+        uint32[] calldata walletMembersIDs,
+        uint256 walletMemberIndex,
+        bytes20[] calldata targetWallets
+    ) external {
+        self.submitMovingFundsCommitment(
+            walletPubKeyHash,
+            walletMainUtxo,
+            walletMembersIDs,
+            walletMemberIndex,
+            targetWallets
+        );
+    }
+
     /// @notice Used by the wallet to prove the BTC moving funds transaction
     ///         and to make the necessary state changes. Moving funds is only
     ///         accepted if it satisfies SPV proof.
@@ -724,166 +567,326 @@ contract Bridge is Ownable, EcdsaWalletOwner {
         );
     }
 
-    /// @notice Returns the addresses of contracts Bridge is interacting with.
-    /// @return bank Address of the Bank the Bridge belongs to.
-    /// @return relay Address of the Bitcoin relay providing the current Bitcoin
-    ///         network difficulty.
-    function getContracts() external view returns (Bank bank, IRelay relay) {
-        bank = self.bank;
-        relay = self.relay;
-    }
-
-    /// @notice Address where the deposit treasury fees will be sent to.
-    ///         Treasury takes part in the operators rewarding process.
-    function treasury() external view returns (address treasury) {
-        treasury = self.treasury;
-    }
-
-    /// @notice The number of confirmations on the Bitcoin chain required to
-    ///         successfully evaluate an SPV proof.
-    function txProofDifficultyFactor()
-        external
-        view
-        returns (uint256 txProofDifficultyFactor)
-    {
-        txProofDifficultyFactor = self.txProofDifficultyFactor;
+    /// @notice Notifies about a timed out moving funds process. Terminates
+    ///         the wallet and slashes signing group members as a result.
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet
+    /// @dev Requirements:
+    ///      - The wallet must be in the MovingFunds state
+    ///      - The moving funds timeout must be actually exceeded
+    function notifyMovingFundsTimeout(bytes20 walletPubKeyHash) external {
+        self.notifyMovingFundsTimeout(walletPubKeyHash);
     }
 
-    /// @notice Returns the current values of Bridge deposit parameters.
-    /// @return depositDustThreshold The minimal amount that can be requested
-    ///         to deposit. Value of this parameter must take into account the
-    ///         value of `depositTreasuryFeeDivisor` and `depositTxMaxFee`
-    ///         parameters in order to make requests that can incur the
-    ///         treasury and transaction fee and still satisfy the depositor.
-    /// @return depositTreasuryFeeDivisor Divisor used to compute the treasury
-    ///         fee taken from each deposit and transferred to the treasury upon
-    ///         sweep proof submission. That fee is computed as follows:
-    ///         `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`
-    ///         For example, if the treasury fee needs to be 2% of each deposit,
-    ///         the `depositTreasuryFeeDivisor` should be set to `50`
-    ///         because `1/50 = 0.02 = 2%`.
-    /// @return depositTxMaxFee Maximum amount of BTC transaction fee that can
-    ///         be incurred by each swept deposit being part of the given sweep
-    ///         transaction. If the maximum BTC transaction fee is exceeded,
-    ///         such transaction is considered a fraud.
-    function depositParameters()
+    /// @notice Requests creation of a new wallet. This function just
+    ///         forms a request and the creation process is performed
+    ///         asynchronously. Once a wallet is created, the ECDSA Wallet
+    ///         Registry will notify this contract by calling the
+    ///         `__ecdsaWalletCreatedCallback` function.
+    /// @param activeWalletMainUtxo Data of the active wallet's main UTXO, as
+    ///        currently known on the Ethereum chain.
+    /// @dev Requirements:
+    ///      - `activeWalletMainUtxo` components must point to the recent main
+    ///        UTXO of the given active wallet, as currently known on the
+    ///        Ethereum chain. If there is no active wallet at the moment, or
+    ///        the active wallet has no main UTXO, this parameter can be
+    ///        empty as it is ignored.
+    ///      - Wallet creation must not be in progress
+    ///      - If the active wallet is set, one of the following
+    ///        conditions must be true:
+    ///        - The active wallet BTC balance is above the minimum threshold
+    ///          and the active wallet is old enough, i.e. the creation period
+    ///          was elapsed since its creation time
+    ///        - The active wallet BTC balance is above the maximum threshold
+    function requestNewWallet(BitcoinTx.UTXO calldata activeWalletMainUtxo)
         external
-        view
-        returns (
-            uint64 depositDustThreshold,
-            uint64 depositTreasuryFeeDivisor,
-            uint64 depositTxMaxFee
-        )
     {
-        depositDustThreshold = self.depositDustThreshold;
-        depositTreasuryFeeDivisor = self.depositTreasuryFeeDivisor;
-        depositTxMaxFee = self.depositTxMaxFee;
+        self.requestNewWallet(activeWalletMainUtxo);
     }
 
-    /// @notice Returns the current values of Bridge redemption parameters.
