@keep-network/tbtc-v2 0.1.1-dev.9 → 0.1.1-dev.92

package/contracts/bridge/Bridge.sol

@@ -13,14 +13,27 @@
 //               ▐████▌    ▐████▌
 //               ▐████▌    ▐████▌
 
-pragma solidity 0.8.4;
+pragma solidity ^0.8.9;
 
-import "@openzeppelin/contracts/access/Ownable.sol";
+import "@keep-network/random-beacon/contracts/Governable.sol";
+import {IWalletOwner as EcdsaWalletOwner} from "@keep-network/ecdsa/contracts/api/IWalletOwner.sol";
 
-import {BTCUtils} from "@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol";
-import {BytesLib} from "@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol";
+import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+import "@openzeppelin/contracts-upgradeable/utils/math/SafeCastUpgradeable.sol";
 
+import "./IRelay.sol";
+import "./BridgeState.sol";
+import "./Deposit.sol";
+import "./DepositSweep.sol";
+import "./Redemption.sol";
 import "./BitcoinTx.sol";
+import "./EcdsaLib.sol";
+import "./Wallets.sol";
+import "./Fraud.sol";
+import "./MovingFunds.sol";
+
+import "../bank/IReceiveBalanceApproval.sol";
+import "../bank/Bank.sol";
 
 /// @title Bitcoin Bridge
 /// @notice Bridge manages BTC deposit and redemption flow and is increasing and
@@ -40,100 +53,245 @@ import "./BitcoinTx.sol";
 ///         the sweep operation is confirmed on the Bitcoin network, the ECDSA
 ///         wallet informs the Bridge about the sweep increasing appropriate
 ///         balances in the Bank.
-/// @dev Bridge is an upgradeable component of the Bank.
-contract Bridge is Ownable {
-    using BTCUtils for bytes;
-    using BytesLib for bytes;
-
-    /// @notice Represents data which must be revealed by the depositor during
-    ///         deposit reveal.
-    struct RevealInfo {
-        // Index of the funding output belonging to the funding transaction.
-        uint8 fundingOutputIndex;
-        // Ethereum depositor address.
-        address depositor;
-        // The blinding factor as 8 bytes. Byte endianness doesn't matter
-        // as this factor is not interpreted as uint.
-        bytes8 blindingFactor;
-        // The compressed Bitcoin public key (33 bytes and 02 or 03 prefix)
-        // of the deposit's wallet hashed in the HASH160 Bitcoin opcode style.
-        bytes20 walletPubKeyHash;
-        // The compressed Bitcoin public key (33 bytes and 02 or 03 prefix)
-        // that can be used to make the deposit refund after the refund
-        // locktime passes. Hashed in the HASH160 Bitcoin opcode style.
-        bytes20 refundPubKeyHash;
-        // The refund locktime (4-byte LE). Interpreted according to locktime
-        // parsing rules described in:
-        // https://developer.bitcoin.org/devguide/transactions.html#locktime-and-sequence-number
-        // and used with OP_CHECKLOCKTIMEVERIFY opcode as described in:
-        // https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki
-        bytes4 refundLocktime;
-        // Address of the Bank vault to which the deposit is routed to.
-        // Optional, can be 0x0. The vault must be trusted by the Bridge.
-        address vault;
-    }
-
-    /// @notice Represents tBTC deposit data.
-    struct DepositInfo {
-        // Ethereum depositor address.
-        address depositor;
-        // Deposit amount in satoshi (8-byte LE). For example:
-        // 0.0001 BTC = 10000 satoshi = 0x1027000000000000
-        bytes8 amount;
-        // UNIX timestamp the deposit was revealed at.
-        uint32 revealedAt;
-        // Address of the Bank vault the deposit is routed to.
-        // Optional, can be 0x0.
-        address vault;
-    }
-
-    /// @notice Indicates if the vault with the given address is trusted or not.
-    ///         Depositors can route their revealed deposits only to trusted
-    ///         vaults and have trusted vaults notified about new deposits as
-    ///         soon as these deposits get swept. Vaults not trusted by the
-    ///         Bridge can still be used by Bank balance owners on their own
-    ///         responsibility - anyone can approve their Bank balance to any
-    ///         address.
-    mapping(address => bool) public isVaultTrusted;
+/// @dev Bridge is an upgradeable component of the Bank. The order of
+///      functionalities in this contract is: deposit, sweep, redemption,
+///      moving funds, wallet lifecycle, frauds, parameters.
+contract Bridge is
+    Governable,
+    EcdsaWalletOwner,
+    Initializable,
+    IReceiveBalanceApproval
+{
+    using BridgeState for BridgeState.Storage;
+    using Deposit for BridgeState.Storage;
+    using DepositSweep for BridgeState.Storage;
+    using Redemption for BridgeState.Storage;
+    using MovingFunds for BridgeState.Storage;
+    using Wallets for BridgeState.Storage;
+    using Fraud for BridgeState.Storage;
 
-    /// @notice Collection of all unswept deposits indexed by
-    ///         keccak256(fundingTxHash | fundingOutputIndex).
-    ///         The fundingTxHash is LE bytes32 and fundingOutputIndex an uint8.
-    ///         This mapping may contain valid and invalid deposits and the
-    ///         wallet is responsible for validating them before attempting to
-    ///         execute a sweep.
-    ///
-    /// TODO: Explore the possibility of storing just a hash of DepositInfo.
-    mapping(uint256 => DepositInfo) public unswept;
+    BridgeState.Storage internal self;
 
     event DepositRevealed(
         bytes32 fundingTxHash,
-        uint8 fundingOutputIndex,
-        address depositor,
+        uint32 fundingOutputIndex,
+        address indexed depositor,
+        uint64 amount,
         bytes8 blindingFactor,
-        bytes20 walletPubKeyHash,
+        bytes20 indexed walletPubKeyHash,
         bytes20 refundPubKeyHash,
         bytes4 refundLocktime,
         address vault
     );
 
+    event DepositsSwept(bytes20 walletPubKeyHash, bytes32 sweepTxHash);
+
+    event RedemptionRequested(
+        bytes20 indexed walletPubKeyHash,
+        bytes redeemerOutputScript,
+        address indexed redeemer,
+        uint64 requestedAmount,
+        uint64 treasuryFee,
+        uint64 txMaxFee
+    );
+
+    event RedemptionsCompleted(
+        bytes20 indexed walletPubKeyHash,
+        bytes32 redemptionTxHash
+    );
+
+    event RedemptionTimedOut(
+        bytes20 indexed walletPubKeyHash,
+        bytes redeemerOutputScript
+    );
+
+    event WalletMovingFunds(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event MovingFundsCommitmentSubmitted(
+        bytes20 indexed walletPubKeyHash,
+        bytes20[] targetWallets,
+        address submitter
+    );
+
+    event MovingFundsTimeoutReset(bytes20 indexed walletPubKeyHash);
+
+    event MovingFundsCompleted(
+        bytes20 indexed walletPubKeyHash,
+        bytes32 movingFundsTxHash
+    );
+
+    event MovingFundsTimedOut(bytes20 indexed walletPubKeyHash);
+
+    event MovingFundsBelowDustReported(bytes20 indexed walletPubKeyHash);
+
+    event MovedFundsSwept(
+        bytes20 indexed walletPubKeyHash,
+        bytes32 sweepTxHash
+    );
+
+    event MovedFundsSweepTimedOut(
+        bytes20 indexed walletPubKeyHash,
+        bytes32 movingFundsTxHash,
+        uint32 movingFundsTxOutputIndex
+    );
+
+    event NewWalletRequested();
+
+    event NewWalletRegistered(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event WalletClosing(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event WalletClosed(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event WalletTerminated(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
+    event FraudChallengeSubmitted(
+        bytes20 indexed walletPubKeyHash,
+        bytes32 sighash,
+        uint8 v,
+        bytes32 r,
+        bytes32 s
+    );
+
+    event FraudChallengeDefeated(
+        bytes20 indexed walletPubKeyHash,
+        bytes32 sighash
+    );
+
+    event FraudChallengeDefeatTimedOut(
+        bytes20 indexed walletPubKeyHash,
+        bytes32 sighash
+    );
+
     event VaultStatusUpdated(address indexed vault, bool isTrusted);
 
-    /// @notice Allows the Governance to mark the given vault address as trusted
-    ///         or no longer trusted. Vaults are not trusted by default.
-    ///         Trusted vault must meet the following criteria:
-    ///         - `IVault.onBalanceIncreased` must have a known, low gas cost.
-    ///         - `IVault.onBalanceIncreased` must never revert.
-    /// @dev Without restricting reveal only to trusted vaults, malicious
-    ///      vaults not meeting the criteria would be able to nuke sweep proof
-    ///      transactions executed by ECDSA wallet with  deposits routed to
-    ///      them.
-    /// @param vault The address of the vault
-    /// @param isTrusted flag indicating whether the vault is trusted or not
-    /// @dev Can only be called by the Governance.
-    function setVaultStatus(address vault, bool isTrusted) external onlyOwner {
-        isVaultTrusted[vault] = isTrusted;
-        emit VaultStatusUpdated(vault, isTrusted);
+    event DepositParametersUpdated(
+        uint64 depositDustThreshold,
+        uint64 depositTreasuryFeeDivisor,
+        uint64 depositTxMaxFee
+    );
+
+    event RedemptionParametersUpdated(
+        uint64 redemptionDustThreshold,
+        uint64 redemptionTreasuryFeeDivisor,
+        uint64 redemptionTxMaxFee,
+        uint256 redemptionTimeout,
+        uint96 redemptionTimeoutSlashingAmount,
+        uint256 redemptionTimeoutNotifierRewardMultiplier
+    );
+
+    event MovingFundsParametersUpdated(
+        uint64 movingFundsTxMaxTotalFee,
+        uint64 movingFundsDustThreshold,
+        uint32 movingFundsTimeoutResetDelay,
+        uint32 movingFundsTimeout,
+        uint96 movingFundsTimeoutSlashingAmount,
+        uint256 movingFundsTimeoutNotifierRewardMultiplier,
+        uint64 movedFundsSweepTxMaxTotalFee,
+        uint32 movedFundsSweepTimeout,
+        uint96 movedFundsSweepTimeoutSlashingAmount,
+        uint256 movedFundsSweepTimeoutNotifierRewardMultiplier
+    );
+
+    event WalletParametersUpdated(
+        uint32 walletCreationPeriod,
+        uint64 walletCreationMinBtcBalance,
+        uint64 walletCreationMaxBtcBalance,
+        uint64 walletClosureMinBtcBalance,
+        uint32 walletMaxAge,
+        uint64 walletMaxBtcTransfer,
+        uint32 walletClosingPeriod
+    );
+
+    event FraudParametersUpdated(
+        uint256 fraudChallengeDepositAmount,
+        uint256 fraudChallengeDefeatTimeout,
+        uint96 fraudSlashingAmount,
+        uint256 fraudNotifierRewardMultiplier
+    );
+
+    /// @dev Initializes upgradable contract on deployment.
+    /// @param _bank Address of the Bank the Bridge belongs to.
+    /// @param _relay Address of the Bitcoin relay providing the current Bitcoin
+    ///        network difficulty.
+    /// @param _treasury Address where the deposit and redemption treasury fees
+    ///        will be sent to.
+    /// @param _ecdsaWalletRegistry Address of the ECDSA Wallet Registry contract.
+    /// @param _txProofDifficultyFactor The number of confirmations on the Bitcoin
+    ///        chain required to successfully evaluate an SPV proof.
+    function initialize(
+        address _bank,
+        address _relay,
+        address _treasury,
+        address _ecdsaWalletRegistry,
+        uint256 _txProofDifficultyFactor
+    ) external initializer {
+        require(_bank != address(0), "Bank address cannot be zero");
+        self.bank = Bank(_bank);
+
+        require(_relay != address(0), "Relay address cannot be zero");
+        self.relay = IRelay(_relay);
+
+        require(
+            _ecdsaWalletRegistry != address(0),
+            "ECDSA Wallet Registry address cannot be zero"
+        );
+        self.ecdsaWalletRegistry = EcdsaWalletRegistry(_ecdsaWalletRegistry);
+
+        require(_treasury != address(0), "Treasury address cannot be zero");
+        self.treasury = _treasury;
+
+        self.txProofDifficultyFactor = _txProofDifficultyFactor;
+
+        // TODO: Revisit initial values.
