Published in Coinmonks

·Pinned

Turing Machines on Bitcoin

Bitcoin Turing-Complete Proof — We have empirically demonstrated that any Turing machine can be simulated on Bitcoin and thus definitively proven it is Turing-complete¹. We have implemented a Turing machine that recognizes balanced parentheses and deployed it on the Bitcoin blockchain. Any other Turing machines can be simulated in the same way. Introduction to Turing Machine A Turing…

Bitcoin

4 min read

1 day ago

Bilinear Pairings on Bitcoin

Pairing-based cryptography is a variant of elliptic curve cryptography, which Bitcoin ECDSA signatures are based on. …

Scrypt

3 min read

May 8

Ring Signatures in Bitcoin

Run Monero on Bitcoin — We have implemented the first-ever Ring Signature in Bitcoin. Ring Signatures A ring signature is a type of digital signature that allows a message to be signed by a single member in a group, or a ring. …

Ring Signature

2 min read

Apr 22

Zero-Knowledge Puzzles

Upgrade Bitcoin’s Elliptic Curve Without a Fork and More This is the third instalment of our collaboration with nChain. We would like to give special thanks to Dr Enrique Larraia for authoring the whitepaper this article is based on and helping guide the implementation. A standard payment transaction can be…

Scrypt

5 min read

Apr 20

Delegation in Bitcoin: Part 3

Delegate to a Script — Previously, we have introduced two ways to delegate the right to spend one’s bitcoin: one at Script level, the other at transaction level. We generalize the former to delegate to any script/smart contract, instead of a public key only. It allows one to authorize arbitrary smart contract to spend one’s bitcoin. The full code is shown below: Line 9 checks the delegated script is signed and thus authorized by the owner. Line 12 and 13 ensure the delegated script goes into the spending transaction’s output as the new locking script using OP_PUSH_TX, similar to the emulation of Pay to Script Hash (P2SH).

Scrypt

1 min read

Delegation in Bitcoin: Part 3

Delegate to a Script

Previously, we have introduced two ways to delegate the right to spend one’s bitcoin: one at Script level, the other at transaction level.

We generalize the former to delegate to any script/smart contract, instead of a public key only. It allows one to authorize arbitrary smart contract to spend one’s bitcoin.

The full code is shown below:

Contract DelegateToScript

Line 9 checks the delegated script is signed and thus authorized by the owner. Line 12 and 13 ensure the delegated script goes into the spending transaction’s output as the new locking script using OP_PUSH_TX, similar to the emulation of Pay to Script Hash (P2SH).

Published in Coinmonks

·Apr 13

Emulate Any SIGHASH Flag Without a Fork

By Programming It in a Smart Contract — We develop a novel approach to emulate any SIGHASH flag, by simply coding the logic in a smart contract. It requires no protocol change and is thus much more practical and flexible than adding a hardcoded flag through a fork, every time a new use case is conceived. SIGHASH Flags A SIGHASH…

Scrypt

3 min read

Published in Coinmonks

·Apr 12

Graftroot on Bitcoin Today

No Fork Needed — We have demonstrated how to implement Taproot on the original Bitcoin using contractless contract. We show that its follow-up proposal, Graftroot, can be implemented in a similar fashion. Graftroot in BTC Similar to Taproot, there are two ways to spend fund locked in an aggregated public key P, created by multiple parties: Cooperative…

Scrypt

3 min read

Apr 9

Taproot on Bitcoin

Contractless Contract + MAST — We show how to implement Taproot using the original Bitcoin protocol without any changes, by combining contractless contract and Merklized Alternative Script Tree (MAST). Taproot in BTC Taproot is the biggest Bitcoin Core upgrade since 2017, supposed to improve its functionality. In Taproot, we tweak a public key P to get a new…

Scrypt

3 min read

Published in Coinmonks

·Apr 8

Contractless Contract

Hide Any Smart Contract in a Regular Payment Opportunistically — We invent a technique, called contractless contract, to faithfully execute any smart contract in a regular payment (P2PKH) transaction. It drastically improves the privacy and efficiency of arbitrary multiparty smart contract, when all parties cooperate. Contractless Contract We illustrate how contractless contract works between two parties. It can be extended to multiple…

Scrypt

4 min read

Apr 6

Zero-Overhead Private Timestamping in Bitcoin

By Reusing ECDSA Signatures — Bitcoin has many potential uses far beyond payments. Each block has a timestamp that is cryptographically secured. By recording data in a transaction and thus a block, it can be proven to any external auditor that the data has not been tampered with since a particular date. …

Scrypt

3 min read

Zero-Overhead Private Timestamping in Bitcoin

Turing Machines on Bitcoin

Bilinear Pairings on Bitcoin

Ring Signatures in Bitcoin

Zero-Knowledge Puzzles

Delegation in Bitcoin: Part 3

Delegation in Bitcoin: Part 3

Delegate to a Script

Emulate Any SIGHASH Flag Without a Fork

Graftroot on Bitcoin Today

Taproot on Bitcoin

Contractless Contract

Zero-Overhead Private Timestamping in Bitcoin

sCrypt