How We Did It: The First ZK Proof on Bitcoin - Edan Yago & Gadi Guy at Bitcoin Nashville #Bitcoin
Summary
TLDRAt the Nashville Bitcoin conference, Bitcoin OS made a groundbreaking announcement by introducing zero-knowledge proofs to Bitcoin for the first time, enabling scalability to thousands of transactions per second, native private transactions, and sophisticated smart contracts without a soft fork. Guy, the CTO of Bitcoin OS, explained the interactive protocol and large Taproot tree used to achieve this, showcasing a real-world application with a zk-SNARK proof verified on the Bitcoin blockchain. This innovation opens doors for trustless layer 2 rollups and applications like decentralized exchanges and stablecoins, revolutionizing Bitcoin's capabilities to compete with Ethereum and other blockchains.
Takeaways
- 🎤 The conference is a significant event where major milestones in Bitcoin are announced, attracting a large crowd.
- 📣 High-profile figures like Trump and Elon Musk are expected to make announcements, adding to the conference's importance.
- 🔒 Bitcoin OS introduced zero-knowledge proofs for the first time in Bitcoin transactions, marking a technological breakthrough.
- 🚀 This innovation allows Bitcoin to scale to thousands of transactions per second without the need for the Lightning Network.
- 🔒 The introduction of zero-knowledge proofs enables native private transactions in the Bitcoin network.
- 🤖 Bitcoin can now support sophisticated smart contracts, broadening its capabilities.
- 🔄 The technology allows for trustless layer two rollups, enhancing Bitcoin's functionality to match other blockchain platforms like Ethereum and Solana.
- 🛠️ Guy, the CTO of Bitcoin OS, explained the technical process of integrating zero-knowledge proofs without a soft fork or new bip codes.
- 🌳 The team built a large Taproot tree and a new virtual machine optimized for elliptic curve cryptography to achieve the integration.
- 🔗 They also represented Merkel proofs to keep transaction sizes manageable, ensuring quick mining.
- 📈 The demonstration of the ZK proof verification involved an interactive protocol between a prover and verifier, with a costlier process for the dishonest party.
- 🔗 The final transaction was successful, and the team provided code on GitHub for the community to verify the proof's authenticity.
- 🔍 Future steps include turning the two-party protocol into a multi-party one for real-world security and building applications like trustless bridges and ZK rollups.
Q & A
What is the significance of the conference mentioned in the script?
-The conference is significant because it is a place where major milestones in Bitcoin are announced, attracting a large crowd including notable figures like Elon Musk.
What technological milestone was introduced by Bitcoin OS recently?
-Bitcoin OS introduced zero-knowledge proofs for the first time in Bitcoin transactions, allowing for scalability, privacy, and the introduction of smart contracts without needing a soft fork.
How does the introduction of zero-knowledge proofs impact Bitcoin's capabilities?
-The introduction of zero-knowledge proofs allows Bitcoin to scale to thousands of transactions per second, have native private transactions, and support sophisticated smart contracts, making it competitive with other blockchain platforms like Ethereum and Solana.
What is the challenge of implementing ZK proof verification on Bitcoin?
-The challenge is that a ZK proof verification program is very large and not practical to run on Bitcoin due to its limited scripting capabilities and inability to perform advanced math.
How did Bitcoin OS overcome the challenge of implementing ZK proofs on Bitcoin?
-Bitcoin OS turned the ZK proof verification into an interactive protocol, creating a large Taproot tree with small chunks of the program that can be turned into Bitcoin script code.
What is a Taproot tree and how does it relate to ZK proof verification on Bitcoin?
-A Taproot tree is a structure that includes all the small chunks of the ZK proof verification program. It allows for the smallest possible chunk of the program to be run as a Taproot leaf, making the proof verification practical on Bitcoin.
What is the virtual machine invented by Bitcoin OS for ZK proof verification?
-The virtual machine invented by Bitcoin OS is specifically optimized for the math required by elliptic curve cryptography, allowing the ZK proof verification code to be ported and optimized for Bitcoin.
