Foresight Ventures: Think Outside the Block「Arweave and Bitcoin Smart Contracts」
- Storage-based Consensus Paradigm smart contracts are the optimal solution for DApps in the Web3 era, providing high performance with uncapped TPS, while ensuring data traceability and monopoly-free.
- The essence of smart contracts is not to avoid risk, but to allow a reasonable distribution of risk among the people involved in the contract. The oversight issue of smart contracts can be addressed by DAO and open source.
- Arweave is a Layer0 network with permanent storage, on which SCP applications can be built not only to store data and data interactions trustfully, but also to host front-end pages trustfully, without censorship and performance limitations of the blockchain.
“It won’t be EVM that beats EVM”
After Bitcoin’s November Taproot update, smart contracts on Bitcoin are starting to catch everyone’s attention. The Taproot update brought new features such as Merklized abstract syntax trees and Schnorr signatures to Bitcoin, making transactions on the Lightning Network now look the same as regular transactions, which not only improved Bitcoin’s security and privacy, but also brought Bitcoin’s smart contract functionality to more people’s attention.
In fact, bitcoin already supports “smart contracts”, which are not as complete as Ethereum’s smart contracts, but can still be used to make a complete application by combining various functional modules. In the early years of Bitcoin, developers have been exploring the possibilities of DApps using Bitcoin’s rudimentary scripting language.
It is this “rudimentary and incomplete” condition that has allowed developers to use their imagination and come up with a myriad of ideas, and has allowed the “storage-based smart contracts” discussed in this article to take shape on Bitcoin and grow on Arweave.
Storage-based consensus smart contracts are perhaps the optimal solution for decentralized applications in the Web3 era, providing high performance with near-unlimited TPS, while ensuring data traceability and monopoly-free access.
1. Smart Contracts
According to Nick Szabos’ definition when he coined the term of “smart contracts” in 1996, a smart contract should have the following characteristics: a set of promises, specified in digital form, containing an agreement, and the fulfillment of the promises by the people involved in the contract.
The Holy Roman Empire was neither holy, nor Roman, nor an empire. A smart contract is neither smart nor a contract. The “smart” in a smart contract is not the kind of intelligence found in AI and machine learning, but rather means that the contract will mechanically execute a prescribed algorithm. At the same time, a smart contract is not really a “contract” in the sense of law.
- Smart contracts have implicit conditions.
- We can take the example of a vending machine. A user buys a pizza with 1000 bitcoins, and the terms of the contract are a certain amount of bitcoins can be exchanged into a certain amount of pizza. The implied term is that the pizza will not give you diarrhea after you eat it. These implied terms are enforced by the food safety laws of the country where the vending machine is located. In the blockchain world, our enforcer and watchdog is the entire blockchain network.
- The essence of smart contracts is not to avoid risks, such as untrustworthy computing environments and untrustworthy storage. Rather, it is to allow the people involved in the contract to allocate risk in a reasonable manner.
- The risk allocation of a smart contract is only valid under certain conditions. The premise is that there must be a mechanism for handling defaults. In the blockchain space, this mechanism for handling defaults is, naturally, a blockchain network such as Ethereum. We’ll talk more about this later.
- Another advantage of smart contracts is transparency.
- We can take into account all the complicated details of the contract through open source code, so that we don’t have to go back and forth to finalize the details of the contract for an event that only has a 0.1% chance of occurring.
smart contracts now
When we talk about smart contracts nowadays, we are usually talking about smart contracts on Ethereum or similar architectures.
A smart contract in this context is a program that runs on the Ethereum blockchain, also a set of code(functions) and data(state) located at a specific address on the Ethereum blockchain. Usually these smart contracts are written in a Turing-complete programming language such as Solidity, run in a virtual machine such as EVM to get the final state data. Smart contracts on Ethereum meet the definitions and characteristics of smart contracts through the openness of on-chain data and the specific unified computing environment of smart contracts.