+        //       https://github.com/keep-network/tbtc-v2/issues/258
+        self.depositDustThreshold = 1000000; // 1000000 satoshi = 0.01 BTC
+        self.depositTxMaxFee = 10000; // 10000 satoshi
+        self.depositTreasuryFeeDivisor = 2000; // 1/2000 == 5bps == 0.05% == 0.0005
+        self.redemptionDustThreshold = 1000000; // 1000000 satoshi = 0.01 BTC
+        self.redemptionTreasuryFeeDivisor = 2000; // 1/2000 == 5bps == 0.05% == 0.0005
+        self.redemptionTxMaxFee = 10000; // 10000 satoshi
+        self.redemptionTimeout = 172800; // 48 hours
+        self.redemptionTimeoutSlashingAmount = 10000 * 1e18; // 10000 T
+        self.redemptionTimeoutNotifierRewardMultiplier = 100; // 100%
+        self.movingFundsTxMaxTotalFee = 10000; // 10000 satoshi
+        self.movingFundsDustThreshold = 20000; // 20000 satoshi
+        self.movingFundsTimeoutResetDelay = 6 days;
+        self.movingFundsTimeout = 7 days;
+        self.movingFundsTimeoutSlashingAmount = 10000 * 1e18; // 10000 T
+        self.movingFundsTimeoutNotifierRewardMultiplier = 100; //100%
+        self.movedFundsSweepTxMaxTotalFee = 10000; // 10000 satoshi
+        self.movedFundsSweepTimeout = 7 days;
+        self.movedFundsSweepTimeoutSlashingAmount = 10000 * 1e18; // 10000 T
+        self.movedFundsSweepTimeoutNotifierRewardMultiplier = 100; //100%
+        self.fraudChallengeDepositAmount = 2 ether;
+        self.fraudChallengeDefeatTimeout = 7 days;
+        self.fraudSlashingAmount = 10000 * 1e18; // 10000 T
+        self.fraudNotifierRewardMultiplier = 100; // 100%
+        self.walletCreationPeriod = 1 weeks;
+        self.walletCreationMinBtcBalance = 1e8; // 1 BTC
+        self.walletCreationMaxBtcBalance = 100e8; // 100 BTC
+        self.walletClosureMinBtcBalance = 5 * 1e7; // 0.5 BTC
+        self.walletMaxAge = 26 weeks; // ~6 months
+        self.walletMaxBtcTransfer = 10e8; // 10 BTC
+        self.walletClosingPeriod = 40 days;
+
+        _transferGovernance(msg.sender);
     }
 
     /// @notice Used by the depositor to reveal information about their P2(W)SH
@@ -147,12 +305,13 @@ contract Bridge is Ownable {
     ///         outputs. The deposit may be routed to one of the trusted vaults.
     ///         When a deposit is routed to a vault, vault gets notified when
     ///         the deposit gets swept and it may execute the appropriate action.
-    /// @param fundingTx Bitcoin funding transaction data, see `BitcoinTx.Info`
-    /// @param reveal Deposit reveal data, see `RevealInfo struct
+    /// @param fundingTx Bitcoin funding transaction data, see `BitcoinTx.Info`.
+    /// @param reveal Deposit reveal data, see `RevealInfo struct.
     /// @dev Requirements:
-    ///      - `reveal.vault` must be 0x0 or point to a trusted vault
+    ///      - `reveal.walletPubKeyHash` must identify a `Live` wallet,
+    ///      - `reveal.vault` must be 0x0 or point to a trusted vault,
     ///      - `reveal.fundingOutputIndex` must point to the actual P2(W)SH
-    ///        output of the BTC deposit transaction
+    ///        output of the BTC deposit transaction,
     ///      - `reveal.depositor` must be the Ethereum address used in the
     ///        P2(W)SH BTC deposit transaction,
     ///      - `reveal.blindingFactor` must be the blinding factor used in the
@@ -171,127 +330,9 @@ contract Bridge is Ownable {
     ///      deposit script unlocks to receive their BTC back.
     function revealDeposit(
         BitcoinTx.Info calldata fundingTx,
-        RevealInfo calldata reveal
+        Deposit.DepositRevealInfo calldata reveal
     ) external {
-        require(
-            reveal.vault == address(0) || isVaultTrusted[reveal.vault],
-            "Vault is not trusted"
-        );
-
-        bytes memory expectedScript =
-            abi.encodePacked(
-                hex"14", // Byte length of depositor Ethereum address.
-                reveal.depositor,
-                hex"75", // OP_DROP
-                hex"08", // Byte length of blinding factor value.
-                reveal.blindingFactor,
-                hex"75", // OP_DROP
-                hex"76", // OP_DUP
-                hex"a9", // OP_HASH160
-                hex"14", // Byte length of a compressed Bitcoin public key hash.
-                reveal.walletPubKeyHash,
-                hex"87", // OP_EQUAL
-                hex"63", // OP_IF
-                hex"ac", // OP_CHECKSIG
-                hex"67", // OP_ELSE
-                hex"76", // OP_DUP
-                hex"a9", // OP_HASH160
-                hex"14", // Byte length of a compressed Bitcoin public key hash.
-                reveal.refundPubKeyHash,
-                hex"88", // OP_EQUALVERIFY
-                hex"04", // Byte length of refund locktime value.
-                reveal.refundLocktime,
-                hex"b1", // OP_CHECKLOCKTIMEVERIFY
-                hex"75", // OP_DROP
-                hex"ac", // OP_CHECKSIG
-                hex"68" // OP_ENDIF
-            );
-
-        bytes memory fundingOutput =
-            fundingTx.outputVector.extractOutputAtIndex(
-                reveal.fundingOutputIndex
-            );
-        bytes memory fundingOutputHash = fundingOutput.extractHash();
-
-        if (fundingOutputHash.length == 20) {
-            // A 20-byte output hash is used by P2SH. That hash is constructed
-            // by applying OP_HASH160 on the locking script. A 20-byte output
-            // hash is used as well by P2PKH and P2WPKH (OP_HASH160 on the
-            // public key). However, since we compare the actual output hash
-            // with an expected locking script hash, this check will succeed only
-            // for P2SH transaction type with expected script hash value. For
-            // P2PKH and P2WPKH, it will fail on the output hash comparison with
-            // the expected locking script hash.
-            require(
-                keccak256(fundingOutputHash) ==
-                    keccak256(expectedScript.hash160()),
-                "Wrong 20-byte script hash"
-            );
-        } else if (fundingOutputHash.length == 32) {
-            // A 32-byte output hash is used by P2WSH. That hash is constructed
-            // by applying OP_SHA256 on the locking script.
-            require(
-                fundingOutputHash.toBytes32() == sha256(expectedScript),
-                "Wrong 32-byte script hash"
-            );
-        } else {
-            revert("Wrong script hash length");
-        }
-
-        // Resulting TX hash is in native Bitcoin little-endian format.
-        bytes32 fundingTxHash =
-            abi
-                .encodePacked(
-                fundingTx
-                    .version,
-                fundingTx
-                    .inputVector,
-                fundingTx
-                    .outputVector,
-                fundingTx
-                    .locktime
-            )
-                .hash256();
-
-        DepositInfo storage deposit =
-            unswept[
-                uint256(
-                    keccak256(
-                        abi.encodePacked(
-                            fundingTxHash,
-                            reveal.fundingOutputIndex
-                        )
-                    )
-                )
-            ];
-        require(deposit.revealedAt == 0, "Deposit already revealed");
-
-        bytes8 fundingOutputAmount;
-        /* solhint-disable-next-line no-inline-assembly */
-        assembly {
-            // First 8 bytes (little-endian) of the funding output represents
-            // its value. To take the value, we need to jump over the first
-            // word determining the array length, load the array, and trim it
-            // by putting it to a bytes8.
-            fundingOutputAmount := mload(add(fundingOutput, 32))
-        }
-
-        deposit.amount = fundingOutputAmount;
-        deposit.depositor = reveal.depositor;
-        /* solhint-disable-next-line not-rely-on-time */
-        deposit.revealedAt = uint32(block.timestamp);
-        deposit.vault = reveal.vault;
-
-        emit DepositRevealed(
-            fundingTxHash,
-            reveal.fundingOutputIndex,
-            reveal.depositor,
-            reveal.blindingFactor,
-            reveal.walletPubKeyHash,
-            reveal.refundPubKeyHash,
-            reveal.refundLocktime,
-            reveal.vault
-        );
+        self.revealDeposit(fundingTx, reveal);
     }
 
     /// @notice Used by the wallet to prove the BTC deposit sweep transaction
@@ -306,40 +347,1447 @@ contract Bridge is Ownable {
     ///
     ///         It is possible to prove the given sweep only one time.
     /// @param sweepTx Bitcoin sweep transaction data.
-    /// @param merkleProof The merkle proof of transaction inclusion in a block.
-    /// @param txIndexInBlock Transaction index in the block (0-indexed).
-    /// @param bitcoinHeaders Single bytestring of 80-byte bitcoin headers,
-    ///                       lowest height first.
-    function sweep(
+    /// @param sweepProof Bitcoin sweep proof data.
+    /// @param mainUtxo Data of the wallet's main UTXO, as currently known on
+    ///        the Ethereum chain. If no main UTXO exists for the given wallet,
+    ///        this parameter is ignored.
+    /// @param vault Optional address of the vault where all swept deposits
+    ///        should be routed to. All deposits swept as part of the transaction
+    ///        must have their `vault` parameters set to the same address.
+    ///        If this parameter is set to an address of a trusted vault, swept
+    ///        deposits are routed to that vault.
+    ///        If this parameter is set to the zero address or to an address
+    ///        of a non-trusted vault, swept deposits are not routed to a
+    ///        vault but depositors' balances are increased in the Bank
+    ///        individually.
+    /// @dev Requirements:
+    ///      - `sweepTx` components must match the expected structure. See
+    ///        `BitcoinTx.Info` docs for reference. Their values must exactly
+    ///        correspond to appropriate Bitcoin transaction fields to produce
+    ///        a provable transaction hash,
+    ///      - The `sweepTx` should represent a Bitcoin transaction with 1..n
+    ///        inputs. If the wallet has no main UTXO, all n inputs should
+    ///        correspond to P2(W)SH revealed deposits UTXOs. If the wallet has
+    ///        an existing main UTXO, one of the n inputs must point to that
+    ///        main UTXO and remaining n-1 inputs should correspond to P2(W)SH
+    ///        revealed deposits UTXOs. That transaction must have only
+    ///        one P2(W)PKH output locking funds on the 20-byte wallet public
+    ///        key hash,
+    ///      - All revealed deposits that are swept by `sweepTx` must have
+    ///        their `vault` parameters set to the same address as the address
+    ///        passed in the `vault` function parameter,
+    ///      - `sweepProof` components must match the expected structure. See
+    ///        `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`
+    ///        field must contain a valid number of block headers, not less
+    ///        than the `txProofDifficultyFactor` contract constant,
+    ///      - `mainUtxo` components must point to the recent main UTXO
+    ///        of the given wallet, as currently known on the Ethereum chain.
+    ///        If there is no main UTXO, this parameter is ignored.
+    function submitDepositSweepProof(
         BitcoinTx.Info calldata sweepTx,
-        bytes memory merkleProof,
-        uint256 txIndexInBlock,
-        bytes memory bitcoinHeaders
+        BitcoinTx.Proof calldata sweepProof,
+        BitcoinTx.UTXO calldata mainUtxo,
+        address vault
+    ) external {
+        self.submitDepositSweepProof(sweepTx, sweepProof, mainUtxo, vault);
+    }
+
+    /// @notice Requests redemption of the given amount from the specified
+    ///         wallet to the redeemer Bitcoin output script. Handles the
+    ///         simplest case in which the redeemer's balance is decreased in
+    ///         the Bank.
