By: https://twitter.com/BitLayerLabs, https://twitter.com/hhh69251498

Repo: https://github.com/bitlayer-org/BitVM-Research

Background

BitVM’s white paper has gained huge attention, and this project can be a promising game changer for Bitcoin ecosystem, there are a lot of community analysis about it.

However, an overall process article with experimental code is missing, and the Bitlayer team has decided to fill this gap, enabling more developers to better understand the principles of BitVM.

This article provides a comprehensive overview of the BitVM process, including the construction of challenge trees and response trees, various types of scripts (such as HashLock Script and Prover Timelock Script), and the Equivocation script for penalizing a dishonest Prover. It also covers the complete processes for both honest and malicious Provers. The full BitVM process involves mechanisms such as multi-signature, time locks, and Equivocation detection.

BitVM Verifying Scheme

Untitled

In BitVM, to verify the correctness of the above computation, we need to construct three tap trees.

1. Challenge Taptree:

The leaves script of this tree show below.

Untitled

There are mainly two types of scripts. One is the HashLock Script, in which the verifier can reveal the preimage of the corresponding hash to challenge a certain Gate of the prover. The other is a time lock script, which allows the prover to unlock the corresponding UTXO when the verifier has not revealed the preimage of the challenged gate's hash after a certain time (equivalent to the Prover winning the challenge).

The 0x737c687538967d2f2d3d5454e19c78ca20962700 can be replaced by other values generated by hash160(preimage).

OP_HASH160 
<0x737c687538967d2f2d3d5454e19c78ca20962700>
OP_EQUALVERIFY

Hash160(0xc00ebfc3) = 0x737c687538967d2f2d3d5454e19c78ca20962700

If we want to unlock this script we need to provide the preimage for 0x737c687538967d2f2d3d5454e19c78ca20962700 .

The Prover Timelock script is designed to allow the Prover to withdraw the staked UTXO when the verifier fails to propose a new gate to challenge within the allotted time.