This overall network design has major problems. It is very difficult to upgrade the EVM to upgrade the execution performance of smart contracts, which requires long development and testing time (although the progress of ETH 2.0 is already considered really fast). At the same time, the in-chain and off-chain interaction of an EVM fixed on chain is very cumbersome, relying on oracles and so on. In addition, the EVM’s overly simple design also limits its functionality to complex data computation, and even computing a trigonometric function is a pain. Finally, it is also difficult to upgrade the EVM, which after all is constantly running on the Ethereum nodes, and fixing and upgrading it is like fixing the engine of an airplane while it is flying. However, these problems are double-edged swords, and to solve them more or less requires sacrificing security and other factors.
Writing a smart contract in EVM using Turing-complete Solidity can realize very complete applications like AMM except for some complex operations. There is no such Turing-complete programming language on the Bitcoin or Arweave.
What about outside the chain? We have countless Turing-complete programming languages off-chain, so we don’t even have to customize one, we can just grab one and use it. You may wonder, what is the point of blockchain if the computation is done off-chain? But in fact, Ethereum’s Layer2 also relies on various off-chain upgrades to optimize the efficiency of the network. Instead of creating countless Layer2 off-chain solutions to gradually increase the TPS over the years, it is better to directly increase the TPS to the upper limit of the physical level and let the blockchain become a storage layer with the guarantee of computation and storage trustworthiness. After all, in StarkWare and other solutions, Ethereum is basically just a place to store data. So this solution is actually what we are going to discuss in this article: smart contracts based on storage consensus.
Web3.0 should first be the Web. Best of all, the native solution has the same performance as Web2.0 (like @muneeb said: if you like the EVM solution, then go ahead and make a new Ether , then go ahead and make a new ethereum. Instead of stuffing an EVM on top of a Bitcoin that follows Occam’s Razor design), it shouldn’t have to go back to Web 2.0 after all the patchwork to have Web 2.0 performance.
2. Colored Coins
Currently the only decentralized application that can achieve the same performance as traditional applications is using a storage-based design. Such a decentralized application uses the blockchain as a paper tape for the Turing machine, storing state and state changes on the blockchain, while the latest state computation of the contract can be performed within the user’s client off-chain. This design allows decentralized applications to increase their performance directly to the bandwidth of the network or the performance of the user’s own hardware, which is currently the most efficient solution.
A typical application that has been an early adopter of the storage-based design idea is Colored Coin.
colored coins introduction
As we mentioned before, Satoshi designed Bitcoin with the idea of perhaps making a global ledger. A ledger typically doesn’t require a Turing-complete language and language runtime environment (Satoshi Nakamoto is not an idiot, and I’m sure he knew that an Ethereum-like design could be made). As a currency, Bitcoin’s rudimentary scripting language can store some simple Metadata on the chain, such as Bitcoin’s block 0 with Satoshi’s famous “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks”.
Since Bitcoin’s scripting language allows for a small amount of Metadata to be stored, this Metadata can be used to represent real-life objects, linking real-life objects to certain blocks on the Bitcoin chain that contain specific Metadata. For example, if we write in the Metadata of block 6324: “This block generated 100 shares of Starbucks stock”, then we can say that this block is the first block of the colored coin of Starbucks stock, and this block containing the Metadata is “colored” by the colored coin. After that, all other blocks that contain the Starbucks stock transactions (e.g. “Alice sells Bob 10 shares of Starbucks stock”) are colored, and are blocks that store information about the colored coin transactions.
colored coins features
- Hitching a ride of Bitcoin:
- Colorcoin uses the Bitcoin blockchain as its backbone, employing a storage-based consensus, using Bitcoin’s Metadata as the database for storing transactions. It leverages the advantages of Bitcoin, such as unforgeability, ease of transfer, robustness and transparency, resulting in an unprecedented level of security and ease of operation of real-world assets.
