Smart contracts on Bitcoin
Contracts secured by cryptography
The term smart contract was originally introduced by Nick Szabo in his 1996 article for the magazine Extropy #16, where he defined them as “computerized transaction protocols that execute terms of a contract”.
A contract is the basic building block of a free market economy, that governs mutual rights and obligations among its parties. As technology advances, many formalized relationships can be automated with new types of contracts based on public blockchains. These new types of contracts, strongly embedded in computer code, are way more functional than their paper-based ancestors, so we call them smart contracts.
Advanced cryptography, standing at a foundation of a blockchain, allows for radically enhanced security on public networks. At the current state of technology, we can secure contracts through computer science, rather than through the expensive labor of accountants, police, and lawyers.
Currently, Ethereum is for many people almost a synonym for smart contracts. But, since Ethereum got broken after the Merge, let’s take a closer look at the possibilities to create smart contracts embedded in the most decentralized and secure blockchain, namely Bitcoin.
Bitcoin is much more than a money transfer system or store-of-value, and as a system still has features that are partly dormant, that are not widely used today:
“The design support a tremendous variety of possible transaction types that I designed years ago. Escrow transactions, bonded contracts, third part arbitration, multi-part signature, etc.
If Bitcoin catches on in a big way, these are things we’ll want to explore in the future, but they all had to be designed at the beginning to make sure they would be possible later.”
Digital cash is one form of smart contract that Bitcoin is especially known for, but smart contracts could also be a backbone for decentralized applications, so let’s take a deep dive and investigate what could be the best way to develop decentralized apps on the most decentralized blockchain.
In designing Bitcoin Satoshi made a trade-off by not implementing touring-completeness in favor of the reliability and security of the network. Considering his deep understanding of the economy, cryptography, and software engineering, it seems very unlikely that the reason for omitting touring completeness was a lack of skill, although it is not totally unlikely. Either way, he has provided building blocks that enable the creation of other levels of abstraction based on the Bitcoin Scripting Language (also known as Bitcoin Script).
Bitcoin Script is a very low-level programming language that allows performing operations directly on the Bitcoin blockchain. To be more precise Script is a Forth-like, stack-based, reverse polish, Turing incomplete programming language. Let’s briefly talk through what it actually means.
Script resembles Forth, a programming language introduced in 1970. Forth is used in the Open Firmware Bootloader, space applications (such as the Philae spacecraft), and a variety of other embedded systems that involve interactions with hardware.
Bitcoin Script uses a linear data structure represented by a stack. Items at the top of the stack can be added or removed in a “Last In, First Out (LIFO)” queue.
Reverse Polish Notation
Also known as reverse Łukasiewicz notation, RPN is a mathematical notation in which operators follow their operands. For example, adding 5 and 6 in Script must be written as “5 6 +” rather than “5 + 6”.
A programming language is Turing complete if it can be used to simulate a Turing-complete system, which by extension could be a real-world computer. From this standpoint Touring incompleteness for Bitcoin means an inability to create a virtual machine on the base blockchain layer.
In a bit more detail, Turing incompleteness also means an inability to create infinite loops. This has both advantages and disadvantages. An advantage of using a Turing incomplete language is prevention from running malformed scripts, regardless of whether they are intentionally malicious or unintentional errors. Essentially, Script is able to prevent the program halting problem, and the same Alan Turing proved that a general algorithm to solve the halting problem for all possible program-input pairs cannot exist in a Touring complete system.
Bitcoin Script works like a filter that doesn’t let through a code that could introduce errors to the blockchain, consume the whole available computing power, or even crash the blockchain.
Let’s be honest, no one wants to write in old-school Script, having a wide range of modern programming languages. A solution to this called Miniscript was designed and implemented by Pieter Wuille, Andrew Poelstra, and Sanket Kanjalkar at Blockstream Research. It was Pieter Wuille, who presented the higher-level language in August 2019:
“It's a language for writing (a subset of) Bitcoin Scripts in a structured way, enabling analysis, composition, generic signing and more.”
Miniscript has two implementations: one in C++, and what is even more interesting, one in Rust. The reason Rust is so interesting is that this new (introduced in 2010) programming language emphasizes performance, as well as type and memory safety. Optimization for performance and safety makes Rust fit nicely into blockchain engineering.
Miniscript was created as a stand-alone library. Now it's getting more traction with the latest Bitcoin Core update v24.0, which has Miniscript partially embedded. It shows how Web3 is evolving in a chain of improvements.
Not only Bitcoin is a smart contract platform by design from the very beginning, but with another improvement called Taproot upgrade, released on November 14, 2021, the on-chain smart contracts became indistinguishable from regular transactions, providing more privacy.
Discreet Log Contracts
An interesting Taproot use is the Discreet Log Contract. DLC is already a working piece of the Bitcoin blockchain, although it’s worth mentioning that discreet logs are at the early stage of development. Basically, they require 2-of-2 contract signatures and an external oracle, that can provide real-world data when it's necessary for contract execution. For example, an oracle can provide a result of a sports event or a temperature on some specific date.
Discreet Log Contracts along with Taproot significantly improve the privity of transactions registered on the public blockchain, and they elegantly suit:
- financial yield and hedge contracts,
- trustless futures and options contracts.
DLCs stand in line with smart contracts that Nick Szabo envisioned as building blocks for digital markets.
One of the challenges for widespread adoption is efficient market members' discoverability on the Bitcoin block chain and this is what Jack Dorsey (who created Twitter) is currently focused on through his Block, Inc.
Nowadays, decentralized finance is mostly associated with Ethereum. On the other hand, Bitcoin is the most decentralized blockchain and its primary application is a secure financial network, which proves its stability working non-stop since 2009. Decentralized finance on Ethereum is a proof-of-concept for what already is happening on Bitcoin with smart contracts for financial markets. DLC smart contracts on Bitcoin don't require Touring-completeness and allow to maintain high security with 100% up-time. If it can be built on Bitcoin, it will.