The race to make Bitcoin programmable without a soft fork has become a creative arms race in the world of cryptocurrency. BitVM, a framework for proving off-chain computation on Bitcoin via fraud proofs, is at the center of this innovation.
BitVM1, the first iteration of BitVM, used a multi-round interactive protocol. BitVM2 simplified this process by using a single-round fault proof with a split SNARK verifier. Early adopters like Build on Bitcoin (BOB), Citrea, and Bitlayer have already found practical uses for BitVM2.
Now, BitVM3 is aiming to reduce on-chain fraud proof costs by approximately 1000x. However, this latest version is still in the research phase, with challenges related to security, complexity, and data availability that need to be addressed before it can be considered production-ready.
The proposed design of the BitVM bridge between BitVM2 and BitVM3 remains consistent. The key difference lies in the use of a garbled circuit in BitVM3, replacing the SNARK verifier used in BitVM2. While garbled circuits show promise in reducing Bitcoin’s on-chain burden to small commitments per logic gate, further research is needed to address potential shortcomings before implementation.
BOB has recently launched a BitVM2-based bridge testnet with DeFi partners to facilitate Bitcoin-backed assets on other chains. Despite the excitement surrounding garbled circuits, more research is required to determine their practicality. Zamyatin emphasizes that the majority of the work involved in building a bridge using BitVM remains consistent whether utilizing BitVM2 or BitVM3.
The current costs associated with BitVM2 are not insignificant, with a worst-case on-chain fraud proof estimated at around $16,000 in transaction fees. However, this is still more cost-effective than Ethereum’s OP Stack fault proofs, which can require over $40,000 in bonds and potentially hundreds of ETH to prove fraud on-chain.
Different teams are exploring various approaches to garbled circuits. Citrea is investigating a classic approach involving Yao-style garbling combined with a cut-and-choose method for circuit verification, which although simple, incurs higher communication and storage costs. On the other hand, Alpen Labs is exploring a designated-verifier SNARK, which reduces communication overhead but requires more exotic cryptography that is not yet battle-tested.
In summary, the race to make Bitcoin programmable without a soft fork continues to evolve, with BitVM at the forefront of this innovation. As teams explore different approaches to garbled circuits, the industry is moving closer to a more efficient and cost-effective solution for off-chain computation on the Bitcoin network. Stay tuned for further developments in this exciting space.