- All of the advantages of Bitcoin, colored coins gets them. While miners maintain the Bitcoin network with countless amounts of computing power, the security of the colored coins project is ensured. The only flaw may be that the Bitcoin “database” may be a little slow to read and write data.
- Probably the earliest example of NFT for securities:
- Colored coins was created in 2012. Although colored coins are made up of bitcoins, they can represent a variety of assets and have a variety of uses, including property, coupons, and shares in issuing companies. Each colored coin is also different and may represent a different share. In this way, colored coins are exactly like NFTs.
- And this primitive but complete NFT project is made possible by Bitcoin’s rudimentary scripting language + Metadata + storage-based consensus. Imagine, with this design, we could replicate all sorts of jpeg NFT projects right on the Bitcoin chain. The revolutionary part of this is that colored coins was born in 2012, a year after Ethereum with its Turing-complete language and EVM was just conceived by Vitalik. This was very much ahead of its time.
RIP colored coins
In 2021, many of the links we see on the wiki of the colored coins are no longer accessible, so it is safe to say that the activity of the colored coins has faded (of course we can still look at the pitch deck). Colored coins’ pioneering attempts with off-chain computing, a rudimentary bitcoin scripting language, and storage-based consensus inspired RGB and Arweave’s SCP, which we’ll mention later.
3. RGB and Taproot
RGB is a Layer2 and Layer3 client-verified smart contract system running on the Bitcoin and Lightning networks. RGB is inspired by colored coins, using Bitcoin as a state commitment layer, taking a storage-based design paradigm, proposed by Giacomo Zucco and Peter Todd in 2016, and supported by Tether, Bitfinex in early 2019.
RGB represents “post-blockchain”, Turing’s complete form of trustless distributed computing. RGB isolates the issuer, state owner, and state change of a smart contract from each other. At the same time, RGB adopts a scheme that places smart contract code and data operations off-chain. RGB uses the blockchain as the state commitment layer, bitcoin scripts as the ownership control system, and smart contract updates are defined off-chain.
In short, RGB is an enhanced version of colored coins. RGB is like a very complete Layer2, using the blockchain as a commitment layer, performing computation and state management off-chain, greatly improving the performance of smart contracts and decentralized applications. The design of off-chain computation for smart contracts allows the Bitcoin scripting language to do the state commitment operations it can and should do, while allowing the off-chain Turing-complete programming language to do the complex state management and computation.
RGB with Taproot
What Taproot does is reduce the complexity of some complex operations, and improve the privacy of those complex operations. Taproot does not bring fully expressive quasi-Turing-complete smart contracts like those available on Ethereum, and the limitations of the Bitcoin scripting language remain.
RGB itself does not have to rely on Taproot, but with Taproot in place, many of RGB’s operations can be implemented more simply, which may actually be a helpful upgrade for RGB.
4. Storaged-based Consensus Paradigm (SCP)
After talking about colored coins and RGB, we can talk about the more novel design of storage-based smart contracts on Arweave. We can finally introduce a more official and standardized term: Storage-based Consensus Paradigm. We will discuss in depth the advantages and potential problems of this design paradigm in this section.
Arweave is a blockchain built for storage, in contrast to Bitcoin, which is positioned slightly away from the storage based consensus. From the bottom up, Bitcoin can be said to have an architecture: Bitcoin (ledger record layer) → Lightning Network (application runtime layer), while Arweave has a similar architecture: Arweave (storage layer) → Permaweb (application runtime layer). On Arweave, we can focus more on keeping the smart contracts in state, and Arweave acts as a paper tape for the Turing machine, recording these states and the individual transactions that modify them at the bottom. Interestingly, Vitalik’s latest blog post also shows an interest in becoming a Web3 paper belt. And in the EIP-4444 discussion post, one of the users commented on the storage of old data in Ethereum with that.