-    /// @return redemptionDustThreshold The minimal amount that can be requested
-    ///         for redemption. Value of this parameter must take into account
-    ///         the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`
-    ///         parameters in order to make requests that can incur the
-    ///         treasury and transaction fee and still satisfy the redeemer.
-    /// @return redemptionTreasuryFeeDivisor Divisor used to compute the treasury
-    ///         fee taken from each redemption request and transferred to the
-    ///         treasury upon successful request finalization. That fee is
-    ///         computed as follows:
-    ///         `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`
-    ///         For example, if the treasury fee needs to be 2% of each
-    ///         redemption request, the `redemptionTreasuryFeeDivisor` should
-    ///         be set to `50` because `1/50 = 0.02 = 2%`.
-    /// @return redemptionTxMaxFee Maximum amount of BTC transaction fee that
-    ///         can be incurred by each redemption request being part of the
-    ///         given redemption transaction. If the maximum BTC transaction
-    ///         fee is exceeded, such transaction is considered a fraud.
-    /// @return redemptionTimeout Time after which the redemption request can be
-    ///         reported as timed out. It is counted from the moment when the
-    ///         redemption request was created via `requestRedemption` call.
-    ///         Reported  timed out requests are cancelled and locked TBTC is
-    ///         returned to the redeemer in full amount.
-    function redemptionParameters()
-        external
-        view
-        returns (
-            uint64 redemptionDustThreshold,
-            uint64 redemptionTreasuryFeeDivisor,
-            uint64 redemptionTxMaxFee,
-            uint256 redemptionTimeout,
-            address treasury,
-            uint256 txProofDifficultyFactor
-        )
-    {
-        redemptionDustThreshold = self.redemptionDustThreshold;
-        redemptionTreasuryFeeDivisor = self.redemptionTreasuryFeeDivisor;
-        redemptionTxMaxFee = self.redemptionTxMaxFee;
-        redemptionTimeout = self.redemptionTimeout;
+    /// @notice A callback function that is called by the ECDSA Wallet Registry
+    ///         once a new ECDSA wallet is created.
+    /// @param ecdsaWalletID Wallet's unique identifier.
+    /// @param publicKeyX Wallet's public key's X coordinate.
+    /// @param publicKeyY Wallet's public key's Y coordinate.
+    /// @dev Requirements:
+    ///      - The only caller authorized to call this function is `registry`
+    ///      - Given wallet data must not belong to an already registered wallet
+    function __ecdsaWalletCreatedCallback(
+        bytes32 ecdsaWalletID,
+        bytes32 publicKeyX,
+        bytes32 publicKeyY
+    ) external override {
+        self.registerNewWallet(ecdsaWalletID, publicKeyX, publicKeyY);
     }
 
-    /// @notice Returns the current values of Bridge moving funds between
-    ///         wallets parameters.
-    /// @return movingFundsTxMaxTotalFee Maximum amount of the total BTC
-    ///         transaction fee that is acceptable in a single moving funds
-    ///         transaction. This is a _total_ max fee for the entire moving
-    ///         funds transaction.
-    function movingFundsParameters()
-        external
-        view
-        returns (uint64 movingFundsTxMaxTotalFee)
-    {
-        // TODO: we will have more parameters here, for example moving funds timeout
-        movingFundsTxMaxTotalFee = self.movingFundsTxMaxTotalFee;
+    /// @notice A callback function that is called by the ECDSA Wallet Registry
+    ///         once a wallet heartbeat failure is detected.
+    /// @param publicKeyX Wallet's public key's X coordinate
+    /// @param publicKeyY Wallet's public key's Y coordinate
+    /// @dev Requirements:
+    ///      - The only caller authorized to call this function is `registry`
+    ///      - Wallet must be in Live state
+    function __ecdsaWalletHeartbeatFailedCallback(
+        bytes32,
+        bytes32 publicKeyX,
+        bytes32 publicKeyY
+    ) external override {
+        self.notifyWalletHeartbeatFailed(publicKeyX, publicKeyY);
     }
 
-    /// @notice Returns the current values of Bridge fraud parameters.
-    /// @return fraudSlashingAmount The amount slashed from each wallet member
-    ///         for committing a fraud.
-    /// @return fraudNotifierRewardMultiplier The percentage of the notifier
-    ///         reward from the staking contract the notifier of a fraud
-    ///         receives. The value is in the range [0, 100].
-    /// @return fraudChallengeDefeatTimeout The amount of time the wallet has to
-    ///         defeat a fraud challenge.
-    /// @return fraudChallengeDepositAmount The amount of ETH in wei the party
-    ///         challenging the wallet for fraud needs to deposit.
-    function fraudParameters()
-        external
-        view
-        returns (
-            uint256 fraudSlashingAmount,
-            uint256 fraudNotifierRewardMultiplier,
-            uint256 fraudChallengeDefeatTimeout,
-            uint256 fraudChallengeDepositAmount
-        )
-    {
-        fraudSlashingAmount = self.fraudSlashingAmount;
-        fraudNotifierRewardMultiplier = self.fraudNotifierRewardMultiplier;
-        fraudChallengeDefeatTimeout = self.fraudChallengeDefeatTimeout;
-        fraudChallengeDepositAmount = self.fraudChallengeDepositAmount;
+    /// @notice Notifies that the wallet is either old enough or has too few
+    ///         satoshi left and qualifies to be closed.
