Hey, any Bitcoiner in Prague tomorrow? I won’t be there but have few colleagues from StarkWare who will be there and would love to meet more Bitcoiners. If you wanna hang out with them and chat about Bitcoin in general and / or zero knowledge proofs let me know.

Posting here for more visibility on Nostr. CTV + CSFS: a letter to the technical bitcoin community from 43 engineers Full text at ctv-csfs.com Let’s accelerate and improve Bitcoin as money and as a tool that people can use to take back their sovereignty. CTV and CSFS can improve significantly Lightning network and have many other benefits. Study them, discuss them, share your opinions, debate. Hyperbitcoinization intensifies.

Feeling cute, might find hash collisions later. We can do covenants today, we are just negotiating the price now.

ColliderVM

ColliderVM - Stateful Computation on Bitcoin

A new approach to complex smart contracts on Bitcoin without fraud proofs, eliminating capital inefficiency while maintaining security through pres...

#Bitcoin #Covenant

Stateful computation on Bitcoin mainnet without Fraud Proofs has been achieved internally with ColliderVM . It's a toy implementation to demonstrate the concepts. We can already do covenants on Bitcoin, now we are simply negotiating the price 😘 What are the interesting properties that ColliderVM could bring on the table: - Capital efficient: no fraud proof windows - 1-of-n security model for safety and liveness - No protocol upgrades / soft fork required - Immediate settlement without challenges The problem: Bitcoin's scripting language is intentionally limited, making stateful computation challenging. In particular: - No native statefulness: Bitcoin Script lacks loops, has size restrictions, and can't persist data across transactions - Capital inefficiency: Existing solutions like BitVM2 require operators to lock capital during fraud proof windows - Trust assumptions: Current approaches often require trusted setups or weaker security models In short, what you need to achieve stateful computation on Bitcoin is really those 2 properties: - Logic persistence (the code of the program / computation must remain consistent across transactions) - Data persistence (otherwise you are vulnerable to the inconsistent input problem) ColliderVM is an attempt to overcome those challenges in a different manner than BitVM. But before going deeper, let's be clear on the current status of ColliderVM: ColliderVM is currently a research project and should not be used in production environments. The protocol is in active development and exploration phase. While the theoretical foundations are promising, it remains unclear whether ColliderVM will prove practical for meaningful real-world use cases. Significant research and development work is still required to determine its viability. Ok, now that this important disclaimer is done, let's explore more the context of this demo on mainnet. In short, ColliderVM combines presigned transactions with hash collision puzzles to enable stateful computation without fraud proofs. - Presigned flows: Create 2^L parallel transaction flows during offline setup phase, each corresponding to a unique flow identifier. - Hash Collision Puzzle: Operators find nonce r such that H(x,r)|_B matches a flow ID, ensuring input consistency across transactions. - Immediate Settlement: No fraud proof windows or capital lock-up. So, what did we do for this Mainnet demo ? Real Bitcoin transactions demonstrating a ColliderVM's two-step range check computation: verifying that 100 < x < 200 across separate onchain transactions. The range check computation was split in 2 functions (F1: x > 100, F2: x < 200). The onchain hash function used is blake3 (BitVM implementation). Here is the transaction flow of the demo: - Funding transaction: Initial funding transaction that provides the UTXO for the ColliderVM computation sequence.(

The Mempool Open Source Project®

Explore the full Bitcoin ecosystem with The Mempool Open Source Project®. See the real-time status of your transactions, get network info, and more.

) - F1 transaction: validates that the input value (114) is greater than the lower bound (100) (

The Mempool Open Source Project®

Explore the full Bitcoin ecosystem with The Mempool Open Source Project®. See the real-time status of your transactions, get network info, and more.

) - F2 transaction: validates that the input value (114) is less than the upper bound (200). Larger due to hash collision verification. (

The Mempool Open Source Project®

Explore the full Bitcoin ecosystem with The Mempool Open Source Project®. See the real-time status of your transactions, get network info, and more.

) - Spending transaction: Final transaction that releases the funds after successful verification of the range check computation. (

The Mempool Open Source Project®

Explore the full Bitcoin ecosystem with The Mempool Open Source Project®. See the real-time status of your transactions, get network info, and more.

) ColliderVM parameters used for the demo (very low security): - L: 4 bits, set size of 16 possible flows - B: 16 bits, hash prefix length for collision puzzle - Security gap: 6 bits (B - L/2 = 16 - 2 = 14 vs honest 12 bits) Total transaction fees: 172,126 sats (~$179 at demo time). ~136 kB of total onchain data. ColliderVM toy code:

GitHub

GitHub - ColliderVM/collidervm_toy: ColliderVM: Stateful Computation on Bitcoin without Fraud Proofs

ColliderVM: Stateful Computation on Bitcoin without Fraud Proofs - ColliderVM/collidervm_toy

ColliderVM paper: https://eprint.iacr.org/2025/591