+    /// @param walletPubKeyHash The 20-byte wallet public key hash (computed
+    ///        using Bitcoin HASH160 over the compressed ECDSA public key).
+    /// @param mainUtxo Data of the wallet's main UTXO, as currently known on
+    ///        the Ethereum chain.
+    /// @param redeemerOutputScript The redeemer's length-prefixed output
+    ///        script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock
+    ///        redeemed BTC.
+    /// @param amount Requested amount in satoshi. This is also the Bank balance
+    ///        that is taken from the `balanceOwner` upon request.
+    ///        Once the request is handled, the actual amount of BTC locked
+    ///        on the redeemer output script will be always lower than this value
+    ///        since the treasury and Bitcoin transaction fees must be incurred.
+    ///        The minimal amount satisfying the request can be computed as:
+    ///        `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.
+    ///        Fees values are taken at the moment of request creation.
+    /// @dev Requirements:
+    ///      - Wallet behind `walletPubKeyHash` must be live,
+    ///      - `mainUtxo` components must point to the recent main UTXO
+    ///        of the given wallet, as currently known on the Ethereum chain,
+    ///      - `redeemerOutputScript` must be a proper Bitcoin script,
+    ///      - `redeemerOutputScript` cannot have wallet PKH as payload,
+    ///      - `amount` must be above or equal the `redemptionDustThreshold`,
+    ///      - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be
+    ///        used for only one pending request at the same time,
+    ///      - Wallet must have enough Bitcoin balance to process the request,
+    ///      - Redeemer must make an allowance in the Bank that the Bridge
+    ///        contract can spend the given `amount`.
+    function requestRedemption(
+        bytes20 walletPubKeyHash,
+        BitcoinTx.UTXO calldata mainUtxo,
+        bytes calldata redeemerOutputScript,
+        uint64 amount
+    ) external {
+        self.requestRedemption(
+            walletPubKeyHash,
+            mainUtxo,
+            msg.sender,
+            redeemerOutputScript,
+            amount
+        );
+    }
+
+    /// @notice Requests redemption of the given amount from the specified
+    ///         wallet to the redeemer Bitcoin output script. Used by
+    ///         `Bank.approveBalanceAndCall`. Can handle more complex cases
+    ///         where balance owner may be someone else than the redeemer.
+    ///         For example, vault redeeming its balance for some depositor.
+    /// @param balanceOwner The address of the Bank balance owner whose balance
+    ///        is getting redeemed.
+    /// @param amount Requested amount in satoshi. This is also the Bank balance
+    ///        that is taken from the `balanceOwner` upon request.
+    ///        Once the request is handled, the actual amount of BTC locked
+    ///        on the redeemer output script will be always lower than this value
+    ///        since the treasury and Bitcoin transaction fees must be incurred.
+    ///        The minimal amount satisfying the request can be computed as:
+    ///        `amount - (amount / redemptionTreasuryFeeDivisor) - redemptionTxMaxFee`.
+    ///        Fees values are taken at the moment of request creation.
+    /// @param redemptionData ABI-encoded redemption data:
+    ///        [
+    ///          address redeemer,
+    ///          bytes20 walletPubKeyHash,
+    ///          bytes32 mainUtxoTxHash,
+    ///          uint32 mainUtxoTxOutputIndex,
+    ///          uint64 mainUtxoTxOutputValue,
+    ///          bytes redeemerOutputScript
+    ///        ]
+    ///
+    ///        - redeemer: The Ethereum address of the redeemer who will be able
+    ///        to claim Bank balance if anything goes wrong during the redemption.
+    ///        In the most basic case, when someone redeems their balance
+    ///        from the Bank, `balanceOwner` is the same as `redemeer`.
+    ///        However, when a Vault is redeeming part of its balance for some
+    ///        redeemer address (for example, someone who has earlier deposited
+    ///        into that Vault), `balanceOwner` is the Vault, and `redemeer` is
+    ///        the address for which the vault is redeeming its balance to,
+    ///        - walletPubKeyHash: The 20-byte wallet public key hash (computed
+    ///        using Bitcoin HASH160 over the compressed ECDSA public key),
+    ///        - mainUtxoTxHash: Data of the wallet's main UTXO TX hash, as
+    ///        currently known on the Ethereum chain,
+    ///        - mainUtxoTxOutputIndex: Data of the wallet's main UTXO output
+    ///        index, as currently known on Ethereum chain,
+    ///        - mainUtxoTxOutputValue: Data of the wallet's main UTXO output
+    ///        value, as currently known on Ethereum chain,
+    ///        - redeemerOutputScript The redeemer's length-prefixed output
+    ///        script (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock
+    ///        redeemed BTC.
+    /// @dev Requirements:
+    ///      - The caller must be the Bank,
+    ///      - Wallet behind `walletPubKeyHash` must be live,
+    ///      - `mainUtxo` components must point to the recent main UTXO
+    ///        of the given wallet, as currently known on the Ethereum chain,
+    ///      - `redeemerOutputScript` must be a proper Bitcoin script,
+    ///      - `redeemerOutputScript` cannot have wallet PKH as payload,
+    ///      - `amount` must be above or equal the `redemptionDustThreshold`,
+    ///      - Given `walletPubKeyHash` and `redeemerOutputScript` pair can be
+    ///        used for only one pending request at the same time,
+    ///      - Wallet must have enough Bitcoin balance to process the request.
+    ///
+    ///      Note on upgradeability:
+    ///      Bridge is an upgradeable contract deployed behind
+    ///      a TransparentUpgradeableProxy. Accepting redemption data as bytes
+    ///      provides great flexibility. The Bridge is just like any other
+    ///      contract with a balance approved in the Bank and can be upgraded
+    ///      to another version without being bound to a particular interface
+    ///      forever. This flexibility comes with the cost - developers
+    ///      integrating their vaults and dApps with `Bridge` using
+    ///      `approveBalanceAndCall` need to pay extra attention to
+    ///      `redemptionData` and adjust the code in case the expected structure
+    ///      of `redemptionData`  changes.
+    function receiveBalanceApproval(
+        address balanceOwner,
+        uint256 amount,
+        bytes calldata redemptionData
+    ) external override {
+        require(msg.sender == address(self.bank), "Caller is not the bank");
+
+        self.requestRedemption(
+            balanceOwner,
+            SafeCastUpgradeable.toUint64(amount),
+            redemptionData
+        );
+    }
+
+    /// @notice Used by the wallet to prove the BTC redemption transaction
+    ///         and to make the necessary bookkeeping. Redemption is only
+    ///         accepted if it satisfies SPV proof.
+    ///
+    ///         The function is performing Bank balance updates by burning
+    ///         the total redeemed Bitcoin amount from Bridge balance and
+    ///         transferring the treasury fee sum to the treasury address.
+    ///
+    ///         It is possible to prove the given redemption only one time.
+    /// @param redemptionTx Bitcoin redemption transaction data.
+    /// @param redemptionProof Bitcoin redemption proof data.
+    /// @param mainUtxo Data of the wallet's main UTXO, as currently known on
+    ///        the Ethereum chain.
+    /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin
+    ///        HASH160 over the compressed ECDSA public key) of the wallet which
+    ///        performed the redemption transaction.
+    /// @dev Requirements:
+    ///      - `redemptionTx` components must match the expected structure. See
+    ///        `BitcoinTx.Info` docs for reference. Their values must exactly
+    ///        correspond to appropriate Bitcoin transaction fields to produce
+    ///        a provable transaction hash,
+    ///      - The `redemptionTx` should represent a Bitcoin transaction with
+    ///        exactly 1 input that refers to the wallet's main UTXO. That
+    ///        transaction should have 1..n outputs handling existing pending
+    ///        redemption requests or pointing to reported timed out requests.
+    ///        There can be also 1 optional output representing the
+    ///        change and pointing back to the 20-byte wallet public key hash.
+    ///        The change should be always present if the redeemed value sum
+    ///        is lower than the total wallet's BTC balance,
+    ///      - `redemptionProof` components must match the expected structure.
+    ///        See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`
+    ///        field must contain a valid number of block headers, not less
+    ///        than the `txProofDifficultyFactor` contract constant,
+    ///      - `mainUtxo` components must point to the recent main UTXO
+    ///        of the given wallet, as currently known on the Ethereum chain.
+    ///        Additionally, the recent main UTXO on Ethereum must be set,
+    ///      - `walletPubKeyHash` must be connected with the main UTXO used
+    ///        as transaction single input.
+    ///      Other remarks:
+    ///      - Putting the change output as the first transaction output can
+    ///        save some gas because the output processing loop begins each
+    ///        iteration by checking whether the given output is the change
+    ///        thus uses some gas for making the comparison. Once the change
+    ///        is identified, that check is omitted in further iterations.
+    function submitRedemptionProof(
+        BitcoinTx.Info calldata redemptionTx,
+        BitcoinTx.Proof calldata redemptionProof,
+        BitcoinTx.UTXO calldata mainUtxo,
+        bytes20 walletPubKeyHash
+    ) external {
+        self.submitRedemptionProof(
+            redemptionTx,
+            redemptionProof,
+            mainUtxo,
+            walletPubKeyHash
+        );
+    }
+
+    /// @notice Notifies that there is a pending redemption request associated
+    ///         with the given wallet, that has timed out. The redemption
+    ///         request is identified by the key built as
+    ///         `keccak256(walletPubKeyHash | redeemerOutputScript)`.
+    ///         The results of calling this function:
+    ///         - The pending redemptions value for the wallet will be decreased
+    ///           by the requested amount (minus treasury fee),
+    ///         - The tokens taken from the redeemer on redemption request will
+    ///           be returned to the redeemer,
+    ///         - The request will be moved from pending redemptions to
+    ///           timed-out redemptions,
+    ///         - If the state of the wallet is `Live` or `MovingFunds`, the
+    ///           wallet operators will be slashed and the notifier will be
+    ///           rewarded,
+    ///         - If the state of wallet is `Live`, the wallet will be closed or
+    ///           marked as `MovingFunds` (depending on the presence or absence
+    ///           of the wallet's main UTXO) and the wallet will no longer be
+    ///           marked as the active wallet (if it was marked as such).
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet.
+    /// @param walletMembersIDs Identifiers of the wallet signing group members.
+    /// @param redeemerOutputScript  The redeemer's length-prefixed output
+    ///        script (P2PKH, P2WPKH, P2SH or P2WSH).
+    /// @dev Requirements:
+    ///      - The wallet must be in the Live or MovingFunds or Terminated state,
+    ///      - The redemption request identified by `walletPubKeyHash` and
+    ///        `redeemerOutputScript` must exist,
+    ///      - The expression `keccak256(abi.encode(walletMembersIDs))` must
+    ///        be exactly the same as the hash stored under `membersIdsHash`
+    ///        for the given `walletID`. Those IDs are not directly stored
+    ///        in the contract for gas efficiency purposes but they can be
+    ///        read from appropriate `DkgResultSubmitted` and `DkgResultApproved`
+    ///        events of the `WalletRegistry` contract,
+    ///      - The amount of time defined by `redemptionTimeout` must have
+    ///        passed since the redemption was requested (the request must be
+    ///        timed-out).
+    function notifyRedemptionTimeout(
+        bytes20 walletPubKeyHash,
+        uint32[] calldata walletMembersIDs,
+        bytes calldata redeemerOutputScript
+    ) external {
+        self.notifyRedemptionTimeout(
+            walletPubKeyHash,
+            walletMembersIDs,
+            redeemerOutputScript
+        );
+    }
+
+    /// @notice Submits the moving funds target wallets commitment.
+    ///         Once all requirements are met, that function registers the
+    ///         target wallets commitment and opens the way for moving funds
+    ///         proof submission.
+    /// @param walletPubKeyHash 20-byte public key hash of the source wallet.
