The main goal of this design is to build a specially tailored Layer2 network for the Bitcoin blockchain. The Bitcoin Layer2 network is designed to meet the growing demand for faster and more efficient transactions within the Bitcoin ecosystem. By releasing certain transaction processing tasks from the main network, it aims to alleviate congestion on the Bitcoin main network and dramatically reduce the time required for transaction confirmations.
Given the inherent limitations of the computational power of the Bitcoin Virtual Machine (VM), our design utilizes BitVM, which demonstrates the potential for executing smart contracts between two layers of the network. By utilizing a challenge-and-response scheme, BitVM demonstrates a new approach to Bitcoin network programmability that breaks traditional limitations.
To enhance the security and integrity of the Bitcoin Layer2 network, the design implements stateful verification by integrating Zero Knowledge Proof (ZK) techniques. These advanced cryptographic techniques allow the main Bitcoin network to efficiently verify the state of the Layer2 network without compromising the privacy and confidentiality of underlying transactions. Zero-knowledge proofs are able to validate information without revealing the specifics of a transaction, thus ensuring the integrity of the Layer2 network while protecting privacy.
Overall, the design aims to improve the scalability, speed, and efficiency of the Bitcoin network through the Layer2 network, the use of BitVM for smart contract execution, and the integration of Zero-Knowledge Proof technology for state verification, while maintaining the privacy and security of underlying transactions.
0. Architecture
The Layer2 blockchain uses an account model. The state of the entire blockchain is verified by zkVM, which is based on the Halo2 proof system.The Layer2 state is synchronized with the main Bitcoin network, and all Layer2 state is verified by the Zero-Knowledge Proof (ZKP) verifier implemented in BitVM. We use a UTXO to track all Layer2 state. In addition, we use a trusted preconditioner to ensure that only the inputs/outputs of the locking/unlocking scripts follow the Layer2 protocol.
1. Layer2 Committee and Trusted Prophecy Machine
The Layer2 committee, consisting of a group of selected users, is responsible for overseeing the overall operation of the Layer2 network. In case of protocol problems, the committee can intervene and stop the protocol to protect the assets of all users. The Trusted Prophecy Machine is important for verifying the correctness of input/output UTXOs and scripts.
2. Layer 1 to Layer 2
A single Taproot address is created to represent the Layer2 protocol on the Bitcoin network. When a UTXO is created and transferred to the Taproot address, the corresponding UTXO is actually “recharged” from the main Bitcoin network to Layer2.
The protocol or committee account specifically handles the “transfer” of all UTXO assets that are “topped up” to Layer2. Only the Protocol, Trusted Prophet or Commission account can change the ownership of deposited UTXO. The Trusted Prophet ensures that the ownership transfer transaction contains the correct output UTXO script.
3. Synchronizing Blocks to the Main Bitcoin Network
The state of all Layer2 networks is synchronized to the main Bitcoin network in the form of blocks. For a block, the following information should be provided:
– Transactions in a particular block;
– The new account state after applying those transactions;
– The new UTXO in the current block state (always ready even if the protocol is broken);
– Block information of the Bitcoin network;
– Zero-knowledge proofs (proof that the state transition from the previous block to the current block is correct) All of these states of the Bitcoin mainnet are recorded in a UTXO transaction history.
3.1 More on Proofs
Zero-knowledge proofs are used to verify the correctness of Layer2. Attempts were made to prove the following:
– Layer2’s block transactions were signed correctly.
– The new state of all accounts was processed correctly.
– All top-up transactions prior to a specific block on the main Bitcoin network were processed correctly.
– For the current state, all UTXO allocations were created correctly.
3.2 Block Information Challenges
To ensure the correctness of block information specified in the Bitcoin Mainnet, we use a challenge-and-response scheme. A prover can prove the accuracy of block information by pointing out that N blocks exist after a specific block during the locking time period.
3.3 ZKP Circuit and BitVM Enhancement
As shown in the BitVM paper, ZKP verification can be represented as a binary circuit that can be challenged by two participants. With a pre-signed transaction, a challenge can be sent to obtain a bit commitment for the circuit. If 0 and 1 are revealed, the challenge succeeds. In order to use BitVM to verify ZKP, the following two points need to be noted: BTC Asic Miner
The same binary circuit promise can only be used once. That is, if the same circuit commitment is used for more than one block, it may reveal 0s and 1s for a single bit commitment.
For ZKP verification, in addition to circuit satisfiability, the “common input” should be checked.
To deal with these two shortcomings, for each block in Layer2, a unique binary circuit is created and the “public input” is fixed. Bitcoin scripts are used to handle the hashing and checking of the public input. Correct public input bits are promised to be checked by a trusted prediction machine. Any member of the committee has the right to challenge the circuit satisfiability.
4. From Layer2 to the Bitcoin Mainnet
Assets can be moved from Layer2 to the main Bitcoin network in two ways: withdrawals (withdrawals) and force-withdrawals. Withdrawal transactions are triggered from Layer2 and the ZKP circuitry ensures that the transaction is processed as expected. Force-withdrawal transactions are initiated from the Bitcoin network.https://www.hominers.com/
4.1 Withdrawal and Force Withdrawal Transactions
Withdrawal transactions triggered from Layer2 are validated using the ZKP circuitry to ensure that the transaction is processed correctly. Forced withdrawal transactions initiated from the Bitcoin Network must be included in the next block status update.
4.2 UTXO Allocation
UTXO allocations are synchronized when a block’s status is updated. In the case of a protocol halt, all UTXOs can be applied to secure all user assets. Among these UTXOs, only UTXOs for withdrawals or forced withdrawals are signed by the protocol.
5. Layer2 Exit
Once ZKP is unverified, the committee must stop and exit the protocol. If the protocol is stopped, the committee signs all UTXO allocations specified in the latest block state of Layer2. With these signatures, users can withdraw their funds from Layer2 without any loss.
WeChat
Scan the QR Code with wechat