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet
+    /// @param walletMainUtxo Data of the wallet's main UTXO, as currently
+    ///        known on the Ethereum chain.
+    /// @dev Requirements:
+    ///      - Wallet must not be set as the current active wallet
+    ///      - Wallet must exceed the wallet maximum age OR the wallet BTC
+    ///        balance must be lesser than the minimum threshold. If the latter
+    ///        case is true, the `walletMainUtxo` components must point to the
+    ///        recent main UTXO of the given wallet, as currently known on the
+    ///        Ethereum chain. If the wallet has no main UTXO, this parameter
+    ///        can be empty as it is ignored since the wallet balance is
+    ///        assumed to be zero.
+    ///      - Wallet must be in Live state
+    function notifyCloseableWallet(
+        bytes20 walletPubKeyHash,
+        BitcoinTx.UTXO calldata walletMainUtxo
+    ) external {
+        self.notifyCloseableWallet(walletPubKeyHash, walletMainUtxo);
     }
 
-    /// @return walletCreationPeriod Determines how frequently a new wallet
-    ///         creation can be requested. Value in seconds.
-    /// @return walletMinBtcBalance The minimum BTC threshold in satoshi that is
-    ///         used to decide about wallet creation or closing.
-    /// @return walletMaxBtcBalance The maximum BTC threshold in satoshi that is
-    ///         used to decide about wallet creation.
-    /// @return walletMaxAge The maximum age of a wallet in seconds, after which
-    ///         the wallet moving funds process can be requested.
-    function walletParameters()
-        external
-        view
-        returns (
-            uint32 walletCreationPeriod,
-            uint64 walletMinBtcBalance,
-            uint64 walletMaxBtcBalance,
-            uint32 walletMaxAge
-        )
-    {
-        walletCreationPeriod = self.walletCreationPeriod;
-        walletMinBtcBalance = self.walletMinBtcBalance;
-        walletMaxBtcBalance = self.walletMaxBtcBalance;
-        walletMaxAge = self.walletMaxAge;
+    /// @notice Submits a fraud challenge indicating that a UTXO being under
+    ///         wallet control was unlocked by the wallet but was not used
+    ///         according to the protocol rules. That means the wallet signed
+    ///         a transaction input pointing to that UTXO and there is a unique
+    ///         sighash and signature pair associated with that input. This
+    ///         function uses those parameters to create a fraud accusation that
+    ///         proves a given transaction input unlocking the given UTXO was
+    ///         actually signed by the wallet. This function cannot determine
+    ///         whether the transaction was actually broadcast and the input was
+    ///         consumed in a fraudulent way so it just opens a challenge period
+    ///         during which the wallet can defeat the challenge by submitting
+    ///         proof of a transaction that consumes the given input according
+    ///         to protocol rules. To prevent spurious allegations, the caller
+    ///         must deposit ETH that is returned back upon justified fraud
+    ///         challenge or confiscated otherwise.
+    ///@param walletPublicKey The public key of the wallet in the uncompressed
+    ///       and unprefixed format (64 bytes)
+    /// @param sighash The hash that was used to produce the ECDSA signature
+    ///        that is the subject of the fraud claim. This hash is constructed
+    ///        by applying double SHA-256 over a serialized subset of the
+    ///        transaction. The exact subset used as hash preimage depends on
+    ///        the transaction input the signature is produced for. See BIP-143
+    ///        for reference
+    /// @param signature Bitcoin signature in the R/S/V format
+    /// @dev Requirements:
+    ///      - Wallet behind `walletPublicKey` must be in Live or MovingFunds
+    ///        or Closing state
+    ///      - The challenger must send appropriate amount of ETH used as
+    ///        fraud challenge deposit
+    ///      - The signature (represented by r, s and v) must be generated by
+    ///        the wallet behind `walletPubKey` during signing of `sighash`
+    ///      - Wallet can be challenged for the given signature only once
+    function submitFraudChallenge(
+        bytes calldata walletPublicKey,
+        bytes32 sighash,
+        BitcoinTx.RSVSignature calldata signature
+    ) external payable {
+        self.submitFraudChallenge(walletPublicKey, sighash, signature);
+    }
+
+    /// @notice Allows to defeat a pending fraud challenge against a wallet if
+    ///         the transaction that spends the UTXO follows the protocol rules.
+    ///         In order to defeat the challenge the same `walletPublicKey` and
+    ///         signature (represented by `r`, `s` and `v`) must be provided as
+    ///         were used to calculate the sighash during input signing.
+    ///         The fraud challenge defeat attempt will only succeed if the
+    ///         inputs in the preimage are considered honestly spent by the
+    ///         wallet. Therefore the transaction spending the UTXO must be
+    ///         proven in the Bridge before a challenge defeat is called.