+    /// @param walletMainUtxo Data of the source wallet's main UTXO, as
+    ///        currently known on the Ethereum chain.
+    /// @param walletMembersIDs Identifiers of the source wallet signing group
+    ///        members.
+    /// @param walletMemberIndex Position of the caller in the source wallet
+    ///        signing group members list.
+    /// @param targetWallets List of 20-byte public key hashes of the target
+    ///        wallets that the source wallet commits to move the funds to.
+    /// @dev Requirements:
+    ///      - The source wallet must be in the MovingFunds state,
+    ///      - The source wallet must not have pending redemption requests,
+    ///      - The source wallet must not have pending moved funds sweep requests,
+    ///      - The source wallet must not have submitted its commitment already,
+    ///      - The expression `keccak256(abi.encode(walletMembersIDs))` must
+    ///        be exactly the same as the hash stored under `membersIdsHash`
+    ///        for the given source wallet in the ECDSA registry. Those IDs are
+    ///        not directly stored in the contract for gas efficiency purposes
+    ///        but they can be read from appropriate `DkgResultSubmitted`
+    ///        and `DkgResultApproved` events,
+    ///      - The `walletMemberIndex` must be in range [1, walletMembersIDs.length],
+    ///      - The caller must be the member of the source wallet signing group
+    ///        at the position indicated by `walletMemberIndex` parameter,
+    ///      - The `walletMainUtxo` components must point to the recent main
+    ///        UTXO of the source wallet, as currently known on the Ethereum
+    ///        chain,
+    ///      - Source wallet BTC balance must be greater than zero,
+    ///      - At least one Live wallet must exist in the system,
+    ///      - Submitted target wallets count must match the expected count
+    ///        `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))`
+    ///        where `N > 0`,
+    ///      - Each target wallet must be not equal to the source wallet,
+    ///      - Each target wallet must follow the expected order i.e. all
+    ///        target wallets 20-byte public key hashes represented as numbers
+    ///        must form a strictly increasing sequence without duplicates,
+    ///      - Each target wallet must be in Live state.
+    function submitMovingFundsCommitment(
+        bytes20 walletPubKeyHash,
+        BitcoinTx.UTXO calldata walletMainUtxo,
+        uint32[] calldata walletMembersIDs,
+        uint256 walletMemberIndex,
+        bytes20[] calldata targetWallets
+    ) external {
+        self.submitMovingFundsCommitment(
+            walletPubKeyHash,
+            walletMainUtxo,
+            walletMembersIDs,
+            walletMemberIndex,
+            targetWallets
+        );
+    }
+
+    /// @notice Resets the moving funds timeout for the given wallet if the
+    ///         target wallet commitment cannot be submitted due to a lack
+    ///         of live wallets in the system.
+    /// @param walletPubKeyHash 20-byte public key hash of the moving funds wallet.
+    /// @dev Requirements:
+    ///      - The wallet must be in the MovingFunds state,
+    ///      - The target wallets commitment must not be already submitted for
+    ///        the given moving funds wallet,
+    ///      - Live wallets count must be zero,
+    ///      - The moving funds timeout reset delay must be elapsed.
+    function resetMovingFundsTimeout(bytes20 walletPubKeyHash) external {
+        self.resetMovingFundsTimeout(walletPubKeyHash);
+    }
+
+    /// @notice Used by the wallet to prove the BTC moving funds transaction
+    ///         and to make the necessary state changes. Moving funds is only
+    ///         accepted if it satisfies SPV proof.
+    ///
+    ///         The function validates the moving funds transaction structure
+    ///         by checking if it actually spends the main UTXO of the declared
+    ///         wallet and locks the value on the pre-committed target wallets
+    ///         using a reasonable transaction fee. If all preconditions are
+    ///         met, this functions closes the source wallet.
+    ///
+    ///         It is possible to prove the given moving funds transaction only
+    ///         one time.
+    /// @param movingFundsTx Bitcoin moving funds transaction data.
+    /// @param movingFundsProof Bitcoin moving funds proof data.
+    /// @param mainUtxo Data of the wallet's main UTXO, as currently known on
+    ///        the Ethereum chain.
+    /// @param walletPubKeyHash 20-byte public key hash (computed using Bitcoin
+    ///        HASH160 over the compressed ECDSA public key) of the wallet
+    ///        which performed the moving funds transaction.
+    /// @dev Requirements:
+    ///      - `movingFundsTx` components must match the expected structure. See
+    ///        `BitcoinTx.Info` docs for reference. Their values must exactly
+    ///        correspond to appropriate Bitcoin transaction fields to produce
+    ///        a provable transaction hash,
+    ///      - The `movingFundsTx` should represent a Bitcoin transaction with
+    ///        exactly 1 input that refers to the wallet's main UTXO. That
+    ///        transaction should have 1..n outputs corresponding to the
+    ///        pre-committed target wallets. Outputs must be ordered in the
+    ///        same way as their corresponding target wallets are ordered
+    ///        within the target wallets commitment,
+    ///      - `movingFundsProof` components must match the expected structure.
+    ///        See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`
+    ///        field must contain a valid number of block headers, not less
+    ///        than the `txProofDifficultyFactor` contract constant,
+    ///      - `mainUtxo` components must point to the recent main UTXO
+    ///        of the given wallet, as currently known on the Ethereum chain.
+    ///        Additionally, the recent main UTXO on Ethereum must be set,
+    ///      - `walletPubKeyHash` must be connected with the main UTXO used
+    ///        as transaction single input,
+    ///      - The wallet that `walletPubKeyHash` points to must be in the
+    ///        MovingFunds state,
+    ///      - The target wallets commitment must be submitted by the wallet
+    ///        that `walletPubKeyHash` points to,
+    ///      - The total Bitcoin transaction fee must be lesser or equal
+    ///        to `movingFundsTxMaxTotalFee` governable parameter.
+    function submitMovingFundsProof(
+        BitcoinTx.Info calldata movingFundsTx,
+        BitcoinTx.Proof calldata movingFundsProof,
+        BitcoinTx.UTXO calldata mainUtxo,
+        bytes20 walletPubKeyHash
+    ) external {
+        self.submitMovingFundsProof(
+            movingFundsTx,
+            movingFundsProof,
+            mainUtxo,
+            walletPubKeyHash
+        );
+    }
+
+    /// @notice Notifies about a timed out moving funds process. Terminates
+    ///         the wallet and slashes signing group members as a result.
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet.
+    /// @param walletMembersIDs Identifiers of the wallet signing group members.
+    /// @dev Requirements:
+    ///      - The wallet must be in the MovingFunds state,
+    ///      - The moving funds timeout must be actually exceeded,
+    ///      - The expression `keccak256(abi.encode(walletMembersIDs))` must
+    ///        be exactly the same as the hash stored under `membersIdsHash`
+    ///        for the given `walletID`. Those IDs are not directly stored
+    ///        in the contract for gas efficiency purposes but they can be
+    ///        read from appropriate `DkgResultSubmitted` and `DkgResultApproved`
+    ///        events of the `WalletRegistry` contract.
+    function notifyMovingFundsTimeout(
+        bytes20 walletPubKeyHash,
+        uint32[] calldata walletMembersIDs
     ) external {
-        // TODO We need to read `fundingTxHash`, `fundingOutputIndex` from
-        //      `sweepTx.inputVector`. We then hash them to obtain deposit
-        //      identifier and read DepositInfo. From DepositInfo we know what
-        //      amount was inferred during deposit reveal transaction and we
-        //      use that amount to update their Bank balance, minus fee.
-        //
-        // TODO We need to validate if the sum in the output minus the
-        //      amount from the previous wallet balance input minus fees is
-        //      equal to the amount by which Bank balances were increased.
-        //
-        // TODO We need to validate `sweepTx.outputVector` to see if the balance
-        //      was not transferred away from the wallet before increasing
-        //      balances in the bank.
-        //
-        // TODO Delete deposit from unswept mapping or mark it as swept
-        //      depending on the gas costs. Alternatively, do not allow to
-        //      use the same TX input vector twice. Sweep should be provable
-        //      only one time.
-    }
-
-    // TODO It is possible a malicious wallet can sweep deposits that can not
-    //      be later proved on Ethereum. For example, a deposit with
-    //      an incorrect amount revealed. We need to provide a function for honest
-    //      depositors, next to sweep, to prove their swept balances on Ethereum
-    //      selectively, based on deposits they have earlier received.
-    //      (UPDATE PR #90: Is it still the case since amounts are inferred?)
+        self.notifyMovingFundsTimeout(walletPubKeyHash, walletMembersIDs);
+    }
+
+    /// @notice Notifies about a moving funds wallet whose BTC balance is
+    ///         below the moving funds dust threshold. Ends the moving funds
+    ///         process and begins wallet closing immediately.
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet
+    /// @param mainUtxo Data of the wallet's main UTXO, as currently known
+    ///        on the Ethereum chain.
+    /// @dev Requirements:
+    ///      - The wallet must be in the MovingFunds state,
+    ///      - The `mainUtxo` components must point to the recent main UTXO
+    ///        of the given wallet, as currently known on the Ethereum chain.
+    ///        If the wallet has no main UTXO, this parameter can be empty as it
+    ///        is ignored,
+    ///      - The wallet BTC balance must be below the moving funds threshold.
+    function notifyMovingFundsBelowDust(
+        bytes20 walletPubKeyHash,
+        BitcoinTx.UTXO calldata mainUtxo
+    ) external {
+        self.notifyMovingFundsBelowDust(walletPubKeyHash, mainUtxo);
+    }
+
+    /// @notice Used by the wallet to prove the BTC moved funds sweep
+    ///         transaction and to make the necessary state changes. Moved
+    ///         funds sweep is only accepted if it satisfies SPV proof.
+    ///
+    ///         The function validates the sweep transaction structure by
+    ///         checking if it actually spends the moved funds UTXO and the
+    ///         sweeping wallet's main UTXO (optionally), and if it locks the
+    ///         value on the sweeping wallet's 20-byte public key hash using a
+    ///         reasonable transaction fee. If all preconditions are
+    ///         met, this function updates the sweeping wallet main UTXO, thus
+    ///         their BTC balance.
+    ///
+    ///         It is possible to prove the given sweep transaction only
+    ///         one time.
+    /// @param sweepTx Bitcoin sweep funds transaction data.
+    /// @param sweepProof Bitcoin sweep funds proof data.
+    /// @param mainUtxo Data of the sweeping wallet's main UTXO, as currently
+    ///        known on the Ethereum chain.
+    /// @dev Requirements:
+    ///      - `sweepTx` components must match the expected structure. See
+    ///        `BitcoinTx.Info` docs for reference. Their values must exactly
+    ///        correspond to appropriate Bitcoin transaction fields to produce
+    ///        a provable transaction hash,
+    ///      - The `sweepTx` should represent a Bitcoin transaction with
+    ///        the first input pointing to a moved funds sweep request targeted
+    ///        to the wallet, and optionally, the second input pointing to the
+    ///        wallet's main UTXO, if the sweeping wallet has a main UTXO set.
+    ///        There should be only one output locking funds on the sweeping
+    ///        wallet 20-byte public key hash,
+    ///      - `sweepProof` components must match the expected structure.
+    ///        See `BitcoinTx.Proof` docs for reference. The `bitcoinHeaders`
+    ///        field must contain a valid number of block headers, not less
+    ///        than the `txProofDifficultyFactor` contract constant,
+    ///      - `mainUtxo` components must point to the recent main UTXO
+    ///        of the sweeping wallet, as currently known on the Ethereum chain.
+    ///        If there is no main UTXO, this parameter is ignored,
+    ///      - The sweeping wallet must be in the Live or MovingFunds state,
+    ///      - The total Bitcoin transaction fee must be lesser or equal
+    ///        to `movedFundsSweepTxMaxTotalFee` governable parameter.
