Skip to content

Instantly share code, notes, and snippets.

View RobinLinus's full-sized avatar
🧡
₿itcoin

Robin Linus RobinLinus

🧡
₿itcoin
1.5k followers · 22 following
View GitHub Profile
@RobinLinus
RobinLinus / bitcoin-txs.md
Created June 8, 2023 21:50
Raw Bitcoin transactions hand-parsed for educational purposes

Raw Bitcoin Transactions

P2PK

https://blockstream.info/block/00000000d1145790a8694403d4063f323d499e655c83426834d4ce2f8dd4a2ee

Raw

https://blockstream.info/tx/f4184fc596403b9d638783cf57adfe4c75c605f6356fbc91338530e9831e9e16

0100000001c997a5e56e104102fa209c6a852dd90660a20b2d9c352423edce25857fcd3704000000004847304402204e45e16932b8af514961a1d3a1a25fdf3f4f7732e9d624c6c61548ab5fb8cd410220181522ec8eca07de4860a4acdd12909d831cc56cbbac4622082221a8768d1d0901ffffffff0200ca9a3b00000000434104ae1a62fe09c5f51b13905f07f06b99a2f7159b2225f374cd378d71302fa28414e7aab37397f554a7df5f142c21c1b7303b8a0626f1baded5c72a704f7e6cd84cac00286bee0000000043410411db93e1dcdb8a016b49840f8c53bc1eb68a382e97b1482ecad7b148a6909a5cb2e0eaddfb84ccf9744464f82e160bfa9b8b64f9d4c03f999b8643f656b412a3ac00000000

Parsed

@RobinLinus
RobinLinus / secp256k1_to_pairing.md
Last active February 5, 2025 02:25
Mapping a Secret Scalar Value between Elliptic Curve Groups

Mapping a Secret Scalar Value between Elliptic Curve Groups [broken]

This document outlines a method to map a secret scalar value x from one elliptic curve group (secp256k1) to another elliptic curve group (a pairing-friendly curve). This method leverages a variation of the Schnorr signature scheme to prove that the same secret scalar is used in both groups without revealing the value of x. This approach can be useful in applications where compatibility with different cryptographic groups is required. For example, in the context of using the Lightning Network to purchase in a PTLC a key to be used with pairing-based cryptography. In general, it is interesting for Adaptor Signatures, Scriptless Scripts, and Discreet Log Contracts.

Setup

@RobinLinus
RobinLinus / sats4files.md
Last active October 9, 2023 21:00
Sats4Files: Decentralized File Hosting based on Lightning payments

Sats4Files: Decentralized File Hosting based on Lightning

Sats4Files is a protocol for decentralized file hosting. It allows users to request data from untrusted servers, and upon receiving the encrypted data, they can pay for the decryption key via Lightning. The exchange is atomic, ensuring that the user only receives the data if they pay for it, and the seller only gets paid if they deliver the data. The protocol is an efficient form of verifiable encryption, which is similar to verifiable secret sharing using Shamir's algorithm.

This scheme is simplified and does not fully solve the problem, as discussed in the Limitations section. This writeup intends to spark interest to solve the remaining issues beyond the fixes that we suggest.

Sats4Files Problem

The client wants to buy from the server the file corresponding to a particular file_id.

Here, we assume we have PTLCs on Lightning instead of HTLCs. That means we can buy a discrete logarithm over Li

@RobinLinus
RobinLinus / Sats4Files.md
Last active April 15, 2023 12:31
Decentralized File Hosting on Lightning

Sats4Files [Simplified]

The client wants to buy from the server the file corresponding to a particular file_id. The following is a very basic scheme solving the problem in a naive way.

  • The file gets chunked into 32-byte chunks. They are hashed into a Merkle root, which is the file_id.
  • The client buys from the server one Merkle branch after another via Lightning payments. The payment's preimage is the Merkle leaf.

Limitations and Optimizations

  • Sending 32 MB requires 1 million Lightning transactions. That means equally many signatures.
@RobinLinus
RobinLinus / sats4files.md
Last active April 17, 2023 21:41
A decentralized file hosting protocol in which clients pay per request.

