A Layman’s Guide to Bitcoin Virtual Machine (BitVM)

On October 9, 2023, Robin Linus, the developer behind ZeroSync, an organization dedicated to enhancing Bitcoin’s scalability through zero-knowledge proofs, unveiled the BitVM whitepaper. This proposal not only piqued the interest of the crypto community but also laid the foundation for exciting possibilities in Bitcoin application development moving forward.

What is Bitcoin Virtual Machine (BitVM)?

BitVM, which stands for Bitcoin Virtual Machine, is a groundbreaking solution that introduces Turing-complete smart contracts directly to the Bitcoin blockchain.

Unlike some other smart contract platforms, BitVM doesn’t execute code directly on the Bitcoin blockchain itself. Instead, it serves as a tool for verifying the accuracy of off-chain code execution. In simpler terms, it ensures that scripts have been executed correctly outside of the Bitcoin network.

One remarkable feature of BitVM is that it doesn’t require any changes to the core consensus rules of Bitcoin. It achieves this by handling the complex computational tasks off the main Bitcoin blockchain. Only in cases of disputes, when one party challenges the outcome, a few steps of the computation can be brought on-chain for verification. This means that most BitVM activity occurs off the Bitcoin blockchain.

In a nutshell, BitVM empowers Bitcoin to perform complex Turing-complete computations in a verifiable manner, all within the existing Bitcoin framework.

To draw a comparison, you can think of BitVM somewhat like optimistic rollups on Ethereum. Optimistic rollups assume transactions are valid and provide a window for disputes. Similarly, BitVM can generate proofs of incorrect execution when there’s fraud or misconduct, but it does so with minimal on-chain overhead. It only requires the publication of code segments where errors occur.

The unique value proposition of BitVM lies in its ability to enable Bitcoin to host smart contracts without necessitating a soft or hard fork, preserving the network’s stability and security. While the exact use cases are still under exploration and development, potential applications include trustless bridges, prediction markets, and the introduction of new Op_Codes.

BitVM’s arrival opens the door to a world of possibilities within Bitcoin, and as further research unfolds, it’s poised to redefine the landscape of decentralized finance.

A Closer Look at How BitVM Works

BitVM utilizes Taproot addresses to minimize its on-chain footprint. It operates within a two-party framework, consisting of a Prover and a Verifier. Here’s how it works:

1. Address Setup: Both parties deposit Bitcoin into a shared Taproot Address using a 2-of-2 multisignature setup. This ensures that control over the deposited funds requires agreement from both the prover and verifier.
2. Challenge and Response: The prover and verifier engage in a sequence of pre-signed transactions. In this sequence, the verifier presents a challenge related to the smart contract, and the prover responds with a solution. This Challenge-Response process continues iteratively.
3. Complex Smart Contracts: Before this interaction begins, both the prover and verifier compile the smart contract into a set of if-then statements that cover every possible outcome. This creates a comprehensive map. To save space on the blockchain, this map is ‘Merkelized,’ an efficient technique for compactly representing complex data structures.
4. Pre-signed Transactions: In addition to the challenge-and-response setup, both parties jointly pre-sign a sequence of transactions. These pre-signed transactions serve as a safety net in case a dispute arises. They define the conditions under which the deposited funds are transferred.
5. Deposit and Access: Once the necessary groundwork is laid, both parties deposit Bitcoin into the shared Taproot address. If the prover successfully responds to all challenges, they gain access to the deposited Bitcoins.
6. Failure and Recovery: If the prover fails to meet the challenges or behaves dishonestly, the verifier can claim the Bitcoin placed at stake by the prover. This incentive structure promotes honest behavior.
7. Timelocks: Verifiers can also utilize timelocks, setting deadlines for the prover to make decisions. If the prover doesn’t act within the specified time, they risk losing their deposit.
8. On-Chain Resolution: Disputes between the prover and verifier lead to the Challenge-Response transactions being posted on the Bitcoin blockchain. This ensures that, in case of disagreements, the blockchain serves as an impartial judge.
9. Off-Chain Settlement: If no disputes arise, the transactions can be settled off-chain, making BitVM an efficient and scalable solution for smart contract execution within the Bitcoin network.