+    ///         If successfully defeated, the fraud challenge is marked as
+    ///         resolved and the amount of ether deposited by the challenger is
+    ///         sent to the treasury.
+    /// @param walletPublicKey The public key of the wallet in the uncompressed
+    ///        and unprefixed format (64 bytes)
+    /// @param preimage The preimage which produces sighash used to generate the
+    ///        ECDSA signature that is the subject of the fraud claim. It is a
+    ///        serialized subset of the transaction. The exact subset used as
+    ///        the preimage depends on the transaction input the signature is
+    ///        produced for. See BIP-143 for reference
+    /// @param witness Flag indicating whether the preimage was produced for a
+    ///        witness input. True for witness, false for non-witness input
+    /// @dev Requirements:
+    ///      - `walletPublicKey` and `sighash` calculated as `hash256(preimage)`
+    ///        must identify an open fraud challenge
+    ///      - the preimage must be a valid preimage of a transaction generated
+    ///        according to the protocol rules and already proved in the Bridge
+    ///      - before a defeat attempt is made the transaction that spends the
+    ///        given UTXO must be proven in the Bridge
+    function defeatFraudChallenge(
+        bytes calldata walletPublicKey,
+        bytes calldata preimage,
+        bool witness
+    ) external {
+        self.defeatFraudChallenge(walletPublicKey, preimage, witness);
+    }
+
+    /// @notice Notifies about defeat timeout for the given fraud challenge.
+    ///         Can be called only if there was a fraud challenge identified by
+    ///         the provided `walletPublicKey` and `sighash` and it was not
+    ///         defeated on time. The amount of time that needs to pass after
+    ///         a fraud challenge is reported is indicated by the
+    ///         `challengeDefeatTimeout`. After a successful fraud challenge
+    ///         defeat timeout notification the fraud challenge is marked as
+    ///         resolved, the stake of each operator is slashed, the ether
+    ///         deposited is returned to the challenger and the challenger is
+    ///         rewarded.
+    /// @param walletPublicKey The public key of the wallet in the uncompressed
+    ///        and unprefixed format (64 bytes)
+    /// @param sighash The hash that was used to produce the ECDSA signature
+    ///        that is the subject of the fraud claim. This hash is constructed
+    ///        by applying double SHA-256 over a serialized subset of the
+    ///        transaction. The exact subset used as hash preimage depends on
+    ///        the transaction input the signature is produced for. See BIP-143
+    ///        for reference
+    /// @dev Requirements:
+    ///      - `walletPublicKey`and `sighash` must identify an open fraud
+    ///        challenge
+    ///      - the amount of time indicated by `challengeDefeatTimeout` must
+    ///        pass after the challenge was reported
+    function notifyFraudChallengeDefeatTimeout(
+        bytes calldata walletPublicKey,
+        bytes32 sighash
+    ) external {
+        self.notifyFraudChallengeDefeatTimeout(walletPublicKey, sighash);
+    }
+
+    /// @notice Allows the Governance to mark the given vault address as trusted
+    ///         or no longer trusted. Vaults are not trusted by default.
+    ///         Trusted vault must meet the following criteria:
+    ///         - `IVault.receiveBalanceIncrease` must have a known, low gas
+    ///           cost.
+    ///         - `IVault.receiveBalanceIncrease` must never revert.
+    /// @dev Without restricting reveal only to trusted vaults, malicious
+    ///      vaults not meeting the criteria would be able to nuke sweep proof
+    ///      transactions executed by ECDSA wallet with  deposits routed to
+    ///      them.
+    /// @param vault The address of the vault
+    /// @param isTrusted flag indicating whether the vault is trusted or not
+    /// @dev Can only be called by the Governance.
+    function setVaultStatus(address vault, bool isTrusted) external onlyOwner {
+        self.isVaultTrusted[vault] = isTrusted;
+        emit VaultStatusUpdated(vault, isTrusted);
+    }
+
+    /// @notice Updates parameters of deposits.
+    /// @param depositDustThreshold New value of the deposit dust threshold in
+    ///        satoshis. It is the minimal amount that can be requested to
+    ////       deposit. Value of this parameter must take into account the value
+    ///        of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters
+    ///        in order to make requests that can incur the treasury and
+    ///        transaction fee and still satisfy the depositor
+    /// @param depositTreasuryFeeDivisor New value of the treasury fee divisor.
+    ///        It is the divisor used to compute the treasury fee taken from
+    ///        each deposit and transferred to the treasury upon sweep proof
+    ///        submission. That fee is computed as follows:
+    ///        `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each deposit,
+    ///        the `depositTreasuryFeeDivisor` should be set to `50`
+    ///        because `1/50 = 0.02 = 2%`
+    /// @param depositTxMaxFee New value of the deposit tx max fee in satoshis.
