> For the complete documentation index, see [llms.txt](https://docs.bitcoinos.build/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.bitcoinos.build/technical-documentation/grail-pro-charms-zkbtc/technical-overview/grail-pro.md).

# Grail Pro

Grail Pro is designed to allow the execution of general purpose smart contracts on the Bitcoin blockchain, including (but not limited to) those that require programmable BTC. For example, Grail Pro allows Uniswap or Aave-like smart contracts that depend on pooling user funds and&#x20;

allows smart contracts that are multi-party and not just bi-lateral. Grail Pro allows BTC to become programmable by creating BTC charms (zkBTC). It consists of a network of operators, each running within a trusted execution environment (TEE). The operators perform the following functions:&#x20;

Roster Management&#x20;

The operators maintain a global roster of operators that is kept synchronized by exchanging state messages over an authenticated P2P network. Each operator is identified by its public key, which is associated with a specific snapshot of application code, configuration and operating system using a cryptography attestation. This ensures that only operators with the expected code can be included in the roster.&#x20;

Each operator keeps a Schnorr keypair, allowing it to sign outgoing messages and taproot transactions.&#x20;

MPC Signing&#x20;

The operators maintain a “Grail address”, which is a taproot address that can only be spent by providing a quorum of 12 signatures. This address can be used to lock BTC, as well as charms, in such a way that they can only be spent according to the constraints of the specific zk-app. This is enforced using MPC and advanced taproot techniques. Each operator receives signature requests and signs them only if an appropriate ZKP is provided that assures that the constraints of the zk-app are met.&#x20;

Secure Persistence&#x20;

The operators maintain an encrypted key-value storage. Access is vetted using cryptographic attestation. This is used to provide operators with encrypted persistence so that they keep their identity. User wallets can back-up their keys and restore them using the attestation capabilities of biometric authentication devices.&#x20;

A protocol designed for this purpose (ESSR) is used to allow only parties with valid credentials to decrypt the value in the keystore. The protocol uses HPKE to encrypt the secrets both at-rest and in-flight. Credentials can be either cryptographic TEE attestations or Passkeys for biometric authentication.&#x20;

Trusted Execution Environments&#x20;

Grail Pro currently runs inside AWS Nitro enclaves. The enclave generates a key-pair randomly at startup and maintains the same key throughout its existence.

Enclaves are organized in clusters, where each cluster is considered an independent operator identified by a single key-pair. Enclaves in a cluster are deployed on different availability zones, and thus back each other up in case of outage. The following diagram shows how enclaves are arranged in clusters, each cluster acting as an independent operator and communicating with the rest of the operators over an authenticated P2P network.&#x20;

![](/files/YsKMYJBpSW8eWcm7WrCo)

\ <br>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.bitcoinos.build/technical-documentation/grail-pro-charms-zkbtc/technical-overview/grail-pro.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.