Sats4Files: Decentralized File Hosting based on Lightning

A decentralized file hosting protocol in which clients pay per request. Client and server perform a fair exchange of coins against files, using a Lightning payment combined with a proof of encryption. This document describes a naive system which is probably too slow, however it intends to spark a discussion about which proof systems could make it practical, because that could allow to decentralize the web.

Sats4Files Problem

A “Sats4Files protocol” allows users to request data from servers, and upon receiving the encrypted data, they can pay for the decryption key, e.g., via Lightning. The exchange is atomic, ensuring that the user only receives the data if they pay for it, and the seller only gets paid if they deliver the data.

Proof of Encryption

Servers respond to client requests with a zero-knowledge proof, which expresses

@RobinLinus
RobinLinus / zkCoins.md
Last active June 8, 2025 13:46
zkCoins: A payment system with strong privacy and scalability, combining a client-side validation protocol with validity proofs

zkCoins

Edit: here you can find our research paper describing the protocol more in-depth.

zkCoins is a novel blockchain design with strong privacy and scalability properties. It combines client-side validation with a zero-knowledge proof system. The chain is reduced to a minimum base layer to prevent double spending. Most of the verification complexity is moved off-chain and communicated directly between the individual sender and recipient of a transaction. There are very few global consensus rules, which makes block validation simple. Not even a global UTXO set is required.

In contrast to zk-rollups there is no data availability problem, and no sequencer is required to coordinate a global proof aggregation. The protocol can be implemented as an additional layer contained in Bitcoin's blockchain (similar to RGB[^5] or Taro[^6]) or as a standalone sidechain.

The throughput scales to hundreds of transactions per

@RobinLinus
RobinLinus / hom_com.py
Last active July 20, 2023 11:29
Homomorphic Commitments in Exponents of RSA groups
# The extended euclidean algorithm
def egcd(aa, bb):
lastremainder, remainder = abs(aa), abs(bb)
x, lastx, y, lasty = 0, 1, 1, 0
while remainder:
lastremainder, (quotient, remainder) = remainder, divmod(lastremainder, remainder)
x, lastx = lastx - quotient * x, x
y, lasty = lasty - quotient * y, y
return lastremainder, lastx * (-1 if aa < 0 else 1), lasty * (-1 if bb < 0 else 1)
@RobinLinus
RobinLinus / csv-offchain-data.md
Last active November 27, 2022 02:25

Offchain Contract Data for CSV Protocols

Alice and Bob want to put a token in an offchain contract that expresses:

  • Alice can take the token if she reveals the sha3 preimage of a hash within a week
  • Otherwise, Bob can take the token

The problem is that Alice does not want to use any onchain data to reveal the preimage. This is possible with the following setup upfront:

  • Alice creates a random key K and encrypts her preimage with that key
  • In the contract she commits to the resulting ciphertext and also to K
  • She sends the contract and the ciphertext to Bob
@RobinLinus
RobinLinus / simd.cairo
Last active November 17, 2022 23:59
Parallel processing in Cairo with single instruction, multiple data (SIMD) operations
//
// SIMD Operation for Bitwise Rotations of Seven UInt32 Values in Parallel
//
%builtins bitwise
from starkware.cairo.common.bitwise import BitwiseBuiltin
// How many bitwise steps do we want to rotate?
// 2**t expresses a rotation of t bits to the right.
@RobinLinus
RobinLinus / uint32_in_exponent.py
Last active July 25, 2023 06:53
Emulate a Uint32 number type in a subfield of Cairo's `felt` type
# 32-Bit Arithmetic native to Cairo's Finite Field
#
# A collection of operations for 32-bit arithmetic performed in the
# exponents of elements of Cairo's finite field.
#
# The field's modulus is
# 2**251 + 17 * 2**192 + 1 == 2**192 * 5 * 7 * 98714381 * 166848103.
# so it contains multiplicative subgroups of sizes
# 2**192, 2**191, 2**190, ..., 2, 5, 7, 98714381, 166848103, ...
#