Video

Here's a ChatGPT summary: - The opcat proposal was initially limited to 520 bytes. - Rusty Russell questioned the 520-byte limit, suggesting it was too restrictive. - Historical context: Satoshi Nakamoto made an emergency release (version 0.3.2) that removed many opcodes and limited integers to 4 bytes. - The removal of opcodes was due to network stability concerns and the use of the big num library in OpenSSL. - Russell explored the idea of reintroducing opcodes with proper limits on size and performance. - He proposed a model similar to the sigops budget, called "varops," which allocates a budget based on transaction weight. - The varops budget would prevent denial-of-service attacks by limiting the computational cost of scripts. - Russell benchmarked various machines, including Raspberry Pi models and Intel/AMD machines, to determine the performance impact of different opcodes. - He found that some operations, like op-equal and op-equal verify, were disproportionately expensive due to cache effects. - Russell proposed a cache model for benchmarking but found it didn't map well to performance. - He categorized operations into fast and slow, with fast operations costing 1 per byte and slow operations costing 2. - He suggested eliminating signed integers to simplify the system and avoid issues with current opcodes. - Russell's benchmarks showed that most scripts would not hit the varops limit, making the system robust. - He proposed a total stack limit of 8 megabytes and a per-element limit of 4 megabytes. - The varops budget would be per transaction, not per witness weight, to accommodate future introspection capabilities. - Russell emphasized the importance of having a general-purpose scripting language to enable innovative use cases. - He acknowledged the complexity of implementing these changes but believed it was necessary for Bitcoin's evolution. - Main message: Rusty Russell advocates for the reintroduction of opcodes with proper limits and a varops budget to enhance Bitcoin's scripting capabilities while ensuring network stability.

Thank you, Brink!

I had to review my understanding of Bitcoin Script, at 7:45, I see you modified the code from the original BitVM paper (where you used an OP_IF/OP_ELSE/OP_ENDIF construction) and ended up saving 2 bytes! Very clever use of DUP and ROT. In the paper, you had to put the preimage and a 0 or 1 on the stack to choose which branch of the conditional you wanted to take. Now you can just put the preimage on the stack and the code will compute if it's 0, 1, or neither. I was surprised that you can only boolean or in bitcoin, you can't bitwise or, in my opinion Satoshi overreacted when the OP_CAT bug was discovered. I guess it could have been worse, at least he left the boolean logical operators.

00:01 Discussing BitVM, bridging BTC into other systems 02:37 BitVM introduces stateful Bitcoin scripts using signatures and multi-signatures 07:54 BitVM is a paradigm that aims to keep things off-chain and operates in a two-party setting. 10:26 BitVM uses optimistic computation to minimize on-chain execution 15:40 BitVM allows implementing complex stuff like Blake 3 18:00 Building a generic virtual machine to simplify application development. 22:35 BitVM limits the trace size to four billion steps. 24:48 Memory tracing and binary search in BitVM 29:50 BitVM instruction verification process 32:03 Explaining the program structure and purpose. 36:43 BitVM ensures secure and trusted bridging of assets 39:05 BitVM introduces an interesting optimization with the blue output pre-signing the entire transaction. 43:26 Operator's role in publishing valid pack outs 45:47 BitVM has complexity and requires capital cost considerations 50:25 BitVM is reaching a sophisticated level of implementation 53:00 Using 100,000 OB codes to implement Blake three on chain 57:51 BitVM evolved quickly due to different goals than previous prototypes. 1:00:04 Developers will use a higher-level language like Rust or C++ and compile it to the BitVM instruction set. Crafted by Merlin AI.

Could it happen that the inspector, risking only a small amount of money, deceivingly says that a mistake has been made, after which a trial will begin, and the one who is being checked will have an expensive business and that means he will suffer losses due to the stoppage of business, even if he didn't deceive anyone? Or will an unscrupulous inspector still not be able to harm the business in this way? I ask these questions primarily so that you think about possible vulnerabilities, and a very short answer will be enough for me, if this is not difficult for you.

Names for the project: Robnus or Roblin or Nobirus or Robinus or Robius.

Thank you!