BitVM

BitVM is a paradigm for expressing arbitrary, Turing-complete computation that can be verified on Bitcoin without changing Bitcoin's consensus rules. Introduced in a 2023 white paper by Robin Linus, it works within today's Script by moving the heavy computation off-chain and keeping only a dispute mechanism on-chain.

Optimistic computation and fraud proofs

BitVM is "optimistic": a designated operator simply asserts the result of a computation, and that assertion is accepted unless a challenger disputes it within a defined window. If challenged, the two parties play a series of pre-signed transactions — a challenge-response game that narrows in on the single disputed step until one party can be proven wrong directly in Script. An honest participant can always win, so a single honest operator or challenger keeps the system secure. The result is fraud proofs on Bitcoin without a soft fork.

Bridges and rollups

The most discussed application is the BitVM bridge, which lets bitcoin move to a second layer or rollup under far weaker trust assumptions than a federated multisig — reducing the requirement from an honest majority to one honest participant during setup. Later iterations (BitVM2, BitVM3) improve efficiency using SNARK verification and garbled circuits.

BitVM is experimental and complex, and bridges always carry their own risks. D-Central presents it here as an educational reference for builders exploring trust-minimized Bitcoin layers; see also Simplified Payment Verification for the lighter inclusion-proof model many bridges rely on.