How does the interactive protocol involving the prover and verifier work in ZK proof verification?
-The prover posts the proof to Bitcoin, and the verifier checks it. If the proof is incorrect, the verifier stakes funds to challenge it, and they begin an interactive protocol to resolve the disagreement. The protocol involves multiple steps and can be completed within a few blocks.
What is the consequence for the party that is dishonest during the interactive protocol?
-If the prover is correct, they take the stake from the verifier. If the verifier is correct and the proof is wrong, the verifier takes the stake from the prover, ensuring that the dishonest party pays all the fees.
What are the next steps for Bitcoin OS in terms of ZK proof verification?
-The next steps include turning the two-party protocol into a multi-party protocol for real-world security, building real-world applications with this technology, and developing trustless bridges between Bitcoin and other blockchains, as well as ZK rollups, smart contracts, decentralized exchanges, and stable coins.
How can interested individuals contribute to or learn more about Bitcoin OS's work?
-Interested individuals can join the Bitcoin OS Telegram group, contribute as coders if they have the skills, and help develop the technology further by using the provided code on GitHub to verify the proof on the mainnet.
Outlines
🚀 Bitcoin Conference Milestone: Introduction of Zero-Knowledge Proofs
The first paragraph of the script introduces the excitement surrounding the Bitcoin conference, where significant Bitcoin milestones are announced. The recent introduction of zero-knowledge proofs (ZK proofs) into Bitcoin transactions is highlighted as a major technological advancement. This development enables Bitcoin to scale to thousands of transactions per second without the need for the Lightning Network, introduces native private transactions, and allows for the integration of sophisticated smart contracts. The script also discusses the potential of trustless layer two rollups, which can facilitate various functionalities that were previously thought to be unattainable with Bitcoin. The speaker, Guy, CTO of Bitcoin OS, is introduced to explain how his team managed to implement ZK proofs without a soft fork or new bip codes.
🛠️ Technical Breakdown of Zero-Knowledge Proofs Integration in Bitcoin
In the second paragraph, the script delves into the technical aspects of integrating zero-knowledge proofs into Bitcoin. It explains that running a ZK proof verification program directly on Bitcoin is impractical due to the limitations of Bitcoin script and the large size of the program. Instead, an interactive protocol was developed, allowing two or more parties to negotiate the smallest possible chunk of the program that can be represented as Bitcoin script. The process involves building a large Taproot tree and a new virtual machine optimized for elliptic curve cryptography, which was used to port the ZK proof verification code. The script also describes the verification process involving a prover and a verifier, with the verifier having the option to challenge the proof by staking funds. The protocol is interactive, with the final transaction being successful if the proof is correct, and the dishonest party bearing the fees. The speaker invites the audience to verify the proof using code provided on GitHub.
🔗 Future Applications and Opportunities with ZK Proofs in Bitcoin
The final paragraph of the script discusses the future steps and applications of zero-knowledge proofs in Bitcoin. It mentions the need to evolve the two-party protocol into a multi-party protocol for real-world security and the intention to build real-world applications with this technology. The speaker highlights the potential for creating trustless bridges between Bitcoin and other blockchains, as well as the development of ZK rollups, smart contracts, decentralized exchanges, and stablecoins on the Bitcoin network. These applications could bring functionalities to Bitcoin that currently exist in the Ethereum Virtual Machine (EVM) world. The script concludes with an invitation for coders to join the team via a QR code and a Telegram group, emphasizing the team's recruitment efforts.
Mindmap
Keywords
💡Bitcoin
💡Zero-knowledge proofs
💡Transactions per second
💡Private transactions
💡Smart contracts
💡Layer 2 rollups
💡Ethereum
💡Soft Fork
💡Bitcoin OS
💡Taproot
💡Merkle proofs
Highlights
The conference is a hub for major Bitcoin milestones announcements.
Introduction of zero-knowledge proofs for Bitcoin transactions without soft forks or new bip codes.
Bitcoin can now scale to thousands of transactions per second without the Lightning Network.
Bitcoin now supports native private transactions.