+    ///        It is the maximum amount of BTC transaction fee that can
+    ///        be incurred by each swept deposit being part of the given sweep
+    ///        transaction. If the maximum BTC transaction fee is exceeded,
+    ///        such transaction is considered a fraud
+    /// @dev Requirements:
+    ///      - Deposit dust threshold must be greater than zero
+    ///      - Deposit treasury fee divisor must be greater than zero
+    ///      - Deposit transaction max fee must be greater than zero
+    function updateDepositParameters(
+        uint64 depositDustThreshold,
+        uint64 depositTreasuryFeeDivisor,
+        uint64 depositTxMaxFee
+    ) external onlyOwner {
+        self.updateDepositParameters(
+            depositDustThreshold,
+            depositTreasuryFeeDivisor,
+            depositTxMaxFee
+        );
+    }
+
+    /// @notice Updates parameters of redemptions.
+    /// @param redemptionDustThreshold New value of the redemption dust
+    ///        threshold in satoshis. It is the minimal amount that can be
+    ///        requested for redemption. Value of this parameter must take into
+    ///        account the value of `redemptionTreasuryFeeDivisor` and
+    ///        `redemptionTxMaxFee` parameters in order to make requests that
+    ///        can incur the treasury and transaction fee and still satisfy the
+    ///        redeemer.
+    /// @param redemptionTreasuryFeeDivisor New value of the redemption
+    ///        treasury fee divisor. It is the divisor used to compute the
+    ///        treasury fee taken from each redemption request and transferred
+    ///        to the treasury upon successful request finalization. That fee is
+    ///        computed as follows:
+    ///        `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each
+    ///        redemption request, the `redemptionTreasuryFeeDivisor` should
+    ///        be set to `50` because `1/50 = 0.02 = 2%`.
+    /// @param redemptionTxMaxFee New value of the redemption transaction max
+    ///        fee in satoshis. It is the maximum amount of BTC transaction fee
+    ///        that can be incurred by each redemption request being part of the
+    ///        given redemption transaction. If the maximum BTC transaction fee
+    ///        is exceeded, such transaction is considered a fraud.
+    ///        This is a per-redemption output max fee for the redemption
+    ///        transaction.
+    /// @param redemptionTimeout New value of the redemption timeout in seconds.
+    ///        It is the time after which the redemption request can be reported
+    ///        as timed out. It is counted from the moment when the redemption
+    ///        request was created via `requestRedemption` call. Reported  timed
+    ///        out requests are cancelled and locked TBTC is returned to the
+    ///        redeemer in full amount.
+    /// @dev Requirements:
+    ///      - Redemption dust threshold must be greater than zero
+    ///      - Redemption treasury fee divisor must be greater than zero
+    ///      - Redemption transaction max fee must be greater than zero
+    ///      - Redemption timeout must be greater than zero
+    function updateRedemptionParameters(
+        uint64 redemptionDustThreshold,
+        uint64 redemptionTreasuryFeeDivisor,
+        uint64 redemptionTxMaxFee,
+        uint256 redemptionTimeout
+    ) external onlyOwner {
+        self.updateRedemptionParameters(
+            redemptionDustThreshold,
+            redemptionTreasuryFeeDivisor,
+            redemptionTxMaxFee,
+            redemptionTimeout
+        );
+    }
+
+    /// @notice Updates parameters of moving funds.
+    /// @param movingFundsTxMaxTotalFee New value of the moving funds transaction
+    ///        max total fee in satoshis. It is the maximum amount of the total
+    ///        BTC transaction fee that is acceptable in a single moving funds
+    ///        transaction. This is a _total_ max fee for the entire moving
+    ///        funds transaction.
+    /// @param movingFundsTimeout New value of the moving funds timeout in
+    ///        seconds. It is the time after which the moving funds process can
+    ///        be reported as timed out. It is counted from the moment when the
+    ///        wallet was requested to move their funds and switched to the
+    ///        MovingFunds state.
+    /// @dev Requirements:
+    ///      - Moving funds transaction max total fee must be greater than zero
+    ///      - Moving funds timeout must be greater than zero
+    function updateMovingFundsParameters(
+        uint64 movingFundsTxMaxTotalFee,
+        uint32 movingFundsTimeout
+    ) external onlyOwner {
+        self.updateMovingFundsParameters(
+            movingFundsTxMaxTotalFee,
+            movingFundsTimeout
+        );
     }
 
     /// @notice Updates parameters of wallets.
