pull down to refresh
295 sats \ 2 replies \ @supertestnet 25 Jul \ parent \ on: BitcoinOS Claims First Zero-Knowledge Proof Verified on Bitcoin Mainnet bitcoin
The BitcoinOS people are active in the bitvm telegram, which I am also active in. BitcoinOS is based on bitvm (it's a new, customized implementation of the same basic idea) and it inherits one of bitvm's limitations: at least one member of a predetermined group needs to be trusted to execute BitcoinOS honestly. (The group can be very large, e.g. it can have 900 people in it.) If that assumption holds, then yes, you get covenants, and not just covenants, but any other soft fork or sidechain or spending condition anyone wants. That's pretty massive and extremely cool to me.
But you could definitely argue that these aren't "real" covenants because if all 900 (or so) people agree to break the covenant together, they can do so, and a "real" covenant (the soft fork kind) cannot be broken. If a "real" covenant says "these coins can only go to Pubkey X" then that's the only place they can go. If a 900-of-900 multisig signs a transaction saying "these coins can only go to Pubkey X, and if we break that promise you can penalize us using BitcoinOS" -- well, that's not a "real" covenant because they can still break their promise and face the penalty. BitcoinOS "covenants" are breakable (and therefore, technically, not "real" covenants) because BitcoinOS has an additional trust assumption beyond bitcoin's standard trust assumptions -- sometimes it's called the "single honest party" trust assumption.
Even though they've reduced that trust assumption to something like "it works as long as one person in a group of 900 people is honest," that's still a bridge too far for some people. But that's great! They can just not use it, so it's a win-win imo. I personally want to find solutions with a 0-honest-party trust assumption. But I'm happy that 1-out-of-900 (or similar) gets us pretty close to that, and lots of cool stuff can be built on top of that, even though it's not all the way there yet. And, well, you know, nothing's perfect anyway.
at least one member of a predetermined group needs to be trusted to execute BitcoinOS honestly.
This is very clarifying. Thanks for the detailed response. This does indeed feel like a great step in the right direction.
reply
Realistically how close are we to real covenants then? This was the first time I had ever heard of them and was instantly fascinated by the idea because of what I feel they could unlock! Or are they something that really likely will never come to fruition for either technological or use case issues?
reply