Sophisticated smart contracts can be introduced into Bitcoin.
Bitcoin can achieve functionality comparable to Ethereum or Solana with zero-knowledge proofs.
GDI, the CTO of Bitcoin OS, explains the verification of ZK proofs on Bitcoin.
ZK proof verification is a large program impractical for Bitcoin's limited script.
Interactive protocol developed to narrow down the program into a Bitcoin script code.
Introduction of a large Taproot tree for efficient ZK proof verification.
Development of a new virtual machine optimized for elliptic curve cryptography.
Merkel proofs and state commitment representation to keep transactions under 100K.
Verification process involves a prover and verifier with an interactive protocol.
Costly verification process where the dishonest party pays the fees.
Transaction example provided with a simple code to verify the proof on Mainnet.
Next steps include turning the two-party protocol into a multi-party protocol for real-world applications.
Plans for trustless bridges between Bitcoin and other blockchains.
Potential for ZK rollups, smart contracts, decentralized exchanges, and stable coins on Bitcoin.
Invitation to join the team and contribute to Bitcoin OS development.
Transcripts
hello
Nashville Sounds like the mic's working
there are a lot of people here standing
in line because this conference has
become the place that major milestones
in Bitcoin are announced and everyone is
standing in line for Trump and maybe uh
Elon Musk to make an announcement which
is going to be yet another milestone in
Bitcoin but that isn't the only
significant Milestone that has been at
this particular particular Bitcoin
conference just a few days ago Bitcoin
OS announced something that on a
technological level is certainly no less
profound for the first time ever zero
knowledge proofs were introduced as
transactions to bitcoin mayet no
softwalk no changes we actually have
lift off for the first time ever we have
ZK proofs on bitcoin and what does this
mean it's means that Bitcoin is now able
even without lightning Network to scale
to thousands of transactions per second
it means that Bitcoin can now have
native private transactions and it means
that you can now for the first time
introduce sophisticated smart contracts
into Bitcoin but perhaps the most
phenomenal thing that this does is it
allows Bitcoin to have truly trustless
layer toos rollups where any type of
functionality can occur it used to be
the case that people said they needed to
create new chains because Bitcoin was
old boober coin and you couldn't do
enough things on it but with zero
knowledge proofs Bitcoin now has the
power to do anything that
ethereum that Solana or any other piece
of software in the blockchain space can
do so a lot of people have been asking
questions how was this accomplished how
did people manage how did Bitcoin OS
manage to do what people had said was
impossible to introduce zero knowledge
proofs without a soft Fork without a new
bip without any new up codes and here
from Bitcoin OS for the first time on
stage is gy Guy the CTO of Bitcoin OS
who's going to explain how his team
managed to pull off the impossible gy hi
guys so I'm GDI um I want to tell you
today about something that I personally
find very very exciting which is that we
have successfully verified the ZK proof
on top of
Bitcoin um keeping the existing um
consensus rules and I want to tell you a
little bit about how we did it and about
the opportunities that that opens up for
the Bitcoin
ecosystem okay so um as you might have
heard on July 23rd we have um done
something for the first time we we have
verified the ZK proof on top of Bitcoin
and I want to tell you about how I want
to tell you how we did it so a ZK proof
verification is essentially a program
that's very very large and it's not
really practical to run that on top of
Bitcoin because Bitcoin script is
extremely limited and doesn't have the
ability to do any kind of advanced
math and uh so u a SN verification
program if you did write that in Bitcoin
script would probably be about um at
least a terabyte in size which is
completely science fiction there's no
way to run that on bitcoin and so what
we did was we turned that into an
interactive protocol that allows two or
more parties to narrow down the program
and
negotiate um the smallest possible chunk
of that program that we can actually
turn into a Bitcoin script code and um
we build built a very very large Tapo
tree that includes all of these little
chunks and so after the protocol after
these two parties narrow down the
program to the bit where they disagree
on only that bit can be run as a tap rot
leaf and in the end you get a proof that
runs on top of Bitcoin and um either
succeeds if the SN verification succeeds
or fails if the SN verification fails um
so to do that with we've built a very