@@ -891,39 +894,65 @@ contract Bridge is Ownable, EcdsaWalletOwner {
     ///        seconds, determines how frequently a new wallet creation can be
     ///        requested
     /// @param walletMinBtcBalance New value of the wallet minimum BTC balance
-    ///        in sathoshis, used to decide about wallet creation or closing
+    ///        in satoshi, used to decide about wallet creation or closing
     /// @param walletMaxBtcBalance New value of the wallet maximum BTC balance
-    ///        in sathoshis, used to decide about wallet creation
+    ///        in satoshi, used to decide about wallet creation
     /// @param walletMaxAge New value of the wallet maximum age in seconds,
     ///        indicates the maximum age of a wallet in seconds, after which
     ///        the wallet moving funds process can be requested
+    /// @param walletMaxBtcTransfer New value of the wallet maximum BTC transfer
+    ///        in satoshi, determines the maximum amount that can be transferred
+    //         to a single target wallet during the moving funds process
     /// @dev Requirements:
     ///      - Wallet minimum BTC balance must be greater than zero
     ///      - Wallet maximum BTC balance must be greater than the wallet
     ///        minimum BTC balance
+    ///      - Wallet maximum BTC transfer must be greater than zero
     function updateWalletParameters(
         uint32 walletCreationPeriod,
         uint64 walletMinBtcBalance,
         uint64 walletMaxBtcBalance,
-        uint32 walletMaxAge
+        uint32 walletMaxAge,
+        uint64 walletMaxBtcTransfer
     ) external onlyOwner {
         self.updateWalletParameters(
             walletCreationPeriod,
             walletMinBtcBalance,
             walletMaxBtcBalance,
-            walletMaxAge
+            walletMaxAge,
+            walletMaxBtcTransfer
         );
     }
 
-    /// @notice Indicates if the vault with the given address is trusted or not.
-    ///         Depositors can route their revealed deposits only to trusted
-    ///         vaults and have trusted vaults notified about new deposits as
-    ///         soon as these deposits get swept. Vaults not trusted by the
-    ///         Bridge can still be used by Bank balance owners on their own
-    ///         responsibility - anyone can approve their Bank balance to any
-    ///         address.
-    function isVaultTrusted(address vault) external view returns (bool) {
-        return self.isVaultTrusted[vault];
+    /// @notice Updates parameters related to frauds.
+    /// @param fraudSlashingAmount New value of the fraud slashing amount in T,
+    ///        it is the amount slashed from each wallet member for committing
+    ///        a fraud
+    /// @param fraudNotifierRewardMultiplier New value of the fraud notifier
+    ///        reward multiplier as percentage, it determines the percentage of
+    ///        the notifier reward from the staking contact the notifier of
+    ///        a fraud receives. The value must be in the range [0, 100]
+    /// @param fraudChallengeDefeatTimeout New value of the challenge defeat
+    ///        timeout in seconds, it is the amount of time the wallet has to
+    ///        defeat a fraud challenge. The value must be greater than zero
+    /// @param fraudChallengeDepositAmount New value of the fraud challenge
+    ///        deposit amount in wei, it is the amount of ETH the party
+    ///        challenging the wallet for fraud needs to deposit
+    /// @dev Requirements:
+    ///      - Fraud notifier reward multiplier must be in the range [0, 100]
+    ///      - Fraud challenge defeat timeout must be greater than 0
+    function updateFraudParameters(
+        uint256 fraudSlashingAmount,
+        uint256 fraudNotifierRewardMultiplier,
+        uint256 fraudChallengeDefeatTimeout,
+        uint256 fraudChallengeDepositAmount
+    ) external onlyOwner {
+        self.updateFraudParameters(
+            fraudSlashingAmount,
+            fraudNotifierRewardMultiplier,
+            fraudChallengeDefeatTimeout,
+            fraudChallengeDepositAmount
+        );
     }
 
     /// @notice Collection of all revealed deposits indexed by
@@ -940,16 +969,6 @@ contract Bridge is Ownable, EcdsaWalletOwner {
         return self.deposits[depositKey];
     }
 
-    /// @notice Collection of main UTXOs that are honestly spent indexed by
-    ///         keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash
-    ///         is bytes32 (ordered as in Bitcoin internally) and
-    ///         fundingOutputIndex an uint32. A main UTXO is considered honestly
-    ///         spent if it was used as an input of a transaction that have been
-    ///         proven in the Bridge.
-    function spentMainUTXOs(uint256 utxoKey) external view returns (bool) {
-        return self.spentMainUTXOs[utxoKey];
-    }
-
     /// @notice Collection of all pending redemption requests indexed by
     ///         redemption key built as
     ///         keccak256(walletPubKeyHash | redeemerOutputScript). The
@@ -967,7 +986,7 @@ contract Bridge is Ownable, EcdsaWalletOwner {
     function pendingRedemptions(uint256 redemptionKey)
         external
         view
-        returns (Redeem.RedemptionRequest memory)
+        returns (Redemption.RedemptionRequest memory)
     {
         return self.pendingRedemptions[redemptionKey];
     }
@@ -988,8 +1007,236 @@ contract Bridge is Ownable, EcdsaWalletOwner {
     function timedOutRedemptions(uint256 redemptionKey)
         external
         view
-        returns (Redeem.RedemptionRequest memory)
+        returns (Redemption.RedemptionRequest memory)
     {
         return self.timedOutRedemptions[redemptionKey];
     }
+
+    /// @notice Collection of main UTXOs that are honestly spent indexed by
+    ///         keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash
+    ///         is bytes32 (ordered as in Bitcoin internally) and
+    ///         fundingOutputIndex an uint32. A main UTXO is considered honestly
+    ///         spent if it was used as an input of a transaction that have been
+    ///         proven in the Bridge.