The store consensus-based design paradigm was proposed by everFinance’s Founder outprog, inspired by Arweave’s SmartWeave and Ethereum’s Layer 2 Rollup. It is described in everPay’s white paper as follows: In Ethereum, computations are performed by all nodes in the blockchain network. All nodes generate and store global state for query. Unlike the Ethereum model, SCP separates computation and storage, the blockchain does not perform any computation but only stores data. All computations are performed by off-chain user clients or servers, and the generated state is stored by off-chain clients or servers. SCP uses off-chain smart contracts, which can be written in any language, and all input parameters of these programs come from the stored blockchain. In the paradigm, the blockchain is more like a computer’s hard drive, and off-chain smart contracts can be performed on any machine even with minimal computing power.
In short, SCP is a high-performance Layer2 network layered with the underlying blockchain using Bitcoin or Arweave to store the results of state, or to store the content of off-chain smart contracts, to ensure that the storage is trusted. This Layer2 can actually be considered as Layer1, because there is no smart contract computing layers in the Bitcoin or Arweave chains, they can be considered as the lower Layer0.
- unlimited performance
- Smart contracts are computed off-chain and perform just like traditional Web2 applications. The off-chain server can carry a large number of complex transactions. The TPS purely depends on the performance of the server or client machine providing the computation service and the technical architecture used to build the DApp. You don’t need to worry about the performance limitations of the blockchain itself.
- trustworthy storage
- With the feature of the underlying blockchain, the data of SCP is stored on the blockchain, and the blockchain is used as a hard disk to obtain the characteristics of data tamperability and traceability. Therefore, blockchain gives trustworthiness to the data.
- 0 barries in development
- Any language can be used to develop off-chain smart contracts, with no additional learning costs for developers (learning to use the Arweave HTTP API or Bitcoin scripts certainly doesn’t count). This also avoids the disadvantage of having no or having only rudimentary programming language on the Bitcoin or Arweave.
- By keeping the smart contract completely off-chain, it does not pollute the essence of the blockchain and keeps the by design of the blockchain. At the same time, by layering functions, SCP’s smart contract is composable. The SCP does not have to be on Arweave, but can be modified to access another chain, for example migrating from Arweave’s Permaweb directly to Bitcoin’s Lightning Network. This is important in the future of multi-chain interconnection. All in all, composability in the software age is as powerful as compound interest in finance.
SCP potential problems
Needless to say, such an SCP is very different from the traditional smart contract as we understand it, and there are certainly many potential problems.
- Is the ecosystem of SCP incomplete now?
- We mentioned earlier that SCP was inspired by SmartWeave.
- The core of SmartWeave is Lazy-execution, which runs through all the transactions stored on the chain on the client side when it has to get the latest state. SmartWeave is Arweave’s official smart contract solution, and SmartWeave is a concrete implementation of SCP, so any project that uses SmartWeave is actually using SCP, including the aforementioned colored coins and RGB, which are both implementations of SCP.
- Currently, almost all projects in the Arweave ecosystem are designed to use SCP. Interestingly, KYVE recently moved from SmartWeave to EVM smart contracts, primarily because their business is inherently cross-chain, so they are rushing to embrace the EVM ecosystem. Maybe the secondary reason is that they think the Arweave ecosystem is still too young. But in fact, everPay, Pianity, Verto, redstone.finance have all made big moves in the SCP ecosystem recently, and we will discuss them in a little more detail later.
- Enforcer and supervisor of contract execution and computational consensus?
- At the beginning of this article, we started our discussion on the definition of smart contracts without explaining in detail the issues of supervision and computational trustworthiness in the execution of SCP smart contracts. In the EVM smart contract, the supervisor and enforcer is the Ethereum network. In SCP, since the smart contract is running off-chain, the blockchain network cannot supervise the execution of the smart contract. But in the Web3 era, we have a solution that fits well: DAO + open source.
