Earlier this year, Weikeng Chen and his partners at venture capital firm L2 Iterative decided to shift their attention to the vibrant Bitcoin ecosystem. Chen, a native of China, had noticed the growing interest in Bitcoin development from several major players in the mining space who had started supporting various projects in the Ordinals and layer 2 space.
“I never realized that Bitcoin has a development community,” he says, half-jokingly.
Fast forward to last week, an open-source initiative led by himself, with sponsorship from infrastructure company Starkwarehas the first implementation of a zero-knowledge verifier using a Bitcoin script.
In an industry where significant breakthroughs are rare, those involved in the effort are waxing lyrical about the significance of the milestone. Zero-knowledge proofs, they argue, are the key to unlocking Bitcoin’s programmability and scaling its adoption globally.
Behind this achievement lies the remarkable journey of an outsider who picked up Bitcoin development just six months ago and has now coded perhaps the most advanced piece of software yet. I interviewed Weikeng Chen to delve deeper into his motivations, his collaboration with Starkware on OP_CAT and STARKs, and his perspectives on this new era of Bitcoin development.
Start at the beginning
Chen, a PhD graduate from UC Berkeley with a specialization in cryptography, explained that he began looking for an opportunity to apply his technical skills to the industry to better position his company with potential investors and corporations. Despite his extensive technical experience, he quickly realized that resources were scarce and the learning curve was steep. “A lot of the material out there is outdated and doesn’t reflect the current state of development.” His affinity for zero-knowledge technology eventually led him to research to focus on Bitcoin’s ability to perform the computations necessary to verify zero-knowledge proofs.
As one rabbit hole led to another, Robin Linus‘ work on the new computing paradigm of BitVM on his radar. Interested in the possibility of using fraud proofs to implement zero-knowledge systems compatible with Bitcoin, he started poking around in the whitepaper and noticed some problems with some of the concepts included in the system. “I messaged Robin with a few questions about BitVM. My understanding of BitVM from that whitepaper was indeed completely wrong. I remember Robin’s first reaction was to ask me who told me this,” he recalls with a laugh. This interaction led to a short but productive collaboration between Chen, Linus, and other researchers as they iterated on the initial idea and looked for ways to optimize it.
“It was clear to me that this method could be used to verify zero-knowledge proofs, so my work quickly moved toward implementing a SNARK verifier.”
A verifier is a cryptographic tool that allows zero-knowledge proofs to be verified on the Bitcoin network.
The OP_CAT opportunity
Around the same time, a team at zero-knowledge industry giant Starkware was paying close attention to the burgeoning activity emerging from the Bitcoin community. For some, it was a long time coming. Starkware founder Eli Ben-Sasson was reportedly the first person to discuss zero-knowledge technology in the context of cryptocurrencies at an early Bitcoin conference. Nearly a decade later, Starkware’s research and ZK-STARK technology form the basis of a growing number of applications in the space.
“When I proposed using proofs of validity to scale Bitcoin in 2013, I hoped that Satoshi would still be around and make it happen faster. Thanks to cryptography visionaries like Weikeng Chen and Bitcoin OP_CAT researchers like Andrew Poelstra and Ethan Heilman, my 11-year-old dream now seems within reach,” Ben-Sasson said.
Last month the company announced they began deploying numerous initiatives aimed at bridging the technological gap between Bitcoin and zero-knowledge proofs. A $1,000,000 application grant was offered for research and exploration into the potential of the OP_CAT proposal for a soft fork.
The announcement was met with notable enthusiasm, leading some to wonder what was driving the optimism. Until recently, the prospects of zero-knowledge technology on Bitcoin had been largely a sideshow—another OP code that might never see the light of day. The difficulty of reaching consensus on smaller changes to the Bitcoin codebase made it unlikely that anything more complex would ever materialize.
Based on conversations with Starkware employees, it was around May that they got wind of Weikeng’s progress on BitVM and the mood changed dramatically. As it turned out, the developer already had his sights set on the company’s Circle STARKs technology. In a paper released a few months ago, Chen had already identified the latter as a “Bitcoin-friendly proof system.”
After some back and forth, both sides agreed to come together and make a joint effort aimed at an open-source implementation of a STARK verifier using the OP_CAT primitive. “I knew it could be done. We just had to put all the pieces in place,” Chen suggests.Bitcoin Nature Reserve” was born.
Two months later, the project appears to have achieved its goal thanks to the collaboration of other developers such as Pingzhou Yuan, another early BitVM contributor. Last Friday morning, Chen jumped into the project’s Telegram group to share the news with other participants: “I think I got the job done!”
After successful local testing, the developer has a series of transactions to Bitcoin’s Signet testnet network that would execute the entire script. To optimize on-chain usage, the STARK proof, based on Starkware’s open-source Creature implementation, is split into concurrent transactions that are linked together using an OP_CAT based covenant.
On July 12, 2024 at 6:29 AM, the last transaction was confirmed on the Signet network. Proponents believe this is the beginning of a new era in Bitcoin’s development.
“This was a huge effort and took a lot of time,” Chen said. “We started from nothing. There is no information about ZK proofs on Bitcoin. There is no information about the mathematical operations that need to be followed. We had to build the full stack, which eventually led to the implementation of the STARK verifier.”
Inspiring a new development path
While the results are worth celebrating, Chen insists the job is not done yet. Asked if he was optimistic about his work laying the groundwork for new scaling protocols like rollups on Bitcoin, the developer was quick to manipulate expectations.
“The idea works roughly, but the proof-of-concept is not yet ready for production. Validity proofs also take up a lot of block space, which could prove expensive in the future.”
Starkware officials acknowledge the challenges ahead, but are confident that the project’s success represents a “monumental step forward” toward Bitcoin scaling solutions that can leverage their ZK rollup technology.
One thing is for sure, the collaboration will likely further strengthen the case for a potential OP_CAT soft fork. In order to put together the verifier implementation, Chen said he needed to develop a reliable covenant framework with CAT that can highlight the versatility of the script improvement proposal. He believes other developers in the ecosystem can play with his code and come to the same conclusion he did about its benefits.
“I don’t think there’s much risk once we’ve developed best practices. There’s not that many places where this can go wrong. We now have clear evidence that OP_CAT can be safely adapted to different covenant projects.”
When asked about his intention to contribute to a future activation process, the developer readily admitted that he is not yet familiar enough with all the dynamics surrounding Bitcoin open-source development. He then plans to share his progress with members of the development mailing list and hopes that others will be able to contribute a review and provide feedback on his work.
Reflecting on his experience so far, Chen is quick to point out the importance of creating a fertile environment for new developers entering the ecosystem. He believes that many talented developers miss out on the opportunity to build on Bitcoin due to the lack of a cohesive vision.
“There is currently no clear sense of direction, leaving contributors perplexed about their ability to influence the future. Hopefully, the emergence of new tools and primitives can improve this situation, allowing Bitcoiners to dream again.”