Equilibrium Infra Bulletin #11: Programmability on Bitcoin, Deep Dive of Aleo & Programmable Privacy, and State Compression on Solana
Equilibrium Labs builds the state-of-the-art in decentralised infrastructure. We are a global team of ~30 people who tackle challenges around security, privacy and scaling.
This newsletter allows us to share more about what we read, what excites us and what we think is relevant to the space. In addition, you will get a glimpse into the organization and our culture. We are now also on Telegram.
Research, Articles and Industry News:
📚 BitVM: Compute anything on Bitcoin (whitepaper) - Recommended by Olli:
BitVM is a proposal developed by Robin Linus from ZeroSync, which aims to bring Turing-complete programmability and off-chain computation to Bitcoin without requiring any changes to the Bitcoin core protocol or consensus.
On a high level, the idea behind BitVM is similar to Optimistic rollups in that it’s based on fraud proofs and a challenge-response protocol. Rather than executing computations on Bitcoin, they are merely verified on-chain. The protocol is mostly based on hashlocks, timelocks, and large Taproot trees, and works the following way:
The prover commits to the program bit by bit.
The verifier performs a sequence of challenges to disprove a false claim of the prover. This part is an interactive game for finding the single instruction that doesn’t match.
If (or when) a false claim is found - the verifier creates a proof of that and publishes it as a challenge on Bitcoin.
The prover and verifier jointly pre-sign a sequence of challenge-and-response transactions, which they can later use to resolve any dispute. If the prover makes any incorrect claim, the verifier can take their deposit.
What about limitations? Firstly, executing programs requires significant off-chain computation and communication between the prover and the verifier. BitVM is a prototype designed to illustrate that this approach allows for universal computation on Bitcoin, more efficient models should be considered for practical applications. Secondly, the security model is 1-out-of-1 (rather than 1-out-of-N as in optimistic rollups). This means it only works with two parties (prover and verifier).
Key Takeaway: While BitVM aims to introduce general-purpose programmability to the Bitcoin network, it’s still in a research phase and we are yet to see a practical implementation. In addition, most computations except the most basic ones would likely be too costly and inefficient. Despite the downsides, this serves as a step in the right direction and signals that there is innovation within Bitcoin as well.
📚 Overview of Privacy Blockchains & Deep Dive Of Aleo - Equilibrium Labs content:
Our first long-form report, which covers the rise of “programmable privacy” and gives an overview of privacy in blockchains, before diving deeper into Aleo - a pioneer of the space.
Most blockchains today are transparent, which reveals sensitive information about users (account balance, transaction history, etc.) and acts as a friction for wider adoption (for example, companies require privacy for regulatory, competitive, and customer protection reasons). Existing privacy blockchains are largely for a specific use case and often only a single asset, hence limited in both programmability and the size of the shielded set. However, there are several protocols working on more general-purpose privacy solutions (“programmable privacy”), including Aleo, Aztec, Mina, and Polygon Miden to name a few.
One important thing to note is that privacy in blockchains is not a binary, but rather a series of tradeoffs along three dimensions:
What is Private - Four major categories: Inputs (messages), outputs (state changes), and private counterparties (Users and function/program privacy)
Programmability - What the privacy can be used for: A spectrum that goes from app-specific blockchains for a single asset, to full general-purpose programmability.
Strength of Privacy Guarantees - Captures how reliable the privacy is and how easily you can extract information from the shielded set: Part technical (STARK vs SNARK) and part design choices (size of the shielded set, privacy by default or opt-in, etc).
Aleo is a new layer-1 blockchain that aims to combine general-purpose programmability with privacy by default. This would enable developers to create a variety of applications for multiple different assets - all on the same ledger. The core idea behind Aleo is ZEXE or zero-knowledge execution, which was introduced in a research paper in 2018 (some of the authors co-founded Aleo).
The post goes into great detail on the protocol - including the key components for achieving privacy, why Aleo decided to build a new L1, and an example of playing Battleship on Aleo to make things a bit more concrete.
Key Takeaway: Privacy in blockchains is not binary, but instead a series of tradeoffs and design choices. New protocols within the “programmable privacy” space aim to improve on all three axes, but mainly programmability - expanding what privacy can be used for and making it easier for developers to integrate privacy into their applications. Aleo is one of the pioneers in this space and plans to launch on mainnet later this year.
📚 All You Need to Know About Compression on Solana - Recommended by Hannes:
State compression is a novel primitive that takes advantage of concurrent Merkle trees and Solana’s ledger to cut down storage costs dramatically while inheriting the security and decentralization of Solana’s base layer. It’s a cost-effective solution for applications built on top of Solana, as developers can now use ledger storage space instead of pricier account-based storage.
NFT compression (a subset of general state compression) stores the metadata on the ledger instead of storing each NFT in a typical Solana account. This allows for reduced storage costs, enabling minting a million NFTs on Solana for less than $150 and opening the door to a whole range of new use cases. It also makes NFTs significantly more attractive for companies due to the low minting cost.
There are three main parameters that are relevant to compressed NFTs, offering a tradeoff between cost and composability:
Depth (capacity) - Defines how many NFTs can be stored in the tree, which can be anywhere from eight to a billion (2^30).
Buffer size (concurrency) - The maximum number of changes that can be made to a tree with the Merkle root still being valid. Enables multiple updates within a single slot (without updating the Merkle root each time) by storing a secure changelog of the most recent changes, their root hash, and the proof to derive it, on-chain in an account specific to each tree.
Canopy depth (composability) - Refers to the number of proof nodes (needed when updating a leaf) that are stored on-chain, which means fewer proof nodes need to be included in each update transaction. This keeps the transaction size below any limits and enables integrating compressed NFTs into more applications.
Key Takeaway: Compressed NFTs offer a way to significantly reduce the cost of minting NFTs on Solana, which enables new use cases and makes it more attractive for companies to integrate NFTs into their offering. Compressed NFTs achieve cost savings mainly by leveraging concurrent Merkle trees and storing the metadata on the ledger, instead of storing each NFT in a typical Solana account.
Personal recommendations from our team:
📚Reading: Breath: The New Science of a Lost Art: There is nothing more essential to our health and well-being than breathing. Yet, as a species, humans have lost the ability to breathe correctly, with grave consequences. Journalist James Nestor travels the world to figure out what went wrong and how to fix it.
🎧Listening: Svaneborg Kardyb - Over Tage (Official Album Video): A full album by the Danish electronic jazz duo Nikolaj Svaneborg and Jonas Kardyb, whose music draws on Danish folk music and Scandinavian jazz influences.
💡Other: Danish AI Trained on Data From a Web Forum About Horses: Turns out 22% of most Danish AI-word-prediction (e.g. ChatGPT) is harvested from "the horse web" - a Danish forum originally created for horse breeders and other horse enthusiasts. So if you want horse advice - try asking the AI in Danish.