Without Trusting a Third Party using Bit Commitment

Image for post
Image for post
Toss a Bitcoin

Alice and Bob decide to flip a coin, but they have no physical coin or they want to do it over the Internet. They can achieve fair coin tossing by following protocol on Bitcoin.

  1. Alice and Bob each locks X bitcoins in a smart contract shown below.
  2. They both reveal their secret number, which are XOR’d to determine if the coins lands on head or tail. Alice wins if it is head, otherwise Bob wins. Whoever wins takes all 2X bitcoins.
Coin Toss Contract

Additional measures have to be taken in case one party decides to abort when he/she finds out he/she loses, by refusing to reveal their secret number.

sCrypt IDE v0.5.5 allows a user to deploy a stateful contract and repeatedly call its methods in a GUI, extending our previous feature. We use an example contract AdvancedCounter to illustrate the workflow.


AdvancedCounter contains a counter, which is increased by one every time increment() is called. We initialize it to be 0 and locks 10000 satoshis into the contract. After hitting Deploy, it should be deployed.

Image for post
Image for post

Multiple Calls

In the Call panel, there is an additional section Outputs (Optional) and Transaction Settings, besides section Public Function Arguments introduced last time. It allows customizing outputs, which is necessary in many stateful contracts…

We implement a smart contract to outsource solving Sudoku puzzles on Bitcoin, utilizing the paradigm we published earlier. The general problem of solving Sudoku puzzles is computationally intensive as grid size increases. In fact, it is known to be NP-complete, same as the Travelling Salesman Problem we introduced previously. The advantage of solving it on Bitcoin is that we only have to verify if the proposed solution is valid, which can be done efficiently. The intense computation of solving the puzzle is done off chain.

Image for post
Image for post
A Typical Sudoku Puzzle
Sudoku Contract

Cambrian Explosion of Bitcoin Smart Contracts post Genesis

We have made great strides in igniting the smart contract revolution on Bitcoin, despite many unforeseeable challenges of 2020.

We started from virtually nothing when the year started and have witnessed the explosive growth of smart contracts in Bitcoin using sCrypt, after the Genesis upgrade. To our greatest pleasure, our users have independently created the most innovative and sophisticated contracts, even we at sCrypt could not have imagined. Recently, we have seen companies start hiring sCrypt engineers, such as Volt and TokenSwap. …

sCrypt IDE v0.5.0 allows users to deploy a contract to testnet and interact with it without writing a single line of code.

We need a private key of testnet to fund the deployment and calling transactions. To do so, open sCrypt settings in VSCode and input your private key.

Image for post
Image for post
sCrypt Settings


  1. Before we deploy a contract, we need to compile it. Right click on it and select Compile to Bitcoin Script.
  2. Now click the sCrypt logo in the Activity Bar on the left, you should see your contract listed. …

How Santa uses Bitcoin to optimize his Christmas Eve trip

We present a novel paradigm to outsource intensive computation using Bitcoin smart contracts. It is amenable to solving a large set of computationally intensive problems. We apply it to the Travelling Salesman Problem as an example.

Travelling Santa/Salesman Problem

On Christmas Eve, Santa Claus needs to traverse every family to deliver presents to the children. He wants to find the shortest route to make the round-trip of all chimneys before preparing his sledge. Impressed by Bitcoin’s superior smart contracting capability, he decides to leverage it to tackle this challenge, which is computationally intensive since the number of chimneys is large¹.

Image for post
Image for post
TSP through US cities

He deploys the…

Launch Debugger Directly From Failed Tests

sCrypt IDE v0.4.13 lets you launch a debugger that stops right at where sCrypt test fails. This will help developers to locate contract bugs tremendously.

Previously, when a test fails using the sCrypt testing framework, error message only shows where it fails in JavaScript/TypeScript code. If a user has to find out where it fails inside the sCrypt code, he has to print out debug arguments, copy and paste them into launch.json, which is a laborious and error-prone process.

Image for post
Image for post
Launch Debugger Right From a Failed sCrypt Test

In the latest IDE, when a test fails, there are two additional lines in the error message.

  • Go to Source: it…

Previously, we introduced the source-level debugger in our IDE, which enables debugging at sCrypt code level. Today, we are thrilled to introduce its advanced version, which allows debugging at Script level. This would be immensely helpful for users who desire to cope directly with raw Script, e.g., for customized optimization.

Image for post
Image for post
Script Debugger

More specifically, the Script-level debugger enables you to:

  • Map between sCrypt and its Script output in realtime
  • Set breakpoint and step in Script
  • View the main and alternative stack

This is a premium feature and requires a license. To purchase a license, just send us a baemail at scrypt@moneybutton.com. For more information, please visit our IDE homepage.

Conway’s Game of Life is a fascinating zero-player game on a grid, whose evolution is determined by its initial state. Each generation is a pure function of the preceding one.

Image for post
Image for post
Game Of Life

We implement the game on Bitcoin SV. Each generation evolves to a new generation when triggered by a bitcoin transaction. The game lives completely on chain. As long as there are transactions interacting with it, it lives on chain forever.


  1. Any live cell with fewer than two live neighbours dies, as if by needs caused by underpopulation.
  2. Any live cell with more than three live neighbours dies, as if by…

Recently, an attacker exploited a nuanced flaw in ElectrumSV’s newly debuted Accumulator MultiSig feature and stole large amount of bitcoins. We analyze the attack and make a few suggestions on how to mitigate such attacks in the future.


Accumulator MultiSig is introduced by nChain in 2019, as an alternative of multisig based on P2SH, which has been removed from Bitcoin since Genesis. It achieves the same security and privacy features of multisig without P2SH.

In ElectrumSV’s implementation of Accumulator MultiSig, the last opcode OP_GREATERTHANOREQUAL was used where OP_LESSTHANOREQUAL should be, probably due to negligence about the ordering of operands on…


sCrypt Inc is a company with mission to providing integrated on-chain smart contracting solutions on Bitcoin SV. https://scrypt.io

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store