This is a shortened, less technical-oriented version of BitVMX’s site original published article

Introduction

BitVMX is a protocol that allows two parties to execute a program off-chain, ensuring its correctness can be challenged on-chain. This approach enables Bitcoin transactions where the outcome depends on the result of such computations.
Before locking funds, both parties agree on a program. Later, one party can prove they have valid input to claim the funds. BitVMX achieves this by using a virtual machine (VM) based on the RISC-V32IM architecture and special Bitcoin scripts to handle challenges.

Why Zero Knowledge Proofs?

The Challenge: High Costs
BitVMX requires secure communication between transactions, but Bitcoin Script lacks tools to check or reference data between transactions easily. Current methods, like one-time signatures, work but are inefficient, requiring excessively large scripts (multiplying the size with a 200 factor).

The Solution: ZKPs
Zero-knowledge proofs (ZKPs) let one party prove they have the correct input without revealing it. Some ZKP algorithms, like Groth16, produce compact proofs (about 300 bytes). This drastically reduces script size (to around 60 KB), cutting costs while maintaining security.
We’ve successfully demonstrated a proof of concept, marking one of the first uses of ZKPs verified on the Bitcoin mainnet.

Flexible ZKP Algorithms

BitVMX uses a general-purpose CPU that can adapt to different ZKP algorithms. If needed, new algorithms can be easily integrated by compiling updated verification functions in languages like C or Rust.

How It Works

RISC-Zero
RISC-Zero simplifies creating ZKPs by enabling the prover to show correct execution of code without revealing the inputs or intermediate states. It uses a specialized virtual machine (zkVM) that runs code in multiple languages like Rust, C, or C++.

Citrea PoC
The Citrea team developed tools to verify a RISC-Zero program using Groth16 proofs. Although their project became outdated, we adapted their verifier for our initial testing, bringing us closer to a fully functional solution.

The ZKP Process

1. Setup: Both parties agree on a program and secure it with a cryptographic signature.
2. Proving: The prover runs the program privately, generating a proof.
3. Verification: The verifier checks the proof to confirm the program was executed correctly without learning the input.

Summary

BitVMX, combined with ZKPs, enables secure and efficient off-chain computation verification for Bitcoin transactions. Using RISC-Zero further enhances flexibility and performance.

Explore our open-source tools and examples of how this dispute resolution protocol works on Bitcoin’s mainnet.