CoinDeskCoinDesk

Shinobi: How Covenants Help Scale Bitcoin

Bitcoin was designed to be an alternative to the traditional financial and monetary systems that anyone in the world with an internet connection could access. For it to more fully accomplish this — especially as fees on the base layer price many users out — Bitcoin needs an update, many advocates say. And, according to Bitcoin Magazine’s technical editor, the most material update to help scale Bitcoin is the implementation of something called “covenants.”

This interview is part of CoinDesk’s “Future of Bitcoin” package published to coincide with the fourth Bitcoin “halving” in April 2024. Frank Corva is the business-to-business correspondent at Bitcoin Magazine, a contributor at Forbes Digital Assets and host of the new renaissance capital podcast.

Covenants come in various forms and some can be utilized as a tool to more safely and securely share UTXOs between multiple users. They enable more Bitcoin users to have ownership of their bitcoin on the base chain and facilitate greater functionality on Bitcoin Layer 2s. Effectively, covenants commit to specific restrictions on how future UTXOs can be spent, similar to pre-signed transactions, except enforced by consensus.

In my interview with Shinobi, a self-taught savant who writes under that pseudonym, he explains what covenants are, why trying to scale Bitcoin in its current form is difficult and one particular risk involved with implementing covenants.

Interview has been condensed and lightly edited for clarity.

You mentioned in your interview on Peter McCormack’s What Bitcoin Did that people have strong views on Bitcoin, but they don’t always have the technical knowledge to justify those views. What’s the biggest misperception about Bitcoin most have?

A failure to understand what a second layer is and how [it] works. Because of the success of [the] Lightning [Network], people have this notion that [they] can just utter the phrase “Layer 2” and that magically means anything is possible. It completely misses the reality that a second layer has to interface with the base layer, and there's only so many ways that you can do that with how Bitcoin works right now.

The only real way to accomplish very complicated things that are not supported on the base layer is to give your coins to a group of other people and just trust [those people with] whatever arbitrary things you do on [a] Layer 2.

I think there's a complete failure to understand the reality of that. For a Layer 2 to do complicated things, it's either we need to add more features to the base layer to [facilitate] a trustless way to anchor [the Layer 2 to the base layer] or you have to trust custodians.

Regarding Bitcoin Layer 2s, A lot of people just make this argument that we’ll just add Layer 2s or Layer 3s and that will scale the network. But you’ve said that it isn’t so simple. Why is that?

All of the [Layer 2s] have to interact with the base layer. You can't use Lightning without opening a channel on the base layer, which requires an on-chain transaction. While Lightning does help massively in terms of scaling how many transactions individual people can [make], there's still that limit that you need to make an on-chain transaction to get onto that layer.

The problem is the base layer doesn't scale. Lightning compressed transactions. [It didn’t create a] fundamental change in how many people or users can make use of the network. Lightning [just allows for] way more transactions [to] be processed because you compress them and keep most of them off-chain.

We need to come up with ways to compress ownership, not just the ability to transact, so that multiple people can have a claim to a UTXO. [This way] they never actually have to confirm on-chain the way that a Lightning channel does when it opens.

Could you give a layperson explanation of how they work?

There are numerous covenant proposals that do very different things. The simplest way to categorize all of them would be if the script or address to the bitcoins you own tells you “These are the restrictions that must be met before you can spend this.”

For example, you must provide a signature, meet the criteria for a time lock before you are allowed to spend it. A covenant is a lock that not only has those initial conditions, but can carry them forward in the future. Let me put it another way. [I’ll highlight] two broad proposals: CTV (an acronym for opcode CheckTemplateVerify) and TapleafUpdateVerify.

CTV just lets you commit to a hash of a future transaction. Then, when that UTXO is created, locking to that CTV hash, it's the same thing as a pre-signed transaction. When you go to spend that coin, it will check the transaction spending it and make sure that it has the same hash as that CTV lock. Only the transaction with that exact hash is allowed to spend it. That way, you could take like a single UTXO and commit that to creating dozens of other UTXOs, and those can all be Lightning channels. A single UTXO could open Lightning channels for 50 people, even though there's only one transaction and one output confirmed on-chain.

TapleafUpdateVerify is tailored around efficient exiting from a shared UTXO. [Going back to] that example with CTV, for people to actually claim their coins on-chain so that they can spend them wherever they want, a whole set of multiple transactions have to be done one after the other on-chain before somebody can get their UTXO confirmed and then freely spend it.

TapleafUpdateVerify would let you safely leave a shared UTXO in a single transaction without being able to take more money than they are entitled to. [It] forces the money to be spent in [a] way that a person gets their money out in one transaction but all of the change goes back into another UTXO that’s a multisig of everybody who was involved, minus the person who just left.

That's super interesting. What are the risks or trade-offs involved with this?

I genuinely do not think that there are any downsides or risks with CTV. This is why I'm such a big proponent of it. It improves the trust model. Nobody will be capable of double spend[ing].

Something like TLUV (the acronym for TapleafUpdateVerify) [has] potential risk. It has the potential to enable versions of something like a drivechain, depending on how it’s implemented and how it composes with other features of Bitcoin.

It guarantees that the change from something pulling out of it goes right back into a complicated contract that has all the different spending conditions, and it will lock the change back into it. So, there is potential to do a two-way peg for things like sidechains. That’s a detrimental thing in the long term.

You’re saying that this could bring drivechains to life without the Bitcoin Improvement Protocols (BIP) for drivechains — BIP 300 and BIP 301 — being activated?

Yeah.

Interesting. It's easy to get disillusioned with Bitcoin these days with so many people in the Bitcoin space bickering about how they think Bitcoin should scale. What keeps you motivated despite the negativity?

There is a good amount of people in this space who are finally getting vocal about being sick of dogmatic narratives or just overly simplistic ways of viewing things. Overall, it’s going to be a very healthy thing for large amounts of people from all the different camps in this space to just get sick of having discussions or arguments based on “Which camp are you from? Oh, that means you're good or bad,” and focus more on substantial conversations about serious issues. It's going be messy as hell going through this, but on the other side, I see potential for a lot more productivity and maturity.


CoinDesk 의 더 많은 뉴스

뉴스 더보기