Bitcoin BitVM: What is it, exactly?
The beginner’s guide to Bitcoin BitVM
Bitcoin breakthroughs don't come around too often. But when they do, they're often complex and difficult to understand at first. BitVM is no exception.
The new development that emerged in October 2023 unlocks Bitcoin’s ability to verify complex computations in a way that does not involve any modifications to the network.
More specifically, BitVM makes Bitcoin Turing-complete using pre-existing components of its Script programming language.
By becoming Turing-complete, the Bitcoin blockchain could in theory be used to extend Bitcoin’s functionality far beyond the “peer-to-peer electronic cash system” vision first laid out in the Bitcoin white paper.
Quick intro to Bitcoin and Turing completeness
While Turing completeness might sound like something from an Ikigai handbook, it's used to describe programming languages that can compute arbitrary functions/solve any problem.
American mathematician Alonzo Church first coined the term in the 1930's, referencing the work of his student, and famous English computer scientist, Alan Turing.
Prior to BitVM, Bitcoin's Script programming language was not considered Turing-complete. Despite multiple efforts, nobody could find a way to make Bitcoin do all the things a modern computer can do.
But it’s important to note that many see Bitcoin’s simplicity as a defining feature rather than a shortcoming or bug.
The importance of Bitcoin’s limitations
Bitcoin's phantom creator(s), Satoshi Nakamoto, limited Bitcoin's programming functionality one year after launching the protocol.
You might wonder why? It all comes down to security. The more simplistic a system is, the less things there are that can go wrong with it.
As an example, let’s compare a luxury car with all the top-of-the-line bells and whistles to a normal bicycle.
Sure, the luxury car offers a lot of functionality that you can’t find on the bike, but you're far more likely to run into technical problems. A traditional bicycle, on the other hand, has very few moving parts and therefore, has far fewer things that could potentially break. You're unlikely to run into dashboard light issues, failing air suspension or auto lane changing issues on a bicycle — because it doesn’t have those features in the first place.
In this example, Bitcoin is like a bicycle. Its simplicity ultimately reduces the number of ways a malicious agent can disrupt its network. Distributed Denial of Service (DDoS) attacks, for example, have no effect on the current Bitcoin network, but they are a major problem for other projects that offer more complex functionality.
What is BitVM?
BitVM introduces a system that makes any computation verifiable on Bitcoin's blockchain, in a way that doesn't impact its security or change the network. This development opens the door to complex computations such as Turing-complete smart contracts, all processed off-chain to reduce congestion on Bitcoin’s blockchain.
In short, it’s like finding out your pocket calculator can support MMORPG video games using existing components in a way that doesn’t negatively impact its performance.
To understand how BitVM achieves all of this, let's start at the beginning.
Computers use things called logic gates to execute programs.
It sounds complicated, but logic gates simply take one or more binary inputs (0's and 1's), run a small computation based on what type of logic gate they are and spit out a single output.
Your smartphone, tablet or laptop will likely contain hundreds of thousands, if not millions, of different types of logic gates.
Now, there's one special type of logic gate called a "NAND" gate. A NAND gate is known as a universal logic gate because it can be used to create any other type of logic gate function. It's kind of like the Ditto Pokémon of the logic gate world.
Now, here's where all of this ties into BitVM. The people behind BitVM discovered a way of representing NAND logic gates on Bitcoin using its existing Script language.
The implications of this are profound for two reasons:
- It allows for Bitcoin Turing-complete smart contracts.
- There is no need to implement software changes that could disrupt the Bitcoin network. People can start using the BitVM model immediately.
Additionally, Bitcoin's blockchain only verifies these types of complex computations on-chain. Execution happens off-chain.
In other words, the bulk of the work is performed somewhere else, not on the Bitcoin blockchain itself. This avoids causing unnecessary strain on the Bitcoin network that could result in high fees or slower processing times.
How does BitVM work?
BitVM is currently limited to only two parties: a "prover" and a "verifier."
Let's say two parties want to transact together via a smart contract using the Bitcoin blockchain.
One party (the prover) asserts that the smart contract works as advertised without needing to run it directly on Bitcoin's blockchain.
The second party (verifier) needs to have certain assurances that the smart contract works as claimed. They both co-sign a number of transactions that grants the verifier the right to challenge parts of the smart contract, and the prover to respond.
If either party attempts to deceive the other, or fails to collaborate, the honest party stands to receive any funds deposited into the smart contract once it's activated.
In the event of a dispute, specific conditions of the smart contract program can be executed on-chain to prove whether fraudulent activity has taken place.
Who created BitVM?
Robin Linus, a ZeroSync core contributor, published the BitVM whitepaper on October 9, 2023.
ZeroSync is a nonprofit organization based out of Zug, Switzerland. It primarily focuses on improving Bitcoin's scalability and privacy by developing zero-knowledge proof (ZKP) solutions.
Why is BitVM important?
BitVM introduces a system for executing complex computations off-chain, provides a robust system of accountability for both parties involved and is implementable without requiring a software upgrade.
This development also lays the groundwork for Optimistic-style rollups on Bitcoin. This process would involve bundling and processing BTC transactions off-chain and submitting proofs on-chain. All off-chain transactions would be considered valid, as part of the optimistic approach. Only when there’s a dispute are transactions executed on-chain to confirm their validity.
Rollups like this could considerably improve Bitcoin’s transaction throughput, in the same way Optimistic rollups used by protocols such as Optimism (OP), improve Ethereum's processing capabilities.
What comes next for BitVM?
BitVM represents an important breakthrough for Bitcoin for a variety of reasons.
From a technical standpoint, it unlocks the network’s potential to verify any type of complex computation, albeit in a limited two-party setting for now.
This advancement could also lead to new applications and scalability benefits for Bitcoin down the line.
But perhaps most importantly, BitVM highlights that Bitcoin’s functionality was never limited by its protocol, but by the imagination of it users.
Limitations of BitVM
It's important to note that while BitVM offers a lot of promising benefits, it's not without its drawbacks.
Both Linus and other contributors involved have accepted this model is in its early stages, and is far from a polished solution.
The following are some of the limitations of BitVM that the team is still working to overcome:
- In its current state, BitVM is only a two-person model. This limitation means it cannot support large-scale decentralized applications with multiple transacting parties.
- On-chain verification could still clog up Bitcoin's blockchain.
- Off-chain computations will likely involve huge amounts of data.