Original author:Haotian

A white paper titled BitVM: Compute Anything On Bitcoin has sparked heated discussions among developers. It seems to mean that the Bitcoin network has implemented a Turing-complete contract and can execute any computable function?

Does this mean that the Bitcoin network can reproduce all the narratives of ecosystems such as Ethereum? And there is no need to change the existing Bitcoin consensus, or even any upgrades. Just relying on the current basic op_code of Bitcoin can give the Bitcoin network complex programmability, so that the Bitcoin network can calculate everything with Turing completeness?

Wait, don’t start dreaming now, let’s discuss the idea path of BitVM first.How does the Script space perform complex programming? What does Optimism Rollup thinking mean? Fraud Proof What is the principle of fraud proof? What are the obstacles to the implementation of BitVM?Next, I will walk you through a step-by-step analysis of its general logical framework to facilitate your easy understanding. (But don’t discuss more specific technical implementation details)

How to implement complex programmable features?

Since Bitcoins programming capabilities are very limited and only support simple logic and limited operation codes on scripts, complex smart contracts cannot be developed on the Bitcoin network. The core point of the BitVM proposal’s imaginative thinking is that,Through the taproot address matrix or taptree, various program instructions similar to binary circuits are implemented, and the combination is equivalent to a complete contract execution.

Specifically, we can regard the UTXO spending conditional instruction in each Script as the smallest unit of the program. The execution of a script has two results: true and false. If you enter a certain code in the taproot address, you can get a deterministic result. 0 or 1, if a large number of taproot addresses are formed into a matrix, an ordered taptree can be formed, and the execution result will have a large number of binary circuit text effects such as 011001, which can be regarded as an executable binary program. The complexity of the program depends on the number of combined taproot addresses. The more addresses there are, the richer the preset instructions of each Script under the Bitcoin framework, and the more complex the program that the entire taptree can execute. Maker Sense, right?

This idea is really big enough. But according to this logic,The smallest unit of instructions is indeed completed by the Bitcoin full node, and taproot addresses are infinitely superimposed. The possibility of infinite combinations can superimpose many complex calculations.To a certain extent, it is not an exaggeration to say that it is a Turing-complete machine. However, infinitely stacking taproot addresses will only increase cost consumption. In theory, everything can be realized with Turing completeness, but it is unrealistic.

Therefore, the Turing completeness mentioned in the white paper is only an extreme ideal situation, which is a bit stealing the concept. Even Ethereums so-called supercomputer cannot fully realize Turing completeness, let alone the Bitcoin network that only relies on scripts. ?

A brief analysis of some complex concepts

Based on the above understanding of the core framework, let’s look at the Optimism Rollup, Fraud Proof and Bit commitment mentioned in the white paper. What is Logic Gate? Since a single taproot space and executable code logic are limited, executing complex programs off-chain and only putting key verification links on the chain is a kind of rollup idea, isnt it?

Fraud Proof can be understood this way. Prover and verifier first compile a huge binary circuit. When the Bitcoin network executes the circuit, there is a premise that Prover must pre-sign and pledge a certain amount of Bitcoin assets. If Verifier verifies that Prover has If you are suspected of doing evil, you can send a transaction to the chain to trigger the UTXO unlocking condition of the taptree program on the chain. If successful, the verifier can confiscate the provers mortgage assets, which is equivalent to a fraud proof process.

In this logic, it is not difficult for us to understand why BitVM is only applicable to two parties with agreed consensus, that is, the total circuit diagram must be shared before execution, the fraudster certification program must be executed within the validity period, and certain assets must be pledged and pre-signed.If both parties do not cooperate in establishing an agreed consensus off-chain, it will be difficult to achieve a true contract execution solely by relying on the limited on-chain execution environment of the Bitcoin network.

What are the obstacles to the implementation of BitVM?

1) BitVM is currently only suitable for on-chain operations between two Parties that have agreed on a consensus.The on-chain environment is just an open and transparent process of contract execution. Currently, it can only be implemented between two agreed subjects. If NN is implemented, more complex technical logic design is required.

2) How BitVM applies the script of a single taproot address to implement the smallest programming unit, which cannot exceed the execution logic framework of BitcoinFor example, hashlock and timelock cannot exceed the limited storage conditions. Optimistically, one taproot address can program hundreds of logic gates. For more, a large number of addresses must be combined to build a taptree. The problem is, the execution of the preset unlocking conditions of the taproot address requires payment of mining fees. The more address combinations, the greater the cost. In the future, the two-way channel technology of the Lightning Network may be able to reduce costs, but in general, the Bitcoin network must be relied upon to execute logic gate circuits, which is not only slow, but also expensive when you think about it.

3) BitVM ideally supports very limited scenarios and is more suitable for heavy off-chain calculations. Only some consensus and asset transfers need to rely on on-chain scenarios.For example, the asset disposal link of the game, etc.;

In general, BitVM is an open-minded and very creative idea. However, according to its technical framework for implementation, it is known that it will most likely be limited to the white paper conception stage in the short term. Long-term application scenario exploration and implementation still face challenges. A huge challenge. Let’s use a very simple example to illustrate:BitVM is like building a giant computer larger than a room in an era when everyone can use a mobile terminal.