+    function submitMovedFundsSweepProof(
+        BitcoinTx.Info calldata sweepTx,
+        BitcoinTx.Proof calldata sweepProof,
+        BitcoinTx.UTXO calldata mainUtxo
+    ) external {
+        self.submitMovedFundsSweepProof(sweepTx, sweepProof, mainUtxo);
+    }
+
+    /// @notice Notifies about a timed out moved funds sweep process. If the
+    ///         wallet is not terminated yet, that function terminates
+    ///         the wallet and slashes signing group members as a result.
+    ///         Marks the given sweep request as TimedOut.
+    /// @param movingFundsTxHash 32-byte hash of the moving funds transaction
+    ///        that caused the sweep request to be created.
+    /// @param movingFundsTxOutputIndex Index of the moving funds transaction
+    ///        output that is subject of the sweep request.
+    /// @param walletMembersIDs Identifiers of the wallet signing group members.
+    /// @dev Requirements:
+    ///      - The moved funds sweep request must be in the Pending state,
+    ///      - The moved funds sweep timeout must be actually exceeded,
+    ///      - The wallet must be either in the Live or MovingFunds or
+    ///        Terminated state,
+    ///      - The expression `keccak256(abi.encode(walletMembersIDs))` must
+    ///        be exactly the same as the hash stored under `membersIdsHash`
+    ///        for the given `walletID`. Those IDs are not directly stored
+    ///        in the contract for gas efficiency purposes but they can be
+    ///        read from appropriate `DkgResultSubmitted` and `DkgResultApproved`
+    ///        events of the `WalletRegistry` contract.
+    function notifyMovedFundsSweepTimeout(
+        bytes32 movingFundsTxHash,
+        uint32 movingFundsTxOutputIndex,
+        uint32[] calldata walletMembersIDs
+    ) external {
+        self.notifyMovedFundsSweepTimeout(
+            movingFundsTxHash,
+            movingFundsTxOutputIndex,
+            walletMembersIDs
+        );
+    }
+
+    /// @notice Requests creation of a new wallet. This function just
+    ///         forms a request and the creation process is performed
+    ///         asynchronously. Once a wallet is created, the ECDSA Wallet
+    ///         Registry will notify this contract by calling the
+    ///         `__ecdsaWalletCreatedCallback` function.
+    /// @param activeWalletMainUtxo Data of the active wallet's main UTXO, as
+    ///        currently known on the Ethereum chain.
+    /// @dev Requirements:
+    ///      - `activeWalletMainUtxo` components must point to the recent main
+    ///        UTXO of the given active wallet, as currently known on the
+    ///        Ethereum chain. If there is no active wallet at the moment, or
+    ///        the active wallet has no main UTXO, this parameter can be
+    ///        empty as it is ignored,
+    ///      - Wallet creation must not be in progress,
+    ///      - If the active wallet is set, one of the following
+    ///        conditions must be true:
+    ///        - The active wallet BTC balance is above the minimum threshold
+    ///          and the active wallet is old enough, i.e. the creation period
+    ///          was elapsed since its creation time,
+    ///        - The active wallet BTC balance is above the maximum threshold.
+    function requestNewWallet(BitcoinTx.UTXO calldata activeWalletMainUtxo)
+        external
+    {
+        self.requestNewWallet(activeWalletMainUtxo);
+    }
+
+    /// @notice A callback function that is called by the ECDSA Wallet Registry
+    ///         once a new ECDSA wallet is created.
+    /// @param ecdsaWalletID Wallet's unique identifier.
+    /// @param publicKeyX Wallet's public key's X coordinate.
+    /// @param publicKeyY Wallet's public key's Y coordinate.
+    /// @dev Requirements:
+    ///      - The only caller authorized to call this function is `registry`,
+    ///      - Given wallet data must not belong to an already registered wallet.
+    function __ecdsaWalletCreatedCallback(
+        bytes32 ecdsaWalletID,
+        bytes32 publicKeyX,
+        bytes32 publicKeyY
+    ) external override {
+        self.registerNewWallet(ecdsaWalletID, publicKeyX, publicKeyY);
+    }
+
+    /// @notice A callback function that is called by the ECDSA Wallet Registry
+    ///         once a wallet heartbeat failure is detected.
+    /// @param publicKeyX Wallet's public key's X coordinate.
+    /// @param publicKeyY Wallet's public key's Y coordinate.
+    /// @dev Requirements:
+    ///      - The only caller authorized to call this function is `registry`,
+    ///      - Wallet must be in Live state.
+    function __ecdsaWalletHeartbeatFailedCallback(
+        bytes32,
+        bytes32 publicKeyX,
+        bytes32 publicKeyY
+    ) external override {
+        self.notifyWalletHeartbeatFailed(publicKeyX, publicKeyY);
+    }
+
+    /// @notice Notifies that the wallet is either old enough or has too few
+    ///         satoshi left and qualifies to be closed.
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet.
+    /// @param walletMainUtxo Data of the wallet's main UTXO, as currently
+    ///        known on the Ethereum chain.
+    /// @dev Requirements:
+    ///      - Wallet must not be set as the current active wallet,
+    ///      - Wallet must exceed the wallet maximum age OR the wallet BTC
+    ///        balance must be lesser than the minimum threshold. If the latter
+    ///        case is true, the `walletMainUtxo` components must point to the
+    ///        recent main UTXO of the given wallet, as currently known on the
+    ///        Ethereum chain. If the wallet has no main UTXO, this parameter
+    ///        can be empty as it is ignored since the wallet balance is
+    ///        assumed to be zero,
+    ///      - Wallet must be in Live state.
+    function notifyCloseableWallet(
+        bytes20 walletPubKeyHash,
+        BitcoinTx.UTXO calldata walletMainUtxo
+    ) external {
+        self.notifyCloseableWallet(walletPubKeyHash, walletMainUtxo);
+    }
+
+    /// @notice Notifies about the end of the closing period for the given wallet.
+    ///         Closes the wallet ultimately and notifies the ECDSA registry
+    ///         about this fact.
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet.
+    /// @dev Requirements:
+    ///      - The wallet must be in the Closing state,
+    ///      - The wallet closing period must have elapsed.
+    function notifyWalletClosingPeriodElapsed(bytes20 walletPubKeyHash)
+        external
+    {
+        self.notifyWalletClosingPeriodElapsed(walletPubKeyHash);
+    }
+
+    /// @notice Submits a fraud challenge indicating that a UTXO being under
+    ///         wallet control was unlocked by the wallet but was not used
+    ///         according to the protocol rules. That means the wallet signed
+    ///         a transaction input pointing to that UTXO and there is a unique
+    ///         sighash and signature pair associated with that input. This
+    ///         function uses those parameters to create a fraud accusation that
+    ///         proves a given transaction input unlocking the given UTXO was
+    ///         actually signed by the wallet. This function cannot determine
+    ///         whether the transaction was actually broadcast and the input was
+    ///         consumed in a fraudulent way so it just opens a challenge period
+    ///         during which the wallet can defeat the challenge by submitting
+    ///         proof of a transaction that consumes the given input according
+    ///         to protocol rules. To prevent spurious allegations, the caller
+    ///         must deposit ETH that is returned back upon justified fraud
+    ///         challenge or confiscated otherwise.
+    /// @param walletPublicKey The public key of the wallet in the uncompressed
+    ///        and unprefixed format (64 bytes).
+    /// @param preimageSha256 The hash that was generated by applying SHA-256
+    ///        one time over the preimage used during input signing. The preimage
+    ///        is a serialized subset of the transaction and its structure
+    ///        depends on the transaction input (see BIP-143 for reference).
+    ///        Notice that applying SHA-256 over the `preimageSha256` results
+    ///        in `sighash`.  The path from `preimage` to `sighash` looks like
+    ///        this:
+    ///        preimage -> (SHA-256) -> preimageSha256 -> (SHA-256) -> sighash.
+    /// @param signature Bitcoin signature in the R/S/V format.
+    /// @dev Requirements:
+    ///      - Wallet behind `walletPublicKey` must be in Live or MovingFunds
+    ///        or Closing state,
+    ///      - The challenger must send appropriate amount of ETH used as
+    ///        fraud challenge deposit,
+    ///      - The signature (represented by r, s and v) must be generated by
+    ///        the wallet behind `walletPubKey` during signing of `sighash`
+    ///        which was calculated from `preimageSha256`,
+    ///      - Wallet can be challenged for the given signature only once.
+    function submitFraudChallenge(
+        bytes calldata walletPublicKey,
+        bytes memory preimageSha256,
+        BitcoinTx.RSVSignature calldata signature
+    ) external payable {
+        self.submitFraudChallenge(walletPublicKey, preimageSha256, signature);
+    }
+
+    /// @notice Allows to defeat a pending fraud challenge against a wallet if
+    ///         the transaction that spends the UTXO follows the protocol rules.
+    ///         In order to defeat the challenge the same `walletPublicKey` and
+    ///         signature (represented by `r`, `s` and `v`) must be provided as
+    ///         were used to calculate the sighash during input signing.
+    ///         The fraud challenge defeat attempt will only succeed if the
+    ///         inputs in the preimage are considered honestly spent by the
+    ///         wallet. Therefore the transaction spending the UTXO must be
+    ///         proven in the Bridge before a challenge defeat is called.
+    ///         If successfully defeated, the fraud challenge is marked as
+    ///         resolved and the amount of ether deposited by the challenger is
+    ///         sent to the treasury.
+    /// @param walletPublicKey The public key of the wallet in the uncompressed
+    ///        and unprefixed format (64 bytes).
+    /// @param preimage The preimage which produces sighash used to generate the
+    ///        ECDSA signature that is the subject of the fraud claim. It is a
+    ///        serialized subset of the transaction. The exact subset used as
+    ///        the preimage depends on the transaction input the signature is
+    ///        produced for. See BIP-143 for reference.
+    /// @param witness Flag indicating whether the preimage was produced for a
+    ///        witness input. True for witness, false for non-witness input.
+    /// @dev Requirements:
+    ///      - `walletPublicKey` and `sighash` calculated as `hash256(preimage)`
+    ///        must identify an open fraud challenge,
+    ///      - the preimage must be a valid preimage of a transaction generated
+    ///        according to the protocol rules and already proved in the Bridge,
+    ///      - before a defeat attempt is made the transaction that spends the
+    ///        given UTXO must be proven in the Bridge.
+    function defeatFraudChallenge(
+        bytes calldata walletPublicKey,
+        bytes calldata preimage,
+        bool witness
+    ) external {
+        self.defeatFraudChallenge(walletPublicKey, preimage, witness);
+    }
+
+    /// @notice Allows to defeat a pending fraud challenge against a wallet by
+    ///         proving the sighash and signature were produced for an off-chain
+    ///         wallet heartbeat message following a strict format.
+    ///         In order to defeat the challenge the same `walletPublicKey` and
+    ///         signature (represented by `r`, `s` and `v`) must be provided as
+    ///         were used to calculate the sighash during heartbeat message
+    ///         signing. The fraud challenge defeat attempt will only succeed if
+    ///         the signed message follows a strict format required for
+    ///         heartbeat messages. If successfully defeated, the fraud
+    ///         challenge is marked as resolved and the amount of ether
+    ///         deposited by the challenger is sent to the treasury.
+    /// @param walletPublicKey The public key of the wallet in the uncompressed
+    ///        and unprefixed format (64 bytes).
+    /// @param heartbeatMessage Off-chain heartbeat message meeting the heartbeat
+    ///        message format requirements which produces sighash used to
+    ///        generate the ECDSA signature that is the subject of the fraud
+    ///        claim.
+    /// @dev Requirements:
+    ///      - `walletPublicKey` and `sighash` calculated as
+    ///        `hash256(heartbeatMessage)` must identify an open fraud challenge,
+    ///      - `heartbeatMessage` must follow a strict format of heartbeat
+    ///        messages.
+    function defeatFraudChallengeWithHeartbeat(
+        bytes calldata walletPublicKey,
+        bytes calldata heartbeatMessage
+    ) external {
+        self.defeatFraudChallengeWithHeartbeat(
+            walletPublicKey,
+            heartbeatMessage
+        );
+    }
+
+    /// @notice Notifies about defeat timeout for the given fraud challenge.
