bitcoin-dev

BitVMX: A Virtual CPU to optimistically execute arbitrary programs on Bitcoin

BitVMX: A Virtual CPU to optimistically execute arbitrary programs on Bitcoin

Original Postby Sergio Demian Lerner

Posted on: May 13, 2024 01:51 UTC

The recently published paper introduces BitVMX, an innovative virtual CPU design for executing arbitrary programs on Bitcoin, building upon the foundation laid by BitVM.

This new design focuses on optimizing execution through a challenge/response game and is compatible with common CPU architectures like RISC-V or MIPS. A significant advancement presented in BitVMX over its predecessors is the use of hash chains for program traces and memory-mapped registers, alongside a novel challenge-response protocol. The methodology eliminates the need for creating Merkle trees for CPU instructions or memory words, simplifying the verification process compared to BitVM1 and offering an alternative to BitVM2's approach.

BitVMX features a message linking protocol designed to facilitate authenticated communication between participants, emulating stateful smart contracts by enabling shared states across transactions. This innovation supports a verification game that employs a graph of pre-signed transactions, allowing for the resolution of disputes through n-ary search within the hash chain of program trace to precisely identify computation errors. The flexibility of BitVMX allows for various optimizations, balancing transaction costs against round complexity and the costs borne by provers versus verifiers.

Since publishing the paper, further improvements to the BitVMX protocol have been made, notably reducing the number of rounds required for verifying a SNARK to approximately 19 rounds, or 38 transactions, which is expected to consume around 400K weight units across all transactions. These enhancements are based on preliminary estimates and ongoing research; actual resource consumption will vary based on user-selected trade-offs. Additionally, setting an upper limit on the financial stakes a party is willing to risk could halve both the round complexity and transaction costs by half, presenting a more efficient and cost-effective verification process. The continuous development and optimization of BitVMX signify a promising advancement in the application of Bitcoin for executing arbitrary programs, with a detailed exposition available in the whitepaper authored by Sergio Demian Lerner, Ramon Amela, Shreemoy Mishra, Martin Jonas, and Javier Alvarez Cid-Fuentes, accessible at https://bitvmx.org/files/bitvmx-whitepaper.pdf.