The BitVM white paper has been released. How do developers view the vision of "computing anything on Bitcoin"?

Author: Jaleel, BlockBeats

Last night, the head of the ZeroSync project released a white paper titled "BitVM: Compute Anything on Bitcoin," which sparked heated discussions.

In this white paper reviewed by Super Testnet and Sam Parker, it is evident that BitVM is a new computing paradigm designed by Robin Linus at Zero Sync, integrating Optimistic Roll Up, Fraud Proof, Taproot Leaf, and Bitcoin Script.

BitVM allows for the expression of Turing-complete Bitcoin contracts without changing the consensus rules of the Bitcoin network, enabling the execution of any computable function and performing offline computations without leaving any trace on-chain. The white paper also discusses aspects such as the architecture, inputs and outputs, limitations, and outlook of BitVM.

Just one hour after the white paper was released, it reached 110,000 views, and as of the time of writing, the views have climbed to 1.82 million, with discussions in the English community being exceptionally lively, making it one of the biggest hot topics in the crypto space recently. KOL @LeonidasNFT considers this an exciting innovation and has inscribed the BitVM paper onto Bitcoin, ensuring its eternal existence in a more native way.

How do Bitcoin developers evaluate it?

This year, the Bitcoin ecosystem has been particularly vibrant, with the Ordinals market giving rise to many extended narratives around Bitcoin, and Bitcoin developers are also very active.

Currently focused on the Ordinals marketplace and launchpad, BioniqMarket CEO @BobBodily has been building tools to help developers build on Bitcoin. He stated on his social media: "BitVM is not a one-size-fits-all solution. BitVM is not as good as EVM; it is slower, more expensive, and more complex. The core advantage of BitVM is that we can gain additional programmability on Bitcoin right now without upgrades. No new op_codes are needed. No soft forks are required. It can be used right now."

At the same time, Bob Bodily also mentioned: "Potential use cases for BitVM that are easy to implement include decentralizing various applications that currently rely on centralized services, including DLC oracles, congestion control/coinjoin aggregators, and sidechain fiat currencies. Additionally, BitVM does not address the trustless bridging issue of sidechains, which may require contracts. BitVM is strictly superior to Greg Maxwell's 2016 ZKP conditional payment example. BitVM is very complex, making it difficult to understand and implement. Upgrading Bitcoin with a single op_code could achieve the same thing."

Bitcoin does not need to change anything

Researcher Sam Parker believes that BitVM offers the potential to achieve more programming capabilities without modifying the Bitcoin protocol, and how this capability can help decentralization and eliminate the need for trusted third parties. He also mentioned that this is an optional feature, and the Bitcoin community and users can choose whether and how to use it.

In a lengthy tweet, Sam Parker wrote: "To reiterate, Bitcoin today is Turing complete like any other chain, and this does not require any changes to Bitcoin. One of the classic viewpoints of some of the biggest Bitcoin maximalists when 'pointing fingers' is: Turing complete = bad, which I find quite foolish. Firstly, the technical definition of Turing completeness actually requires infinite runtime, and in our reality, nothing can truly achieve Turing completeness because we do not have infinite space and time to accommodate it."

Regarding the content of the BitVM white paper, Sam Parker said: "In this process, a small group of script hackers, such as @robinlinus and @supertestnet, have figured out how to encode all the functionalities we want from a general-purpose computer into Bitcoin's extremely limited opcode set. Therefore, the only thing preventing Bitcoin's virtual machine (VM) from being Turing complete like Ethereum is not an issue of expressiveness, but merely a matter of runtime, with the strictest limitation being the stack size limit.

All BitVM does is allow us to distribute the runtime of certain logic, which exceeds the scope of a single transaction, across multiple transactions. That's it. We haven't added any new semantic features; we've just exponentially increased the length of the programs we can run. Thus, by technical definition, Bitcoin is not actually more Turing complete than before; it has just been given a runtime in programs that we can reasonably say are 'sufficiently Turing complete for anything we actually want to execute.'

This is voluntary; if you do not trust your coins being locked into a Turing complete contract (which is entirely reasonable), then do not lock them into a Turing complete smart contract. One advantage of the UTXO system is secure sandboxing. If people strongly believe that Bitcoin should not have this feature, perhaps due to incentives or other issues, then that should be a topic worth discussing, but fundamentally this would require getting rid of Taproot, which at this point seems very foolish." Sam Parker wrote.

"BitVM gives me a cautious sense of excitement"

As a strong supporter of another Bitcoin extension protocol, Drivechains, Eric Wall, founder of Simp DAO and a veteran crypto researcher, was invited by community members to express his views on BitVM. Eric Wall stated: "I just finished reading this white paper, and all the concepts resonate with me. I am inherently not very interested in schemes that require a large number of pre-signed transaction exchanges during the setup phase—I don't know what problems such schemes might create. The two big issues are overhead and permission."

He now maintains a cautious sense of excitement about BitVM, waiting to see what actual experiments will bring. Perhaps the two-party limitations of this scheme have elegant, trivial solutions, or perhaps they do not. Maybe for specific types of computations, like zk proofs, the overhead is manageable. If BitVM works well in verifying zk proofs, that would be interesting—BitVM would play the role of the zkwasm layer he discussed earlier.

"As a side note, I am curious about what will happen when people realize that the attack model is quite similar to Drivechains. Miners could steal the entire balance of BitVM by colluding with provers and reviewing challenges, and this situation might last shorter than in Drivechains." Eric Wall wrote.

By allowing the expression of Turing-complete contracts on the Bitcoin network without leaving on-chain traces, BitVM provides a new way to explore complex blockchain computations while maintaining the principles and security of the Bitcoin network. This also enables Bitcoin to embrace broader use cases and innovative possibilities without directly modifying its core protocol.

It is undeniable that BitVM has sparked many in-depth discussions about the design and evolution of Bitcoin. How it will be implemented and function within the Bitcoin network in the future will be an extremely intriguing technological exploration journey. This also raises a critical question: Are we ready to expand Bitcoin from a digital currency primarily used for value storage and transactions into a global platform capable of more extensive and complex computations? This drives us to think more deeply about the future form of Bitcoin, whether it should add more "native" programmability or continue to maintain simplicity, security, and immutability.

References

1. BitVM White Paper