+    ///         Can be called only if there was a fraud challenge identified by
+    ///         the provided `walletPublicKey` and `sighash` and it was not
+    ///         defeated on time. The amount of time that needs to pass after
+    ///         a fraud challenge is reported is indicated by the
+    ///         `challengeDefeatTimeout`. After a successful fraud challenge
+    ///         defeat timeout notification the fraud challenge is marked as
+    ///         resolved, the stake of each operator is slashed, the ether
+    ///         deposited is returned to the challenger and the challenger is
+    ///         rewarded.
+    /// @param walletPublicKey The public key of the wallet in the uncompressed
+    ///        and unprefixed format (64 bytes).
+    /// @param walletMembersIDs Identifiers of the wallet signing group members.
+    /// @param preimageSha256 The hash that was generated by applying SHA-256
+    ///        one time over the preimage used during input signing. The preimage
+    ///        is a serialized subset of the transaction and its structure
+    ///        depends on the transaction input (see BIP-143 for reference).
+    ///        Notice that applying SHA-256 over the `preimageSha256` results
+    ///        in `sighash`.  The path from `preimage` to `sighash` looks like
+    ///        this:
+    ///        preimage -> (SHA-256) -> preimageSha256 -> (SHA-256) -> sighash.
+    /// @dev Requirements:
+    ///      - The wallet must be in the Live or MovingFunds or Closing or
+    ///        Terminated state,
+    ///      - The `walletPublicKey` and `sighash` calculated from
+    ///        `preimageSha256` must identify an open fraud challenge,
+    ///      - The expression `keccak256(abi.encode(walletMembersIDs))` must
+    ///        be exactly the same as the hash stored under `membersIdsHash`
+    ///        for the given `walletID`. Those IDs are not directly stored
+    ///        in the contract for gas efficiency purposes but they can be
+    ///        read from appropriate `DkgResultSubmitted` and `DkgResultApproved`
+    ///        events of the `WalletRegistry` contract,
+    ///      - The amount of time indicated by `challengeDefeatTimeout` must pass
+    ///        after the challenge was reported.
+    function notifyFraudChallengeDefeatTimeout(
+        bytes calldata walletPublicKey,
+        uint32[] calldata walletMembersIDs,
+        bytes memory preimageSha256
+    ) external {
+        self.notifyFraudChallengeDefeatTimeout(
+            walletPublicKey,
+            walletMembersIDs,
+            preimageSha256
+        );
+    }
+
+    /// @notice Allows the Governance to mark the given vault address as trusted
+    ///         or no longer trusted. Vaults are not trusted by default.
+    ///         Trusted vault must meet the following criteria:
+    ///         - `IVault.receiveBalanceIncrease` must have a known, low gas
+    ///           cost,
+    ///         - `IVault.receiveBalanceIncrease` must never revert.
+    /// @dev Without restricting reveal only to trusted vaults, malicious
+    ///      vaults not meeting the criteria would be able to nuke sweep proof
+    ///      transactions executed by ECDSA wallet with  deposits routed to
+    ///      them.
+    /// @param vault The address of the vault.
+    /// @param isTrusted flag indicating whether the vault is trusted or not.
+    /// @dev Can only be called by the Governance.
+    function setVaultStatus(address vault, bool isTrusted)
+        external
+        onlyGovernance
+    {
+        self.isVaultTrusted[vault] = isTrusted;
+        emit VaultStatusUpdated(vault, isTrusted);
+    }
+
+    /// @notice Updates parameters of deposits.
+    /// @param depositDustThreshold New value of the deposit dust threshold in
+    ///        satoshis. It is the minimal amount that can be requested to
+    ////       deposit. Value of this parameter must take into account the value
+    ///        of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters
+    ///        in order to make requests that can incur the treasury and
+    ///        transaction fee and still satisfy the depositor.
+    /// @param depositTreasuryFeeDivisor New value of the treasury fee divisor.
+    ///        It is the divisor used to compute the treasury fee taken from
+    ///        each deposit and transferred to the treasury upon sweep proof
+    ///        submission. That fee is computed as follows:
+    ///        `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each deposit,
+    ///        the `depositTreasuryFeeDivisor` should be set to `50`
+    ///        because `1/50 = 0.02 = 2%`.
+    /// @param depositTxMaxFee New value of the deposit tx max fee in satoshis.
+    ///        It is the maximum amount of BTC transaction fee that can
+    ///        be incurred by each swept deposit being part of the given sweep
+    ///        transaction. If the maximum BTC transaction fee is exceeded,
+    ///        such transaction is considered a fraud.
+    /// @dev Requirements:
+    ///      - Deposit dust threshold must be greater than zero,
+    ///      - Deposit treasury fee divisor must be greater than zero,
+    ///      - Deposit transaction max fee must be greater than zero.
+    function updateDepositParameters(
+        uint64 depositDustThreshold,
+        uint64 depositTreasuryFeeDivisor,
+        uint64 depositTxMaxFee
+    ) external onlyGovernance {
+        self.updateDepositParameters(
+            depositDustThreshold,
+            depositTreasuryFeeDivisor,
+            depositTxMaxFee
+        );
+    }
+
+    /// @notice Updates parameters of redemptions.
+    /// @param redemptionDustThreshold New value of the redemption dust
+    ///        threshold in satoshis. It is the minimal amount that can be
+    ///        requested for redemption. Value of this parameter must take into
+    ///        account the value of `redemptionTreasuryFeeDivisor` and
+    ///        `redemptionTxMaxFee` parameters in order to make requests that
+    ///        can incur the treasury and transaction fee and still satisfy the
+    ///        redeemer.
+    /// @param redemptionTreasuryFeeDivisor New value of the redemption
+    ///        treasury fee divisor. It is the divisor used to compute the
+    ///        treasury fee taken from each redemption request and transferred
+    ///        to the treasury upon successful request finalization. That fee is
+    ///        computed as follows:
+    ///        `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each
+    ///        redemption request, the `redemptionTreasuryFeeDivisor` should
+    ///        be set to `50` because `1/50 = 0.02 = 2%`.
+    /// @param redemptionTxMaxFee New value of the redemption transaction max
+    ///        fee in satoshis. It is the maximum amount of BTC transaction fee
+    ///        that can be incurred by each redemption request being part of the
+    ///        given redemption transaction. If the maximum BTC transaction fee
+    ///        is exceeded, such transaction is considered a fraud.
+    ///        This is a per-redemption output max fee for the redemption
+    ///        transaction.
+    /// @param redemptionTimeout New value of the redemption timeout in seconds.
+    ///        It is the time after which the redemption request can be reported
+    ///        as timed out. It is counted from the moment when the redemption
+    ///        request was created via `requestRedemption` call. Reported  timed
+    ///        out requests are cancelled and locked balance is returned to the
+    ///        redeemer in full amount.
+    /// @param redemptionTimeoutSlashingAmount New value of the redemption
+    ///        timeout slashing amount in T, it is the amount slashed from each
+    ///        wallet member for redemption timeout.
+    /// @param redemptionTimeoutNotifierRewardMultiplier New value of the
+    ///        redemption timeout notifier reward multiplier as percentage,
+    ///        it determines the percentage of the notifier reward from the
+    ///        staking contact the notifier of a redemption timeout receives.
+    ///        The value must be in the range [0, 100].
+    /// @dev Requirements:
+    ///      - Redemption dust threshold must be greater than moving funds dust
+    ///        threshold,
+    ///      - Redemption treasury fee divisor must be greater than zero,
+    ///      - Redemption transaction max fee must be greater than zero,
+    ///      - Redemption timeout must be greater than zero,
+    ///      - Redemption timeout notifier reward multiplier must be in the
+    ///        range [0, 100].
+    function updateRedemptionParameters(
+        uint64 redemptionDustThreshold,
+        uint64 redemptionTreasuryFeeDivisor,
+        uint64 redemptionTxMaxFee,
+        uint256 redemptionTimeout,
+        uint96 redemptionTimeoutSlashingAmount,
+        uint256 redemptionTimeoutNotifierRewardMultiplier
+    ) external onlyGovernance {
+        self.updateRedemptionParameters(
+            redemptionDustThreshold,
+            redemptionTreasuryFeeDivisor,
+            redemptionTxMaxFee,
+            redemptionTimeout,
+            redemptionTimeoutSlashingAmount,
+            redemptionTimeoutNotifierRewardMultiplier
+        );
+    }
+
+    /// @notice Updates parameters of moving funds.
+    /// @param movingFundsTxMaxTotalFee New value of the moving funds transaction
+    ///        max total fee in satoshis. It is the maximum amount of the total
+    ///        BTC transaction fee that is acceptable in a single moving funds
+    ///        transaction. This is a _total_ max fee for the entire moving
+    ///        funds transaction.
+    /// @param movingFundsDustThreshold New value of the moving funds dust
+    ///        threshold. It is the minimal satoshi amount that makes sense to
+    ///        be transferred during the moving funds process. Moving funds
+    ///        wallets having their BTC balance below that value can begin
+    ///        closing immediately as transferring such a low value may not be
+    ///        possible due to BTC network fees.
+    /// @param movingFundsTimeoutResetDelay New value of the moving funds
+    ///        timeout reset delay in seconds. It is the time after which the
+    ///        moving funds timeout can be reset in case the target wallet
+    ///        commitment cannot be submitted due to a lack of live wallets
+    ///        in the system. It is counted from the moment when the wallet
+    ///        was requested to move their funds and switched to the MovingFunds
+    ///        state or from the moment the timeout was reset the last time.
+    /// @param movingFundsTimeout New value of the moving funds timeout in
+    ///        seconds. It is the time after which the moving funds process can
+    ///        be reported as timed out. It is counted from the moment when the
+    ///        wallet was requested to move their funds and switched to the
+    ///        MovingFunds state.
+    /// @param movingFundsTimeoutSlashingAmount New value of the moving funds
+    ///        timeout slashing amount in T, it is the amount slashed from each
+    ///        wallet member for moving funds timeout.
+    /// @param movingFundsTimeoutNotifierRewardMultiplier New value of the
+    ///        moving funds timeout notifier reward multiplier as percentage,
+    ///        it determines the percentage of the notifier reward from the
+    ///        staking contact the notifier of a moving funds timeout receives.
+    ///        The value must be in the range [0, 100].
+    /// @param movedFundsSweepTxMaxTotalFee New value of the moved funds sweep
+    ///        transaction max total fee in satoshis. It is the maximum amount
+    ///        of the total BTC transaction fee that is acceptable in a single
+    ///        moved funds sweep transaction. This is a _total_ max fee for the
+    ///        entire moved funds sweep transaction.
+    /// @param movedFundsSweepTimeout New value of the moved funds sweep
+    ///        timeout in seconds. It is the time after which the moved funds
+    ///        sweep process can be reported as timed out. It is counted from
+    ///        the moment when the wallet was requested to sweep the received
+    ///        funds.
+    /// @param movedFundsSweepTimeoutSlashingAmount New value of the moved
+    ///        funds sweep timeout slashing amount in T, it is the amount
+    ///        slashed from each wallet member for moved funds sweep timeout.
+    /// @param movedFundsSweepTimeoutNotifierRewardMultiplier New value of
+    ///        the moved funds sweep timeout notifier reward multiplier as
+    ///        percentage, it determines the percentage of the notifier reward
+    ///        from the staking contact the notifier of a moved funds sweep
+    ///        timeout receives. The value must be in the range [0, 100].
+    /// @dev Requirements:
+    ///      - Moving funds transaction max total fee must be greater than zero,
+    ///      - Moving funds dust threshold must be greater than zero and lower
+    ///        than the redemption dust threshold,
+    ///      - Moving funds timeout reset delay must be greater than zero,
+    ///      - Moving funds timeout must be greater than the moving funds
+    ///        timeout reset delay,
+    ///      - Moving funds timeout notifier reward multiplier must be in the
+    ///        range [0, 100],
+    ///      - Moved funds sweep transaction max total fee must be greater than zero,
+    ///      - Moved funds sweep timeout must be greater than zero,
+    ///      - Moved funds sweep timeout notifier reward multiplier must be in the
+    ///        range [0, 100].