+    function spentMainUTXOs(uint256 utxoKey) external view returns (bool) {
+        return self.spentMainUTXOs[utxoKey];
+    }
+
+    /// @notice Gets details about a registered wallet.
+    /// @param walletPubKeyHash The 20-byte wallet public key hash (computed
+    ///        using Bitcoin HASH160 over the compressed ECDSA public key)
+    /// @return Wallet details.
+    function wallets(bytes20 walletPubKeyHash)
+        external
+        view
+        returns (Wallets.Wallet memory)
+    {
+        return self.registeredWallets[walletPubKeyHash];
+    }
+
+    /// @notice Gets the public key hash of the active wallet.
+    /// @return The 20-byte public key hash (computed using Bitcoin HASH160
+    ///         over the compressed ECDSA public key) of the active wallet.
+    ///         Returns bytes20(0) if there is no active wallet at the moment.
+    function activeWalletPubKeyHash() external view returns (bytes20) {
+        return self.activeWalletPubKeyHash;
+    }
+
+    /// @notice Gets the live wallets count.
+    /// @return The current count of wallets being in the Live state.
+    function liveWalletsCount() external view returns (uint32) {
+        return self.liveWalletsCount;
+    }
+
+    /// @notice Returns the fraud challenge identified by the given key built
+    ///         as keccak256(walletPublicKey|sighash).
+    function fraudChallenges(uint256 challengeKey)
+        external
+        view
+        returns (Fraud.FraudChallenge memory)
+    {
+        return self.fraudChallenges[challengeKey];
+    }
+
+    /// @notice Indicates if the vault with the given address is trusted or not.
+    ///         Depositors can route their revealed deposits only to trusted
+    ///         vaults and have trusted vaults notified about new deposits as
+    ///         soon as these deposits get swept. Vaults not trusted by the
+    ///         Bridge can still be used by Bank balance owners on their own
+    ///         responsibility - anyone can approve their Bank balance to any
+    ///         address.
+    function isVaultTrusted(address vault) external view returns (bool) {
+        return self.isVaultTrusted[vault];
+    }
+
+    /// @notice Returns the current values of Bridge deposit parameters.
+    /// @return depositDustThreshold The minimal amount that can be requested
+    ///         to deposit. Value of this parameter must take into account the
+    ///         value of `depositTreasuryFeeDivisor` and `depositTxMaxFee`
+    ///         parameters in order to make requests that can incur the
+    ///         treasury and transaction fee and still satisfy the depositor.
+    /// @return depositTreasuryFeeDivisor Divisor used to compute the treasury
+    ///         fee taken from each deposit and transferred to the treasury upon
+    ///         sweep proof submission. That fee is computed as follows:
+    ///         `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`
+    ///         For example, if the treasury fee needs to be 2% of each deposit,
+    ///         the `depositTreasuryFeeDivisor` should be set to `50`
+    ///         because `1/50 = 0.02 = 2%`.
+    /// @return depositTxMaxFee Maximum amount of BTC transaction fee that can
+    ///         be incurred by each swept deposit being part of the given sweep
+    ///         transaction. If the maximum BTC transaction fee is exceeded,
+    ///         such transaction is considered a fraud.
+    function depositParameters()
+        external
+        view
+        returns (
+            uint64 depositDustThreshold,
+            uint64 depositTreasuryFeeDivisor,
+            uint64 depositTxMaxFee
+        )
+    {
+        depositDustThreshold = self.depositDustThreshold;
+        depositTreasuryFeeDivisor = self.depositTreasuryFeeDivisor;
+        depositTxMaxFee = self.depositTxMaxFee;
+    }
+
+    /// @notice Returns the current values of Bridge redemption parameters.
+    /// @return redemptionDustThreshold The minimal amount that can be requested
+    ///         for redemption. Value of this parameter must take into account
+    ///         the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`
+    ///         parameters in order to make requests that can incur the
+    ///         treasury and transaction fee and still satisfy the redeemer.
+    /// @return redemptionTreasuryFeeDivisor Divisor used to compute the treasury
+    ///         fee taken from each redemption request and transferred to the
+    ///         treasury upon successful request finalization. That fee is
+    ///         computed as follows:
+    ///         `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`
+    ///         For example, if the treasury fee needs to be 2% of each
+    ///         redemption request, the `redemptionTreasuryFeeDivisor` should
+    ///         be set to `50` because `1/50 = 0.02 = 2%`.
+    /// @return redemptionTxMaxFee Maximum amount of BTC transaction fee that
+    ///         can be incurred by each redemption request being part of the
+    ///         given redemption transaction. If the maximum BTC transaction
+    ///         fee is exceeded, such transaction is considered a fraud.
+    ///         This is a per-redemption output max fee for the redemption
+    ///         transaction.
+    /// @return redemptionTimeout Time after which the redemption request can be
+    ///         reported as timed out. It is counted from the moment when the
+    ///         redemption request was created via `requestRedemption` call.
+    ///         Reported  timed out requests are cancelled and locked TBTC is
+    ///         returned to the redeemer in full amount.