- We can use DAO to decide and supervise the execution of off-chain smart contracts and transactions for uploading onto the chain, while everyone can try to run through all the results (off-chain smart contracts are written in “normal” programming languages, almost any device can run them with JS with browser, Java with JVM) with the open source smart contract content and publicly available on-chain data, to compare whether the result is correct or not. With such a supervisor, it is absolutely guaranteed that smart contracts are supervised and computationally trustworthy. After all, compared to some highly centralized chains and some centralized commercial closed-source Layer2 solutions, this approach is very Web3.
- How decentralized is SCP? Is an off-chain smart contract still a smart contract?
- There is no requirement for a smart contract to be storage-trusted or computationally trustworthy from the beginning. By definition, SCPs are fully compatible with every concept, except that there is no fully unified EVM compared to Ethereum’s Layer1 smart contracts. We cannot limit our imagination to only on-chain VMs. In general, although some smart contracts are programs on a decentralized network, they are still relatively centralized in some ways. The owner of the on-chain contract itself can have some access controls to do some dangerous operations.
- Beyond that, almost no one will actually look at the contents of a smart contract line by line, or care about the trustworthiness of the execution or storage. This brings us to the question of technical ethical balance. In the era of Web3, can programmers who know how to code suppress ordinary users? We’ve already been suppressed in Web2. So an off-chain smart contract with DAO oversight and open source code that can be repeatedly run by users is not just a smart contract, it is a very secure and trustworthy and decentralized smart contract.
5. SCP Ecosystem on Arweave
As I mentioned before, SmartWeave is a concrete implementation of SCP, so any project that uses SmartWeave on Arweave is also part of the SCP smart contract ecosystem.
- everPay: real-time cross-chain payment protocol
- As the originator of SCP, everPay has been pushing this smart contract design pattern in the developer community on Arweave. EverPay itself is a high performance implementation of this design pattern. Instead of implementing SCP directly with SmartWeave, everPay uses other high performance implementations and is actively arranging DAO organization and nodes for off-chain smart contracts.
- Recently everPay released a high performance Arweave txs synchronizer for golang concurrent programming Arsyncer. Also everPay is recently promoting an off-chain high-performance AMM based on the SCP design pattern. EverPay continues to lead the Arweave SCP ecosystem with very cutting-edge design and technology.
- redstone.finance: DeFi’s data ecosystem
- redstone.finance has been optimizing SmartWeave through excellent architecture and cutting-edge technology in the Arweave ecosystem. They have developed multi-layer design and browser multi-layer caching SmartWeave to reduce the unnecessary reloading and running of transaction data, which can greatly optimize the performance of client contracts. Alternatively, a trusted user can generate a snapshot of the transaction state to reduce the transaction computation. Recently they have also been working on incorporating WebAssembly technology into SmartWeave to improve the security, performance and readability of contracts.
- Pianity: music NFT exchange
- Pianity is a music NFT platform that proposes a model to bring collectors a certain annualized revenue. The Pianity platform generates fee revenue from primary sales and secondary trading of music NFTs, and then distributes the revenue to each user who holds an NFT based on the ratio of the value of the NFT at the time of purchase to the total value of all NFTs. Since the percentage is calculated based on the price of the NFT at the time of purchase, it may lead to users deliberately holding and raising the price of the NFT in order to obtain a higher allocation percentage, which in turn stimulates the market to gradually increase the allocable revenue and attract traffic attention.
- In the market of music NFTs, Pianity has the opportunity to stand out through its perpetual storage and dual-revenue model.
- Verto: DEX for profit sharing tokens
- There is a special token type in Arweave: Profit Sharing Token (PST). Holding a PST profits holders a certain AR fee from other users using the DApp. Verto is the DEX of these profit sharing tokens. Its token, VRT, receives a 0.5% commission on all PST transaction fees. (For more on PST, please refer to our previous article)
- In our previous article, we mentioned that Verto is working on a refactoring of the SmartWeave contract code, so there have been no transactions recently, but it is a good indication that Verto is active in the Arweave SmartWeave ecosystem and is contributing to its development. We are looking forward to trading these profit sharing tokens when the new version of Verto goes live.