+    function updateMovingFundsParameters(
+        uint64 movingFundsTxMaxTotalFee,
+        uint64 movingFundsDustThreshold,
+        uint32 movingFundsTimeoutResetDelay,
+        uint32 movingFundsTimeout,
+        uint96 movingFundsTimeoutSlashingAmount,
+        uint256 movingFundsTimeoutNotifierRewardMultiplier,
+        uint64 movedFundsSweepTxMaxTotalFee,
+        uint32 movedFundsSweepTimeout,
+        uint96 movedFundsSweepTimeoutSlashingAmount,
+        uint256 movedFundsSweepTimeoutNotifierRewardMultiplier
+    ) external onlyGovernance {
+        self.updateMovingFundsParameters(
+            movingFundsTxMaxTotalFee,
+            movingFundsDustThreshold,
+            movingFundsTimeoutResetDelay,
+            movingFundsTimeout,
+            movingFundsTimeoutSlashingAmount,
+            movingFundsTimeoutNotifierRewardMultiplier,
+            movedFundsSweepTxMaxTotalFee,
+            movedFundsSweepTimeout,
+            movedFundsSweepTimeoutSlashingAmount,
+            movedFundsSweepTimeoutNotifierRewardMultiplier
+        );
+    }
+
+    /// @notice Updates parameters of wallets.
+    /// @param walletCreationPeriod New value of the wallet creation period in
+    ///        seconds, determines how frequently a new wallet creation can be
+    ///        requested.
+    /// @param walletCreationMinBtcBalance New value of the wallet minimum BTC
+    ///        balance in satoshi, used to decide about wallet creation.
+    /// @param walletCreationMaxBtcBalance New value of the wallet maximum BTC
+    ///        balance in satoshi, used to decide about wallet creation.
+    /// @param walletClosureMinBtcBalance New value of the wallet minimum BTC
+    ///        balance in satoshi, used to decide about wallet closure.
+    /// @param walletMaxAge New value of the wallet maximum age in seconds,
+    ///        indicates the maximum age of a wallet in seconds, after which
+    ///        the wallet moving funds process can be requested.
+    /// @param walletMaxBtcTransfer New value of the wallet maximum BTC transfer
+    ///        in satoshi, determines the maximum amount that can be transferred
+    //         to a single target wallet during the moving funds process.
+    /// @param walletClosingPeriod New value of the wallet closing period in
+    ///        seconds, determines the length of the wallet closing period,
+    //         i.e. the period when the wallet remains in the Closing state
+    //         and can be subject of deposit fraud challenges.
+    /// @dev Requirements:
+    ///      - Wallet minimum BTC balance must be greater than zero,
+    ///      - Wallet maximum BTC balance must be greater than the wallet
+    ///        minimum BTC balance,
+    ///      - Wallet maximum BTC transfer must be greater than zero,
+    ///      - Wallet closing period must be greater than zero.
+    function updateWalletParameters(
+        uint32 walletCreationPeriod,
+        uint64 walletCreationMinBtcBalance,
+        uint64 walletCreationMaxBtcBalance,
+        uint64 walletClosureMinBtcBalance,
+        uint32 walletMaxAge,
+        uint64 walletMaxBtcTransfer,
+        uint32 walletClosingPeriod
+    ) external onlyGovernance {
+        self.updateWalletParameters(
+            walletCreationPeriod,
+            walletCreationMinBtcBalance,
+            walletCreationMaxBtcBalance,
+            walletClosureMinBtcBalance,
+            walletMaxAge,
+            walletMaxBtcTransfer,
+            walletClosingPeriod
+        );
+    }
+
+    /// @notice Updates parameters related to frauds.
+    /// @param fraudChallengeDepositAmount New value of the fraud challenge
+    ///        deposit amount in wei, it is the amount of ETH the party
+    ///        challenging the wallet for fraud needs to deposit.
+    /// @param fraudChallengeDefeatTimeout New value of the challenge defeat
+    ///        timeout in seconds, it is the amount of time the wallet has to
+    ///        defeat a fraud challenge. The value must be greater than zero.
+    /// @param fraudSlashingAmount New value of the fraud slashing amount in T,
+    ///        it is the amount slashed from each wallet member for committing
+    ///        a fraud.
+    /// @param fraudNotifierRewardMultiplier New value of the fraud notifier
+    ///        reward multiplier as percentage, it determines the percentage of
+    ///        the notifier reward from the staking contact the notifier of
+    ///        a fraud receives. The value must be in the range [0, 100].
+    /// @dev Requirements:
+    ///      - Fraud challenge defeat timeout must be greater than 0,
+    ///      - Fraud notifier reward multiplier must be in the range [0, 100].
+    function updateFraudParameters(
+        uint256 fraudChallengeDepositAmount,
+        uint256 fraudChallengeDefeatTimeout,
+        uint96 fraudSlashingAmount,
+        uint256 fraudNotifierRewardMultiplier
+    ) external onlyGovernance {
+        self.updateFraudParameters(
+            fraudChallengeDepositAmount,
+            fraudChallengeDefeatTimeout,
+            fraudSlashingAmount,
+            fraudNotifierRewardMultiplier
+        );
+    }
+
+    /// @notice Collection of all revealed deposits indexed by
+    ///         keccak256(fundingTxHash | fundingOutputIndex).
+    ///         The fundingTxHash is bytes32 (ordered as in Bitcoin internally)
+    ///         and fundingOutputIndex an uint32. This mapping may contain valid
+    ///         and invalid deposits and the wallet is responsible for
+    ///         validating them before attempting to execute a sweep.
+    function deposits(uint256 depositKey)
+        external
+        view
+        returns (Deposit.DepositRequest memory)
+    {
+        return self.deposits[depositKey];
+    }
+
+    /// @notice Collection of all pending redemption requests indexed by
+    ///         redemption key built as
+    ///         keccak256(walletPubKeyHash | redeemerOutputScript). The
+    ///         walletPubKeyHash is the 20-byte wallet's public key hash
+    ///         (computed using Bitcoin HASH160 over the compressed ECDSA
+    ///         public key) and redeemerOutputScript is a Bitcoin script
+    ///         (P2PKH, P2WPKH, P2SH or P2WSH) that will be used to lock
+    ///         redeemed BTC as requested by the redeemer. Requests are added
+    ///         to this mapping by the `requestRedemption` method (duplicates
+    ///         not allowed) and are removed by one of the following methods:
+    ///         - `submitRedemptionProof` in case the request was handled
+    ///           successfully,
+    ///         - `notifyRedemptionTimeout` in case the request was reported
+    ///           to be timed out.
+    function pendingRedemptions(uint256 redemptionKey)
+        external
+        view
+        returns (Redemption.RedemptionRequest memory)
+    {
+        return self.pendingRedemptions[redemptionKey];
+    }
+
+    /// @notice Collection of all timed out redemptions requests indexed by
+    ///         redemption key built as
+    ///         keccak256(walletPubKeyHash | redeemerOutputScript). The
+    ///         walletPubKeyHash is the 20-byte wallet's public key hash
+    ///         (computed using Bitcoin HASH160 over the compressed ECDSA
+    ///         public key) and redeemerOutputScript is the Bitcoin script
+    ///         (P2PKH, P2WPKH, P2SH or P2WSH) that is involved in the timed
+    ///         out request. Timed out requests are stored in this mapping to
+    ///         avoid slashing the wallets multiple times for the same timeout.
+    ///         Only one method can add to this mapping:
+    ///         - `notifyRedemptionTimeout` which puts the redemption key
+    ///           to this mapping basing on a timed out request stored
+    ///           previously in `pendingRedemptions` mapping.
+    function timedOutRedemptions(uint256 redemptionKey)
+        external
+        view
+        returns (Redemption.RedemptionRequest memory)
+    {
+        return self.timedOutRedemptions[redemptionKey];
+    }
+
+    /// @notice Collection of main UTXOs that are honestly spent indexed by
+    ///         keccak256(fundingTxHash | fundingOutputIndex). The fundingTxHash
+    ///         is bytes32 (ordered as in Bitcoin internally) and
+    ///         fundingOutputIndex an uint32. A main UTXO is considered honestly
+    ///         spent if it was used as an input of a transaction that have been
+    ///         proven in the Bridge.
+    function spentMainUTXOs(uint256 utxoKey) external view returns (bool) {
+        return self.spentMainUTXOs[utxoKey];
+    }
+
+    /// @notice Gets details about a registered wallet.
+    /// @param walletPubKeyHash The 20-byte wallet public key hash (computed
+    ///        using Bitcoin HASH160 over the compressed ECDSA public key).
+    /// @return Wallet details.
+    function wallets(bytes20 walletPubKeyHash)
+        external
+        view
+        returns (Wallets.Wallet memory)
+    {
+        return self.registeredWallets[walletPubKeyHash];
+    }
+
+    /// @notice Gets the public key hash of the active wallet.
+    /// @return The 20-byte public key hash (computed using Bitcoin HASH160
+    ///         over the compressed ECDSA public key) of the active wallet.
+    ///         Returns bytes20(0) if there is no active wallet at the moment.
+    function activeWalletPubKeyHash() external view returns (bytes20) {
+        return self.activeWalletPubKeyHash;
+    }
+
+    /// @notice Gets the live wallets count.
+    /// @return The current count of wallets being in the Live state.
+    function liveWalletsCount() external view returns (uint32) {
+        return self.liveWalletsCount;
+    }
+
+    /// @notice Returns the fraud challenge identified by the given key built
+    ///         as keccak256(walletPublicKey|sighash).
+    function fraudChallenges(uint256 challengeKey)
+        external
+        view
+        returns (Fraud.FraudChallenge memory)
+    {
+        return self.fraudChallenges[challengeKey];
+    }
+
+    /// @notice Collection of all moved funds sweep requests indexed by
+    ///         `keccak256(movingFundsTxHash | movingFundsOutputIndex)`.
+    ///         The `movingFundsTxHash` is `bytes32` (ordered as in Bitcoin
+    ///         internally) and `movingFundsOutputIndex` an `uint32`. Each entry
+    ///         is actually an UTXO representing the moved funds and is supposed
+    ///         to be swept with the current main UTXO of the recipient wallet.
+    /// @param requestKey Request key built as
+    ///        `keccak256(movingFundsTxHash | movingFundsOutputIndex)`.
+    /// @return Details of the moved funds sweep request.
+    function movedFundsSweepRequests(uint256 requestKey)
+        external
+        view
+        returns (MovingFunds.MovedFundsSweepRequest memory)
+    {
+        return self.movedFundsSweepRequests[requestKey];
+    }
+
+    /// @notice Indicates if the vault with the given address is trusted or not.
+    ///         Depositors can route their revealed deposits only to trusted
+    ///         vaults and have trusted vaults notified about new deposits as
+    ///         soon as these deposits get swept. Vaults not trusted by the
+    ///         Bridge can still be used by Bank balance owners on their own
+    ///         responsibility - anyone can approve their Bank balance to any
+    ///         address.
+    function isVaultTrusted(address vault) external view returns (bool) {
+        return self.isVaultTrusted[vault];
+    }
+
+    /// @notice Returns the current values of Bridge deposit parameters.
+    /// @return depositDustThreshold The minimal amount that can be requested
+    ///         to deposit. Value of this parameter must take into account the
+    ///         value of `depositTreasuryFeeDivisor` and `depositTxMaxFee`
+    ///         parameters in order to make requests that can incur the
+    ///         treasury and transaction fee and still satisfy the depositor.
+    /// @return depositTreasuryFeeDivisor Divisor used to compute the treasury
+    ///         fee taken from each deposit and transferred to the treasury upon
+    ///         sweep proof submission. That fee is computed as follows:
+    ///         `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`
+    ///         For example, if the treasury fee needs to be 2% of each deposit,
+    ///         the `depositTreasuryFeeDivisor` should be set to `50`
+    ///         because `1/50 = 0.02 = 2%`.