+    function redemptionParameters()
+        external
+        view
+        returns (
+            uint64 redemptionDustThreshold,
+            uint64 redemptionTreasuryFeeDivisor,
+            uint64 redemptionTxMaxFee,
+            uint256 redemptionTimeout
+        )
+    {
+        redemptionDustThreshold = self.redemptionDustThreshold;
+        redemptionTreasuryFeeDivisor = self.redemptionTreasuryFeeDivisor;
+        redemptionTxMaxFee = self.redemptionTxMaxFee;
+        redemptionTimeout = self.redemptionTimeout;
+    }
+
+    /// @notice Returns the current values of Bridge moving funds between
+    ///         wallets parameters.
+    /// @return movingFundsTxMaxTotalFee Maximum amount of the total BTC
+    ///         transaction fee that is acceptable in a single moving funds
+    ///         transaction. This is a _total_ max fee for the entire moving
+    ///         funds transaction.
+    /// @return movingFundsTimeout Time after which the moving funds process
+    ///         can be reported as timed out. It is counted from the moment
+    ///         when the wallet was requested to move their funds and switched
+    ///         to the MovingFunds state. Value in seconds.
+    function movingFundsParameters()
+        external
+        view
+        returns (uint64 movingFundsTxMaxTotalFee, uint32 movingFundsTimeout)
+    {
+        movingFundsTxMaxTotalFee = self.movingFundsTxMaxTotalFee;
+        movingFundsTimeout = self.movingFundsTimeout;
+    }
+
+    /// @return walletCreationPeriod Determines how frequently a new wallet
+    ///         creation can be requested. Value in seconds.
+    /// @return walletMinBtcBalance The minimum BTC threshold in satoshi that is
+    ///         used to decide about wallet creation or closing.
+    /// @return walletMaxBtcBalance The maximum BTC threshold in satoshi that is
+    ///         used to decide about wallet creation.
+    /// @return walletMaxAge The maximum age of a wallet in seconds, after which
+    ///         the wallet moving funds process can be requested.
+    /// @return walletMaxBtcTransfer The maximum BTC amount in satoshi than
+    ///         can be transferred to a single target wallet during the moving
+    ///         funds process.
+    function walletParameters()
+        external
+        view
+        returns (
+            uint32 walletCreationPeriod,
+            uint64 walletMinBtcBalance,
+            uint64 walletMaxBtcBalance,
+            uint32 walletMaxAge,
+            uint64 walletMaxBtcTransfer
+        )
+    {
+        walletCreationPeriod = self.walletCreationPeriod;
+        walletMinBtcBalance = self.walletMinBtcBalance;
+        walletMaxBtcBalance = self.walletMaxBtcBalance;
+        walletMaxAge = self.walletMaxAge;
+        walletMaxBtcTransfer = self.walletMaxBtcTransfer;
+    }
+
+    /// @notice Returns the current values of Bridge fraud parameters.
+    /// @return fraudSlashingAmount The amount slashed from each wallet member
+    ///         for committing a fraud.
+    /// @return fraudNotifierRewardMultiplier The percentage of the notifier
+    ///         reward from the staking contract the notifier of a fraud
+    ///         receives. The value is in the range [0, 100].
+    /// @return fraudChallengeDefeatTimeout The amount of time the wallet has to
+    ///         defeat a fraud challenge.
+    /// @return fraudChallengeDepositAmount The amount of ETH in wei the party
+    ///         challenging the wallet for fraud needs to deposit.
+    function fraudParameters()
+        external
+        view
+        returns (
+            uint256 fraudSlashingAmount,
+            uint256 fraudNotifierRewardMultiplier,
+            uint256 fraudChallengeDefeatTimeout,
+            uint256 fraudChallengeDepositAmount
+        )
+    {
+        fraudSlashingAmount = self.fraudSlashingAmount;
+        fraudNotifierRewardMultiplier = self.fraudNotifierRewardMultiplier;
+        fraudChallengeDefeatTimeout = self.fraudChallengeDefeatTimeout;
+        fraudChallengeDepositAmount = self.fraudChallengeDepositAmount;
+    }
+
+    /// @notice Returns the addresses of contracts Bridge is interacting with.
+    /// @return bank Address of the Bank the Bridge belongs to.
+    /// @return relay Address of the Bitcoin relay providing the current Bitcoin
+    ///         network difficulty.
+    function contractReferences()
+        external
+        view
+        returns (Bank bank, IRelay relay)
+    {
+        bank = self.bank;
+        relay = self.relay;
+    }
+
+    /// @notice Address where the deposit treasury fees will be sent to.
+    ///         Treasury takes part in the operators rewarding process.
+    function treasury() external view returns (address) {
+        return self.treasury;
+    }
+
+    /// @notice The number of confirmations on the Bitcoin chain required to
+    ///         successfully evaluate an SPV proof.
+    function txProofDifficultyFactor() external view returns (uint256) {
+        return self.txProofDifficultyFactor;
+    }
 }