Last night, the head of the ZeroSync project released a white paper titled "BitVM: Compute Anything on Bitcoin", which caused heated discussion.

As can be seen in this white paper reviewed by Super Testnet and Sam Parker, BitVM is a new computing paradigm designed by Robin Linus at Zero Sync, which combines Optimistic Roll Up, Fraud Proof, Taproot Leaf and Bitcoin Script.

BitVM allows the expression of Turing-complete Bitcoin contracts without changing the consensus rules of the Bitcoin network. It can execute any computable function and perform offline calculations without leaving any traces on the chain. The white paper also introduces BitVM's architecture, input and output, limitations and prospects.

The white paper received 110,000 views in just one hour after it was released, and as of the time of writing, it has received 1.82 million views. Discussions in the English community were extremely heated, and it has become one of the hottest topics in the crypto community in recent times. KOL @LeonidasNFT believed that this was an exciting innovation, so he engraved the BitVM paper on the Bitcoin inscription, making it exist forever in a more native way.

What do Bitcoin developers think?

The Bitcoin ecosystem is particularly lively this year. The Ordinals market has spawned many extended narratives of Bitcoin, and Bitcoin developers are also very active.

@BobBodily, CEO of BioniqMarket, which is currently focusing on Ordinals marketplace and launchpad, has been building tools to help developers build on Bitcoin. He said on his social media: "BitVM is not a permanent solution. BitVM is not as good as EVM, it is slower, more expensive and more complicated. The core advantage of BitVM is that we can get additional programmability on Bitcoin now without upgrading. No new op_codes are needed. No soft fork is required. It can be used now."

At the same time, BobBodily also said: "Potential use cases that BitVM can easily implement include decentralizing parts of various applications that currently rely on centralized services, including DLC ​​oracles, congestion control/coinjoin aggregators, and sidechain quorums. In addition, BitVM does not solve the problem of trustless bridging of sidechains, which may require contracts. BitVM is strictly superior to Greg Maxwell's 2016 ZKP conditional payment example. BitVM is very complex and difficult to understand and implement. The same thing can be achieved by upgrading Bitcoin through an op_code."

Bitcoin does not need to change anything

Researcher Sam Parker believes that BitVM provides the potential to achieve more programming capabilities without modifying the Bitcoin protocol, and how this capability can help decentralization and eliminate the need to trust a third party. At the same time, he also mentioned that this is an optional feature, and the Bitcoin community and users can choose whether and how to use this feature.

In the long tweet, Sam Parker wrote: "Again, Bitcoin is now Turing complete just like any other chain, and this does not require any changes to Bitcoin. Some of the classic views of some Bitcoin maximalists when they are "pointing the finger" are: Turing complete = bad, which I think is stupid. First of all, because the technical definition of Turing completeness actually requires an infinite running time, in our reality there will never be anything that is truly Turing complete, because we do not have infinite space and time to accommodate this. "

Regarding the content of the BitVM white paper, Sam Parker said: “In the process, a small group of script hackers, such as @robin_linus and @super_testnet, have figured out how to encode all the functions we want from a general-purpose computer into Bitcoin’s extremely limited set of operation codes. Therefore, the only thing that prevents Bitcoin’s virtual machine (VM) from being Turing-complete like Ethereum is not a problem of expressiveness, but simply a problem of running time, the most stringent of which is the limit on stack size.

All BitVM does is allow us to spread the running time of some logic that extends beyond the scope of a single transaction across multiple transactions. That's it. We haven't added any new semantic features, we've just exponentially increased the length of programs we can run. So by the technical definition, Bitcoin isn't actually more Turing-complete than it was before, it's just been given a running time for programs that we can reasonably say are Turing-complete enough for any program we actually want to execute.

This is voluntary, and if you don't trust your coins to be locked into a Turing-complete contract (completely reasonable), then don't lock them into a Turing-complete smart contract. One advantage of the UTXO system is security sandboxing. If people do feel strongly that Bitcoin shouldn't have this feature, perhaps due to incentive issues or something, then this should be a worthy discussion, but basically it would require getting rid of Taproot, which seems very stupid at this time. "Sam Parker wrote.

"BitVM gives me a cautious sense of excitement"

As a great supporter of Drivechains, another Bitcoin extension protocol, Eric Wall, founder of Simp DAO and senior crypto researcher, was invited by community members to express his views on BitVM. Eric Wall said: "I just finished reading this white paper, and all the concepts are suitable for me. I am naturally not interested in those schemes that require a very large number of pre-signed transaction exchanges during the setup phase - I don’t know what problems such schemes may cause. Additional resource consumption (overhead) and permission (permission) are two big problems."

For now he’s cautiously excited about BitVM, waiting to see what real-world experiments will bring. Maybe the two-party limitation of the scheme has an elegant, trivial solution, maybe not. Maybe for certain types of computation, like zk-proofs, the overhead is manageable. If BitVM works well enough to verify zk-proofs, that’d be interesting — BitVM would be filling the role of the zkwasm layer he’s discussed before.

“As a side note, I’m curious about what happens when people realize that the attack model is fairly similar to drivechains. Miners could steal the entire balance of BitVM by colluding with the prover and censoring the challenge, and this could happen in a shorter period of time than in drivechains,” wrote Eric Wall.

By allowing Turing-complete contracts to be expressed on the Bitcoin network without leaving an on-chain trace, BitVM provides a new way to explore complex blockchain computations while maintaining the principles and security of the Bitcoin network. This also allows Bitcoin to embrace a wider range of use cases and innovative possibilities without directly modifying its core protocol.

It cannot be ignored that BitVM has triggered many in-depth discussions about the design and evolution of Bitcoin. How it will be implemented and play a role in the Bitcoin network in the future will be an extremely attractive journey of technological exploration. This will also raise a key question: Are we ready to expand Bitcoin from a digital currency mainly used for storage and transactions to a global platform that can perform broader and more complex calculations? This also drives us to think more deeply about the future form of Bitcoin we want. Should Bitcoin add more "native" programmability or should it continue to remain simple, secure and immutable?

References

1. BitVM White Paper