0 sats \ 0 replies \ @lightcoin OP 27 Mar \ parent \ on: BitVM 2: Permissionless Verification on Bitcoin [Draft writeup] bitcoin
Bridges/sidechains may not be the only applications to benefit from a permissionless challenger protocol. Since this change can be utilized by any BitVM application I think it is worth the version bump.
The thread does say that if the payment is to a CASP then the sender will need to KYC, which suggests to me that if the merchant is using a custodial point of sale system hosted by a third party (like BitPay) then all customers will need to KYC.
https://twitter.com/paddi_hansen/status/1771929875894399367
I actually think that optimistic ZK rollups are the most promising bitcoin scaling solution
Rollups on their own are limited in throughput due to the block size limit on their parent chain. On bitcoin this is a theoretical max throughput of a few hundred thousand tx per 4 million WU block, which translates to about 50 tps. Compare this to Visa which does 10s of thousands of tps during peak load and you'll see we have a big gap to close. I think more likely is that rollups will work together with validia chains and payment channel networks (such as Lightning) to reach the level of scale required -- but this is not without some security tradeoffs. See also: https://lightco.in/2023/12/13/lightning-validia-rollups/
We will no longer be able to say "bitcoin, not crypto", because crypto garbage will run on top of bitcoin.
That ship sailed over a decade ago when people started building colored coins on bitcoin.
Can we do optimistic ZK rollups solution on bitcoin that does fast, cheap, private and trustless transactions for the world and it explicitly does not do EVM, tokens, NFTs?
sure, devs can design a rollup with whatever capabilities or limitations that they want. although as we've seen with inscriptions and colored coins on L1 it is probably impossible to prevent people from building embedded consensus protocols aka "metaprotocols" or "client side verification" protocols if they have some way of storing arbitrary data in transactions.
If they use proof of work then it would be called POW
Using proof of work for issuance of the staking asset is a separate process from staking itself.
Why would you burn precious BTCs?
As a provably-fair way of issuing the staking asset.
Wrapping Bitcoin on a proof of stake protocol is a big attack to Bitcoin and will prob fail.
Based on your comments so far it seems that you don't really understand what you're talking about, so maybe save your opinions and confident predictions of failure for a topic you're better educated on.
There are many models for generating staking assets. They could even be generated using proof of work or burning BTC. As the post points out BTC itself could be the staking asset. Anyways there's not really a "network" to "sustain" here as such, the staking asset is just being used as a Sybil prevention and penalty enforcement mechanism for the bridge protocol.
BitVM bridge research. Posted one of my findings yesterday:
#423955
interest rates are set by the market, I don't think it's worthwhile estimating what they might in this early research stage. but if someone wanted to actually implement this then they probably would want to do a market analysis to see what kind of rates would actually be competitive and economically viable.
The first 8 minutes or so of this talk I gave at btc++ last year explains the motivation for working on bridges: https://yewtu.be/watch?v=M40yzuv6DNY
With that context in mind, Bitstake is a decentralized (and potentially more secure) alternative to the federated/permissioned bridges that exist today. If we accept that the motivation for bridges is sound, then it follows that finding a design that is more decentralized and secure is a worthwhile thing to work on.
someone who wants to earn fees from operating the bridge (and chain if the staker set is re-used for operating the chain)
nowadays there is a huge industry of professional stakers for all kinds of different protocols, could draw from that pool of experienced operators or recruit new ones.
"Bitcoin's first" technically true
it's not the first, it hasn't even launched yet. if it launches on mainnet first then they can claim first.
3759 sats \ 2 replies \ @lightcoin 7 Feb \ parent \ on: Introducing Citrea: Bitcoin’s First ZK Rollup bitcoin
Assuming the details in the post and docs accurately describe what the final product will look like, the main difference is that Citrea is verified optimistically using a BitVM program rather than an onchain smart contract, and as such is limited to at-best a 1-of-n security model (where
n
is a permissioned group of arbitrary size) rather than a single honest party security model (as in optimistic rollups, where the single honest party could be anyone, and it is assumed that they can get a fault proof transaction confirmed during a challenge period) or a trustless security model (as in validity rollups, where all rollup txs are cryptographically verified). That said, the developers of almost all rollups on other chains have chosen to ultimately rely on some kind of multisig for security, because their smart contracts can be upgraded to any arbitrary new code using a multisig (often a "committee" of trusted community members, often with no time delay). So assuming this rollup does not choose to insert some trusted multisig into the governance model, that could also be a difference.Other than those differences the rollup works the same as other zkEVM rollups: it is EVM compatible, it posts its state data to a parent chain (in this case bitcoin), and it inherits the full double-spend resistance and data availability guarantees of bitcoin.
they do better than 2x
https://bitcoinrollups.org/#section-4-scaling-improvements