Editor’s Note:

On November 12, ZeroSync project leader and BitVM developer Robin Linus published "BitStream: Decentralized File Hosting Incentivized by Bitcoin Payments" in which he proposed a decentralized file hosting incentive protocol BitStream, which provides a sustainable alternative. For example, a user may only upload a video once, incurring a one-time fee, but if the video becomes popular and is downloaded 100,000 times, the bandwidth cost of the server may far exceed the initial upload revenue.

BitStream’s pay-per-download approach offers a solution: it allows servers to charge for each download, ensuring that revenue scales with the popularity and demand of the media, creating a balanced and profitable ecosystem.

BitStream identifies all files through unique hashes, emphasizing the importance of the verification process in the context of atomic file purchases. Compared to Filecoin and BitTorrent, BitStream avoids unnecessary altcoins and over-design of technical protocols, and focuses on solving practical needs.

Shinobi, a self-taught educator in the field of Bitcoin, described in detail how the BitStream protocol works, emphasizing that file sellers can use some innovative means to encrypt and sign files to improve the efficiency of fraud proof. By building a special encrypted file tree, the validity of the file can be verified more efficiently.

The idea of ​​using digital currency to atomically purchase digital files has a long history in this space. Digital goods, digital currency, seem to be a perfect match. Digital goods, i.e. information, are also a huge market. Imagine all the video, audio, text, games, and other forms of digital content that people buy and consume on a regular basis. Their market is worth billions of dollars, and people interact in these markets every day.

Most attempts to implement paid file sharing have gone the wrong way. Filecoin tried to do this on top of IPFS, but ended up being ridiculously overengineered. BitTorrent (the company, not the protocol) was acquired by Justin Sun and integrated its own cryptocurrency and blockchain. Both projects made no real progress technically, were technically overengineered, and had questionable economic motivations.

BitStream is a proposal by Robin Linus that attempts to solve the need for atomically purchasing data without unnecessary alternative coins and over-engineered technical protocols.

All files can be uniquely identified by a single hash, which is a very important detail in this scheme. Atomic selling of files requires encrypting the file with a function that allows the user to verify the encrypted content, after which the user atomically purchases the encryption key for the file. The problem is that the verification process, and more importantly, proving that you have been deceived and the file decrypted to incorrect data is expensive. Simply put, you need to generate the entire encrypted file and the decryption key so that others can decrypt and verify that the decrypted data matches the expected hash value.

File sharing systems like BitTorrent often split files into standard sized chunks and build a merkle tree, which allows the root hash to be used as a file identifier in a magnet link and verify that each individual chunk of the file you downloaded is a valid part of that file. This is an exploitable property that can greatly improve the efficiency of fraud proofs to show that a file distributor has deceived you.

The seller of the file can generate a random value and use this value to encrypt each file block by XORing it with the random value. They can then sign a statement containing the encrypted file root hash and the hash of the encrypted value. The encrypted file tree is set up in a special way to simplify fraud proofs.

Instead of just building the normal file blocks into an encrypted merkle tree, the tree creates leaf pairs consisting of an encrypted file block and the hash of the unencrypted file block next to it. Now, a buyer can download the encrypted file and atomically purchase the decrypted value after taking the hashes of all the unencrypted blocks and creating a merkle tree from them to ensure they match the root hash of the unencrypted file. This is achieved by the seller using it as a preimage for an HTLC on the Lightning Network or a preimage for a Chaumian eCash mint that supports HTLCs (such as Cashu).

If the file decrypts incorrectly, either because the encrypted data is another file or because the preimage is not the actual encryption key, then the Merkle path to any two leaves in the encrypted file tree can show that the seller deceived the buyer. Providing only the path to any encrypted file block and its corresponding unencrypted block hash and the preimage purchased by the buyer will clearly prove that the seller did not provide the buyer with the file they claimed.

Any file seller using the BitStream protocol can deposit a security deposit that can be slashed with a fraud proof as designed above if they defraud their customers. In the simplest case, this can be performed by depositing a security deposit in the Chaumian Mint. Platforms like Liquid offer alternative ways to build trustless execution through features like OP_CAT. Scripts can be built that actually accept BitStream fraud proofs and validate them on the stack, allowing the creation of a UTXO that can be spent by anyone with a valid fraud proof. If OP_CAT becomes available on the mainchain, it may even be possible to operate without a federated execution environment at all.

BitStream is a very promising protocol for the atomic sale of digital information with a very efficient fraud proof scheme that does not require junk coins.