144 sats \ 4 replies \ @DiedOnTitan 25 Jul \ on: BitcoinOS Claims First Zero-Knowledge Proof Verified on Bitcoin Mainnet bitcoin
Surprised that this is not getting more traction after 21 hours. If I understand this correctly, BitcoinOS effectively enables covenants, and other functionality without requiring soft forks of any kind. This is rather a significant achievement if it holds water. This means that good old stable Bitcoin can remain unchanged, solid, and "boring" while also allowing all the flexibility of smart contracts, ZKPs, and the unlimited scalability of any shitcoin ever proposed. Effective implementation of this should drain the liquidity from all other alts and help confirm the thesis that the world only needs one blockchain with Bitcoin crowned the undisputed king.
Before I get too far ahead of myself, I would value @supertestnet's take on this development. I know he worked on BitVM which BitcoinOS specifically mentioned influenced it.
If I understand this correctly, BitcoinOS effectively enables covenants
The BitcoinOS people are active in the bitvm telegram, which I am also active in. BitcoinOS is based on bitvm (it's a new, customized implementation of the same basic idea) and it inherits one of bitvm's limitations: at least one member of a predetermined group needs to be trusted to execute BitcoinOS honestly. (The group can be very large, e.g. it can have 900 people in it.) If that assumption holds, then yes, you get covenants, and not just covenants, but any other soft fork or sidechain or spending condition anyone wants. That's pretty massive and extremely cool to me.
But you could definitely argue that these aren't "real" covenants because if all 900 (or so) people agree to break the covenant together, they can do so, and a "real" covenant (the soft fork kind) cannot be broken. If a "real" covenant says "these coins can only go to Pubkey X" then that's the only place they can go. If a 900-of-900 multisig signs a transaction saying "these coins can only go to Pubkey X, and if we break that promise you can penalize us using BitcoinOS" -- well, that's not a "real" covenant because they can still break their promise and face the penalty. BitcoinOS "covenants" are breakable (and therefore, technically, not "real" covenants) because BitcoinOS has an additional trust assumption beyond bitcoin's standard trust assumptions -- sometimes it's called the "single honest party" trust assumption.
Even though they've reduced that trust assumption to something like "it works as long as one person in a group of 900 people is honest," that's still a bridge too far for some people. But that's great! They can just not use it, so it's a win-win imo. I personally want to find solutions with a 0-honest-party trust assumption. But I'm happy that 1-out-of-900 (or similar) gets us pretty close to that, and lots of cool stuff can be built on top of that, even though it's not all the way there yet. And, well, you know, nothing's perfect anyway.
reply
at least one member of a predetermined group needs to be trusted to execute BitcoinOS honestly.
This is very clarifying. Thanks for the detailed response. This does indeed feel like a great step in the right direction.
reply
Realistically how close are we to real covenants then? This was the first time I had ever heard of them and was instantly fascinated by the idea because of what I feel they could unlock! Or are they something that really likely will never come to fruition for either technological or use case issues?
reply
Yeah Im not gunna lie I was surprised it didnt gain more traction either! It doesn't require a hard fork I did get a little confused if it would need a soft fork or not but none the less it is a remarkable advance in tech! Esp this section
ZKPs can be used to create covenants—conditional payments that cannot be executed unless the right proof is provided. This is the key to building a decentralized Bitcoin bridge
reply