Arweave’s unique advantage
In addition to the above mentioned aspects, the SCP on Arweave also has unique advantages.
1. Arweave can not only store data and transactions, but can also host front-end pages in a trusted manner.
The recent theft of BadgerDAO and the previous Uniswap downgrades of certain tokens from the front end were due to the centralization of the front end, which led to front end pages being tampered with or forced to be modified by censorship and regulatory pressure (e.g. Chainnews, fortunately we have its archive on Arweave). In this case, a decentralized application is not fully decentralized, only the smart contract is decentralized, and the front-end is centralized.
Arweave’s front-end hosting can solve this problem. By hosting the front-end of an application on Arweave, the browser can render the entire page while accessing the source file of the transaction. This ensures that the page cannot be easily tampered with, since a transaction is stored permanently and immutably on the blockchain.
This ensures decentralization, tamper-evident, and censorship avoidance of front-end pages. Hosting the front-end on Arweave makes a decentralized application a truly fully decentralized application. Currently you can host front-end projects easily through Argoapp on Arweave.
2. Only using SCP on Arweave can get the maximum performance and decentralization.
According to outprog, the inventor of SCP: “TPS blocking is mainly in L1, even if L2 is fast. The performance can’t be improved. Multiple L2s will homomorphically compete for the same resource. This is the endgame of on-chain computation and verification, which cannot scale, at best, to 10,000 TPS. The reason for this is that the our thinking is limited to on-chain computation and verification. It is difficult to make a real Web3. “ The decentralized application of SCP on a Layer0 Arweave with permanent storage is not subject to such limitations. This is a performance consideration.
The various Rollup schemes of Ethereum Layer2 can also be considered as a kind of implementation of SCP. The rapid progress of Ethereum Layer2 has raised expectations for ETH 2.0. However, the current situation of Ethereum Layer2 is worrying, whether everything is moving so fast that Ethereum now has a high-performance Layer2 along with: a commercial Layer2 company StarkWare (compared to the zkSync team), a StarkWare “dedicated” Layer2 wallet, Optimism without the fraud proof system (it used to have one, but it’s now getting a new one). These situations are becoming more and more like a falling back to the Web2 era. To achieve Web3, we have to start over. Technical debt is a scary thing, and it will get scarier.
From Bitcoin to Arweave, SCP employs off-chain smart contracts with off-chain validation, enabling truly unrestricted performance, uncensored and fully decentralized applications with security. This may be a better way to build a Web3 with open source data and user-owned data and applications.
When faced with the proposition that “the Byzantine General Problem in asynchronous networks is insoluble”, Satoshi did not dwell on the Byzantine General Problem itself, but instead thought outside of the box and came up with the solution of a blockchain with PoW, aka Bitcoin. When we think about optimizing smart contracts, we don’t need to dwell on Layer2 encryption and proofs, but rather think outside the block and boldly put smart contracts off-chain, so that the storage consensus is satisfied, and at the same time, the data is open source and supervised and trusted, and the performance is exactly the same as that of Web2, which is SCP.
Finally, Messari’s 2022 annual report includes this statement, “Development on Bitcoin is like building a rocket, while development on Ethereum has historically been more similar to building a Silicon Valley startup.” Development on Bitcoin (or Arweave) is like building a rocket, because they are much more low-level and don’t have a smart contract execution environment, which is the reason why you need to build a rocket with a sickle and a hoe, like with the colored coins; Ethereum is a complete computer, with all the software development capabilities and tools, and development on it is just like software development. So the final question of this article is do you want to build a startup on Ethereum, or do you want to build a rocket on Bitcoin or Arweave for Web3, and then go to the moon? Think outside the block.