In essence, BitVM’s operation is a careful dance between two parties, optimizing the use of blockchain resources while maintaining the security and enforceability of smart contracts. Here’s a simplified explanation of BitVM through an illustration by Bitcoin Illustrated:

Drawbacks of BitVM

While BitVM is undoubtedly an exciting innovation, it’s essential to take a moment and recognize its limitations.

BitVM, though promising, is not without its challenges. When we compare BitVM to the Ethereum Virtual Machine (EVM), it lags in several key aspects. BitVM exhibits slower transaction processing, higher operational costs, and greater complexity. Particularly, the management of off-chain data comes with substantial overhead and the potential for unmanageable growth.

Here are some of the limitations of BitVM, as pointed out by Bob Bodily, PhD, the founder of bioniq, the first marketplace for Ordinals built on Bitcoin’s Layer 2 Network:

Limitation 1: Two-Party System Only Currently, BitVM contracts are limited to interactions between two parties, which inherently restricts the range of use cases. While two individuals can engage in smart-contract-like activities, this limitation doesn’t extend seamlessly to scenarios involving sidechains or rollups. This poses a substantial constraint on BitVM’s versatility.

Progress: In the BitVM Telegram community, discussions are brewing with numerous ideas on how to implement a multi-party system. While none have reached a practical stage yet, it’s worth noting that this innovation is in its early days. With time, it’s conceivable that a multi-party BitVM smart contract solution will emerge, unlocking a broader array of applications.

Limitation 2: One-Time Use Smart Contracts As per Bob’s observation, the current implementation of BitVM necessitates a new Bitcoin transaction for each smart contract interaction between two parties. This leads to what he aptly calls “one-time use smart contracts.” While BitVM’s design is intriguing, practical implementation becomes more challenging as it involves a significant number of interactions between the involved parties.

Potential Solution: Addressing this limitation is crucial. BitVM’s potential progress in this area may lie in integrating a Zero-Knowledge (ZK) verifier into the BitVM framework. If achieved, it could usher in true Layer 2 solutions on Bitcoin, where proofs from the Layer 2 can be verified within the ZK verifier of BitVM. In this scenario, BitVM wouldn’t merely be a Bitcoin Layer 2 but could also reduce trust assumptions in bridging to a Layer 2 and in transacting within it. BitVM could hold the key to unlocking Layer 2 capabilities on Bitcoin without necessitating a network upgrade.

For a more in-depth exploration of these limitations and potential solutions, you can refer to Bob’s detailed thread.

Final Thoughts

In conclusion, BitVM is a thrilling innovation that widens the door for introducing smart contracts into the Bitcoin ecosystem without the need for resource-intensive hard forks, as most computational heavy lifting occurs off-chain. While its current focus revolves around two-party interactions, the potential for future extensions is significant, encompassing possibilities akin to the Lightning Network and integration with off-chain protocols. Perhaps most intriguingly, BitVM showcases the concept that Bitcoin can indeed become Turing-complete, offering a framework for verifying the execution of any program, even if currently confined to a two-party context.

BitVM stands as one of the most exhilarating technical achievements within the Bitcoin landscape in recent memory. Its presence in the blockchain arena appears to be a lasting one, and while it grapples with notable limitations at the moment, the prevailing sentiment suggests that these hurdles are solvable. There’s a lengthy journey of low-level development ahead of us before we can harness the full potential of BitVM, but a community of brilliant developers is already hard at work, eagerly driving its evolution forward.

The BitVM story is far from over. As it matures and continues to evolve, it has the potential to reshape the landscape of smart contracts and computation within the Bitcoin network. With these innovative minds at the helm, BitVM’s journey is one worth watching and participating in, as it holds the promise of unlocking remarkable possibilities for the future of Bitcoin and decentralized finance.