Bitcoin L2s Series: BitVM and Its Breakthrough Innovation

By Michael @ CryptoEQ | CryptoEQ | 18 Apr 2024

BitVM represents a notable advancement in enhancing the functionality of Bitcoin’s Layer 1 (L1) through off-chain execution coupled with on-chain verification capabilities. This initiative builds upon the Taproot upgrade, providing a structured approach to execute programs off-chain with the ability to challenge and verify these executions on-chain through fraud proofs. BitVM emerged as a strategic response to the challenges in adding new OP_CODES through conventional proposals within the Bitcoin community. Its design cleverly utilizes existing OP_CODES to introduce new functionalities.

This innovative approach has caught the attention of the Bitcoin community because it is designed to execute Bitcoin contracts without altering the core principles of the Bitcoin blockchain. By verifying computations rather than executing them directly on the blockchain, BitVM employs a methodology analogous to that of optimistic rollups. This system enables more sophisticated off-chain computations while ensuring scalability and maintaining the original consensus rules of Bitcoin. BitVM distinguishes itself from other blockchain scaling solutions such as the Lightning Network, Rootstock, or Stacks, which more closely resemble sidechains than rollups. Sidechains are independent blockchains with their own block producers and smart contract environments, often compromising either security or decentralization for scalability. In contrast, rollups, including BitVM, process transactions off the main chain in batches, which are then submitted back to the main chain for verification, maintaining both security and decentralization.

The primary ambition behind BitVM is to scale Bitcoin's transaction processing capabilities significantly. Robin Linus, the brain behind BitVM, isn’t particularly focused on smart contracts or increasing Bitcoin’s expressivity. His primary interest lies in elevating Bitcoin's transaction processing capacity to millions per second, a monumental leap from its current capability. This objective places BitVM at the heart of Bitcoin's potential evolution.

While BitVM offers the potential to handle arbitrary logic off-chain, the practicality of implementing such functionality is constrained by the escalating cost of executing fraud proofs for larger off-chain programs. Consequently, BitVM's application is predominantly suitable for specific use cases, such as trust-minimized BTC bridges, which are becoming increasingly common in newer Bitcoin Layer 2 (L2) solutions. The most compelling application of BitVM lies in minimizing trust bridges and advancing ZKP (Zero-Knowledge Proof) scalability, particularly in the context of ZK Rollup.

Technical Foundation and Operational Mechanics

Proposed by Robin Linus of ZeroSync, BitVM leverages existing Bitcoin OP Codes—specifically OP_BOOLEAN and OP_NOT—to construct basic logical circuits of AND and NOT gates. This approach breaks down programs into these fundamental circuits, integrating them into Taproot transactions for efficient, low-cost on-chain storage. Theoretically, this means BitVM could achieve Turing completeness on Bitcoin, allowing it to perform a vast range of computations. However, practical limitations still exist in this nascent stage.

Prover and Verifier Dynamics

BitVM operates on a peer-to-peer (P2P) model, adhering to the structure of OP Rollup, with distinct roles assigned to provers and verifiers. In this system, both parties collaboratively create a transaction, wherein the prover submits a result, and collateral is deposited. If the verifier computes a differing result, they are empowered to submit a fraud proof to the blockchain, which can lead to financial penalties for the prover. This mechanism ensures accountability and integrity within the system, albeit with existing incentive challenges that might require future structural adjustments.



Transaction Processing

The operational mechanism of BitVM comprises several stages:

  1. Agreement on Program Execution: Initially, the prover and verifier agree on a specific program that encapsulates the contract's logic. This program, essentially a compilation of binary texts containing scripts, defines the executable steps.
  2. Pre-signing Transactions: To prepare for potential disputes, both parties pre-sign a series of transactions. These transactions are structured to support a challenge-response game, a strategic interaction designed to manage and resolve disputes.
  3. Off-Chain Execution: Following the setup, the execution of the program commences off-chain, minimizing the blockchain transaction load. This stage involves continuous data exchange necessary for executing the agreed-upon program.
  4. On-Chain Modifications and Deposits: Parties may make on-chain modifications to formalize or update the contract’s activation/execution as the off-chain computation progresses.
  5. Dispute Resolution via Challenge-Response Mechanism: This mechanism plays a crucial role in settling disputes by enabling verifiers to challenge the prover’s assertions and requiring the prover to substantiate their claims with appropriate evidence.

The transaction processing system is designed to ensure efficiency and security, providing a structured approach to manage complex computational tasks off the main Bitcoin blockchain.


Scalability and Practical Challenges

While BitVM heralds a new paradigm in scalability, it's essential to acknowledge the practical challenges it faces. Firstly, compared to the established EVM (Ethereum Virtual Machine) with its comprehensive VM architecture, BitVM is in its infancy, currently possessing only a rudimentary function that verifies binary strings. Secondly, the storage cost is a significant hurdle. Creating a program using NAND gates could necessitate data sizes in the hundreds of MBs, involving billions of taptree leaves. Lastly, the current P2P model, based on a two-party interaction, poses potential incentive issues within its prover-challenger architecture. Future considerations include expanding this model to accommodate multiple participants, akin to the ideal OP Rollup with its single honest assumption.

  • Computational and Storage Limitations: Practical implementation issues arise from the need to construct programs using NAND gates, potentially requiring substantial data storage and processing capabilities.
  • P2P Interaction Model: The current two-party interaction model poses significant incentive challenges. Future considerations include expanding to a more inclusive model (1-N or N-N), akin to the ideal OP Rollup, which relies on the assumption of a single honest participant.

Michael @ CryptoEQ
Michael @ CryptoEQ

I am a Co-Founder and Lead Analyst at CryptoEQ.


Gain the market insights you need to grow your cryptocurrency portfolio. Our team's supportive and interactive approach helps you refine your crypto investing and trading strategies.