very large Depo
tree um and um we we invented a new kind
of virtual machine for this purpose that
is specifically optimized for the kind
of math that elliptic curve cryptography
requires and uh we used that we we
ported the snot verification code to
that virtual machine and that allows
allowed us to optimize the out of
it and we uh we also thought about doing
um representing the Merkel proofs
representing the the state commitment as
Merkel proofs in order to keep each
transaction down to at most
100K so here you can see what a
verification actually looks like this is
this is a real thing for mayet um so you
have a prover and the verifier that the
the prover initially posts the proof to
bitcoin and then the verifier can see
this check the proof and decide if the
proof is correct or incorrect if the
proof is incorrect the verifier has to
stake some funds in order to challenge
the the challenge the proof and then
they uh begin the interactive protocol
that you see um the Prov part that we
call we call Patrick is um colorcoded
blue and the verifier part that we call
um Victor is color colorcoded orange
um this this this case of the protocol
took about 25
steps um which was which we managed to
get into as few as six blocks okay and
the initial the the final step of the
protocol that you can see here labeled
step 26 is performed by the by the
prover and in this case since the proof
is correct the final transaction is
successful the the idea behind this this
is that since this can be quite costly
to do um if if the prover is is correct
and the proof is right then the Prov get
takes the stake from the verifier and if
the verifier is correct and the proof is
wrong then the verifier takes a state on
the approval which means basically that
the dishonest party is the one paying
all of the fees which is good and that
that means we don't really care how
expensive it is um the only real that we
have is that we want all the
transactions to be small enough that we
can make sure they get mined quickly
that's the that's the constraint that
that we had in this
case um so this is the first this is um
the initial transaction is on block
85326 and um you can you can copy the
transaction ID if you want and we also
put on GitHub um a little bit of code
that you guys can in Clone and um use it
to verify that the proof that we have on
Main net is actually correct I want to
show you um the code for a
second because it's really very simple
um can you read this
yeah yeah so basically we you can you
can download the code and you can just
take the transaction payload from the
actual transaction on a on um block
Explorer copy that into this um
repository and then you can just the the
code as you see is is is coded as a J
Test you can use J to run it and uh it
uses
sjs to verify the proof um very simple
so that you can actually see that what
we put on mainnet is is
real um and this is the the final
transaction is on block
85326 6 2 six we have also attached an
Nal to that block just to make it more
fun and more interesting and um that
ordinal will later be used to spawn new
ones and if you want you can um you can
join our group and um get free ordinals
is always
fun
um okay so what what are the next steps
so this this was a very very nice and
interesting demonstration and and um but
in order to make it the real world
application we still have to do a few
things few for example we have to uh to
turn the two-party protocol into a
multi-party protocol to so that the
security is real world security and uh
we're going to build real world
applications with this technology um
some that come come to mind is uh
something that we called Grail which is
the first trustless or nearly trustless
bridge between Bitcoin and VMS and what
I mean by trustless is that unlike most
bridges today that rely on a
multi- uh bridge will not rely on a
multi6 so um it's um it enjoys the full
security that ZK proofs can
provide additional killer apps that we
can build on this technology are um ZK
rollups smart contracts um decentralized
exchanges stable coins all of these
great and wonderful things that exist in
the evm world and don't exist yet on
bitcoin and that's something that we we
think really should
change please please scan the QR code um
we are hiring coders if anybody is
interested in um helping us you can join
our telegram group and um if you're a
top notes coder we'll welcome you to to
our
team and um that's it time's up thank
you
good
浏览更多相关视频
Internet Computer is the ONLY 3rd Generation Blockchain | Dominic Williams
What is the Lightning Network? (Explained Simply)
What is Ethereum? A Beginner's Explanation in Plain English
Ethereum Explained! 🚀 (Ultimate Beginners’ Guide! 📚) How Ethereum Works 💻 & Why it's Undervalued 🤑
What is Bitcoin Cash? - A Beginner’s Guide
Stacks x Aptos
5.0 / 5 (0 votes)