+    /// @return depositTxMaxFee Maximum amount of BTC transaction fee that can
+    ///         be incurred by each swept deposit being part of the given sweep
+    ///         transaction. If the maximum BTC transaction fee is exceeded,
+    ///         such transaction is considered a fraud.
+    function depositParameters()
+        external
+        view
+        returns (
+            uint64 depositDustThreshold,
+            uint64 depositTreasuryFeeDivisor,
+            uint64 depositTxMaxFee
+        )
+    {
+        depositDustThreshold = self.depositDustThreshold;
+        depositTreasuryFeeDivisor = self.depositTreasuryFeeDivisor;
+        depositTxMaxFee = self.depositTxMaxFee;
+    }
+
+    /// @notice Returns the current values of Bridge redemption parameters.
+    /// @return redemptionDustThreshold The minimal amount that can be requested
+    ///         for redemption. Value of this parameter must take into account
+    ///         the value of `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`
+    ///         parameters in order to make requests that can incur the
+    ///         treasury and transaction fee and still satisfy the redeemer.
+    /// @return redemptionTreasuryFeeDivisor Divisor used to compute the treasury
+    ///         fee taken from each redemption request and transferred to the
+    ///         treasury upon successful request finalization. That fee is
+    ///         computed as follows:
+    ///         `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`
+    ///         For example, if the treasury fee needs to be 2% of each
+    ///         redemption request, the `redemptionTreasuryFeeDivisor` should
+    ///         be set to `50` because `1/50 = 0.02 = 2%`.
+    /// @return redemptionTxMaxFee Maximum amount of BTC transaction fee that
+    ///         can be incurred by each redemption request being part of the
+    ///         given redemption transaction. If the maximum BTC transaction
+    ///         fee is exceeded, such transaction is considered a fraud.
+    ///         This is a per-redemption output max fee for the redemption
+    ///         transaction.
+    /// @return redemptionTimeout Time after which the redemption request can be
+    ///         reported as timed out. It is counted from the moment when the
+    ///         redemption request was created via `requestRedemption` call.
+    ///         Reported  timed out requests are cancelled and locked balance is
+    ///         returned to the redeemer in full amount.
+    /// @return redemptionTimeoutSlashingAmount The amount of stake slashed
+    ///         from each member of a wallet for a redemption timeout.
+    /// @return redemptionTimeoutNotifierRewardMultiplier The percentage of the
+    ///         notifier reward from the staking contract the notifier of a
+    ///         redemption timeout receives. The value is in the range [0, 100].
+    function redemptionParameters()
+        external
+        view
+        returns (
+            uint64 redemptionDustThreshold,
+            uint64 redemptionTreasuryFeeDivisor,
+            uint64 redemptionTxMaxFee,
+            uint256 redemptionTimeout,
+            uint96 redemptionTimeoutSlashingAmount,
+            uint256 redemptionTimeoutNotifierRewardMultiplier
+        )
+    {
+        redemptionDustThreshold = self.redemptionDustThreshold;
+        redemptionTreasuryFeeDivisor = self.redemptionTreasuryFeeDivisor;
+        redemptionTxMaxFee = self.redemptionTxMaxFee;
+        redemptionTimeout = self.redemptionTimeout;
+        redemptionTimeoutSlashingAmount = self.redemptionTimeoutSlashingAmount;
+        redemptionTimeoutNotifierRewardMultiplier = self
+            .redemptionTimeoutNotifierRewardMultiplier;
+    }
+
+    /// @notice Returns the current values of Bridge moving funds between
+    ///         wallets parameters.
+    /// @return movingFundsTxMaxTotalFee Maximum amount of the total BTC
+    ///         transaction fee that is acceptable in a single moving funds
+    ///         transaction. This is a _total_ max fee for the entire moving
+    ///         funds transaction.
+    /// @return movingFundsDustThreshold The minimal satoshi amount that makes
+    ///         sense to be transferred during the moving funds process. Moving
+    ///         funds wallets having their BTC balance below that value can
+    ///         begin closing immediately as transferring such a low value may
+    ///         not be possible due to BTC network fees.
+    /// @return movingFundsTimeoutResetDelay Time after which the moving funds
+    ///         timeout can be reset in case the target wallet commitment
+    ///         cannot be submitted due to a lack of live wallets in the system.
+    ///         It is counted from the moment when the wallet was requested to
+    ///         move their funds and switched to the MovingFunds state or from
+    ///         the moment the timeout was reset the last time. Value in seconds
+    ///         This value should be lower than the value of the
+    ///         `movingFundsTimeout`.
+    /// @return movingFundsTimeout Time after which the moving funds process
+    ///         can be reported as timed out. It is counted from the moment
+    ///         when the wallet was requested to move their funds and switched
+    ///         to the MovingFunds state. Value in seconds.
+    /// @return movingFundsTimeoutSlashingAmount The amount of stake slashed
+    ///         from each member of a wallet for a moving funds timeout.
+    /// @return movingFundsTimeoutNotifierRewardMultiplier The percentage of the
+    ///         notifier reward from the staking contract the notifier of a
+    ///         moving funds timeout receives. The value is in the range [0, 100].
+    /// @return movedFundsSweepTxMaxTotalFee Maximum amount of the total BTC
+    ///         transaction fee that is acceptable in a single moved funds
+    ///         sweep transaction. This is a _total_ max fee for the entire
+    ///         moved funds sweep transaction.
+    /// @return movedFundsSweepTimeout Time after which the moved funds sweep
+    ///         process can be reported as timed out. It is counted from the
+    ///         moment when the wallet was requested to sweep the received funds.
+    ///         Value in seconds.
+    /// @return movedFundsSweepTimeoutSlashingAmount The amount of stake slashed
+    ///         from each member of a wallet for a moved funds sweep timeout.
+    /// @return movedFundsSweepTimeoutNotifierRewardMultiplier The percentage
+    ///         of the notifier reward from the staking contract the notifier
+    ///         of a moved funds sweep timeout receives. The value is in the
+    ///         range [0, 100].
+    function movingFundsParameters()
+        external
+        view
+        returns (
+            uint64 movingFundsTxMaxTotalFee,
+            uint64 movingFundsDustThreshold,
+            uint32 movingFundsTimeoutResetDelay,
+            uint32 movingFundsTimeout,
+            uint96 movingFundsTimeoutSlashingAmount,
+            uint256 movingFundsTimeoutNotifierRewardMultiplier,
+            uint64 movedFundsSweepTxMaxTotalFee,
+            uint32 movedFundsSweepTimeout,
+            uint96 movedFundsSweepTimeoutSlashingAmount,
+            uint256 movedFundsSweepTimeoutNotifierRewardMultiplier
+        )
+    {
+        movingFundsTxMaxTotalFee = self.movingFundsTxMaxTotalFee;
+        movingFundsDustThreshold = self.movingFundsDustThreshold;
+        movingFundsTimeoutResetDelay = self.movingFundsTimeoutResetDelay;
+        movingFundsTimeout = self.movingFundsTimeout;
+        movingFundsTimeoutSlashingAmount = self
+            .movingFundsTimeoutSlashingAmount;
+        movingFundsTimeoutNotifierRewardMultiplier = self
+            .movingFundsTimeoutNotifierRewardMultiplier;
+        movedFundsSweepTxMaxTotalFee = self.movedFundsSweepTxMaxTotalFee;
+        movedFundsSweepTimeout = self.movedFundsSweepTimeout;
+        movedFundsSweepTimeoutSlashingAmount = self
+            .movedFundsSweepTimeoutSlashingAmount;
+        movedFundsSweepTimeoutNotifierRewardMultiplier = self
+            .movedFundsSweepTimeoutNotifierRewardMultiplier;
+    }
+
+    /// @return walletCreationPeriod Determines how frequently a new wallet
+    ///         creation can be requested. Value in seconds.
+    /// @return walletCreationMinBtcBalance The minimum BTC threshold in satoshi
+    ///         that is used to decide about wallet creation.
+    /// @return walletCreationMaxBtcBalance The maximum BTC threshold in satoshi
+    ///         that is used to decide about wallet creation.
+    /// @return walletClosureMinBtcBalance The minimum BTC threshold in satoshi
+    ///         that is used to decide about wallet closure.
+    /// @return walletMaxAge The maximum age of a wallet in seconds, after which
+    ///         the wallet moving funds process can be requested.
+    /// @return walletMaxBtcTransfer The maximum BTC amount in satoshi than
+    ///         can be transferred to a single target wallet during the moving
+    ///         funds process.
+    /// @return walletClosingPeriod Determines the length of the wallet closing
+    ///         period, i.e. the period when the wallet remains in the Closing
+    ///         state and can be subject of deposit fraud challenges. Value
+    ///         in seconds.
+    function walletParameters()
+        external
+        view
+        returns (
+            uint32 walletCreationPeriod,
+            uint64 walletCreationMinBtcBalance,
+            uint64 walletCreationMaxBtcBalance,
+            uint64 walletClosureMinBtcBalance,
+            uint32 walletMaxAge,
+            uint64 walletMaxBtcTransfer,
+            uint32 walletClosingPeriod
+        )
+    {
+        walletCreationPeriod = self.walletCreationPeriod;
+        walletCreationMinBtcBalance = self.walletCreationMinBtcBalance;
+        walletCreationMaxBtcBalance = self.walletCreationMaxBtcBalance;
+        walletClosureMinBtcBalance = self.walletClosureMinBtcBalance;
+        walletMaxAge = self.walletMaxAge;
+        walletMaxBtcTransfer = self.walletMaxBtcTransfer;
+        walletClosingPeriod = self.walletClosingPeriod;
+    }
+
+    /// @notice Returns the current values of Bridge fraud parameters.
+    /// @return fraudChallengeDepositAmount The amount of ETH in wei the party
+    ///         challenging the wallet for fraud needs to deposit.
+    /// @return fraudChallengeDefeatTimeout The amount of time the wallet has to
+    ///         defeat a fraud challenge.
+    /// @return fraudSlashingAmount The amount slashed from each wallet member
+    ///         for committing a fraud.
+    /// @return fraudNotifierRewardMultiplier The percentage of the notifier
+    ///         reward from the staking contract the notifier of a fraud
+    ///         receives. The value is in the range [0, 100].
+    function fraudParameters()
+        external
+        view
+        returns (
+            uint256 fraudChallengeDepositAmount,
+            uint256 fraudChallengeDefeatTimeout,
+            uint96 fraudSlashingAmount,
+            uint256 fraudNotifierRewardMultiplier
+        )
+    {
+        fraudChallengeDepositAmount = self.fraudChallengeDepositAmount;
+        fraudChallengeDefeatTimeout = self.fraudChallengeDefeatTimeout;
+        fraudSlashingAmount = self.fraudSlashingAmount;
+        fraudNotifierRewardMultiplier = self.fraudNotifierRewardMultiplier;
+    }
+
+    /// @notice Returns the addresses of contracts Bridge is interacting with.
+    /// @return bank Address of the Bank the Bridge belongs to.
+    /// @return relay Address of the Bitcoin relay providing the current Bitcoin
+    ///         network difficulty.
+    /// @return ecdsaWalletRegistry Address of the ECDSA Wallet Registry.
+    function contractReferences()
+        external
+        view
+        returns (
+            Bank bank,
+            IRelay relay,
+            EcdsaWalletRegistry ecdsaWalletRegistry
+        )
+    {
+        bank = self.bank;
+        relay = self.relay;
+        ecdsaWalletRegistry = self.ecdsaWalletRegistry;
+    }
+
+    /// @notice Address where the deposit treasury fees will be sent to.
+    ///         Treasury takes part in the operators rewarding process.
+    function treasury() external view returns (address) {
+        return self.treasury;
+    }
+
+    /// @notice The number of confirmations on the Bitcoin chain required to
+    ///         successfully evaluate an SPV proof.
+    function txProofDifficultyFactor() external view returns (uint256) {
+        return self.txProofDifficultyFactor;
+    }
 }