Skip to content

Instantly share code, notes, and snippets.

@supertestnet
supertestnet / btc-prediction-market.md
Last active January 13, 2025 19:57
Thoughts on building a polymarket clone or similar type of prediction market on bitcoin

Funding tx

Have an Oracle create a utxo like I do in tornado factory, where all the money in an n-of-n utxo goes, at first, to the Oracle, and where each key in the n-of-n is actually a 2-of-2 “sharded key,” where a statechain operator has one shard and the Oracle has the other. People can pay 10k sats to the Oracle to “buy” one of his or her shards. With it, the buyer contacts the statechain operator and obtains a cosignature on a tx that gives them the right to withdraw 2 10k-sat increments of the money from the n-of-n utxo (per my tornado factory protocol), except their withdrawal txs are not valid unless the Oracle says the result is a Yes (or No, if the user bought No). I will call these “right to withdraw” keyshards RTWs and those are what you’re buying and selling in these markets.

Connectors versus adaptor signatures

The above idea relies on the assumption that you can only withdraw using your signature if the Oracle announces a result in your

@supertestnet
supertestnet / historical_price_fetcher.html
Last active January 6, 2025 16:44
Some javascript for fetching the historical price of bitcoin on any date since Kraken existed
<!DOCTYPE html>
<html>
<head>
<script type="text/javascript" src="https://cdn.jsdelivr.net/npm/[email protected]/dist/ccxt.browser.min.js"></script>
<!-- the manual for using the ccxt library is here: https://github.com/ccxt/ccxt/wiki/ -->
</head>
<body>
<script>
(async()=>{
var date = "2016-07-26";
@supertestnet
supertestnet / Musings on a Non-Interactive Coinpool.txt
Last active January 3, 2025 04:37
In this document, I spend about 15 pages, written over the course of a few weeks, thinking up a way to do a non-interactive coinpool without any consensus-changes to bitcoin. It is a glimpse into my thought process.
Recently, while discussing covenant proposals on twitter, I had this conversation (slightly modified):
-------------------------------------------------------------------------------------------------------------------------------
Me: Several [covenant] proposals make privacy pools like TornadoCash easier to build on bitcoin so...get on board for the "more privacy" reason! (I think you can build a TornadoCash-like privacy pool with any of the following: op_ctv, op_txhash, op_vault, op_cat, or op_paircommit)
Other person: Just a dumb question, a proposal like coinpool or joinpool (tornado cash like privacy pools on CTV) AFAIK requires all the users to stay online so it is possible to interact with the pool. Is it possible to make it tornado cash like, meaning I can open the wallet, deposit into the pool, turn off my PC, and after months I can withdraw the funds?
Me: Tldr: yes I think its possible. Long answer: I think I could make that kind of pool with three primitives: blind signatures, transferable stat
@supertestnet
supertestnet / ctv_hash_generator_in_javascript.js
Last active April 11, 2025 18:15
CTV Hash Generator in Javascript
//dependencies:
//https://unpkg.com/@cmdcode/[email protected]
var sha256 = s => {
if ( typeof s == "string" ) s = new TextEncoder().encode( s );
return crypto.subtle.digest( 'SHA-256', s ).then( hashBuffer => {
var hashArray = Array.from( new Uint8Array( hashBuffer ) );
var hashHex = hashArray
.map( bytes => bytes.toString( 16 ).padStart( 2, '0' ) )
.join( '' );
return hashHex;
@supertestnet
supertestnet / burrow.md
Last active January 2, 2025 02:40
Burrow: a federated coinpool built on hedgehog channels

Burrow

Burrow is a proposal for a federated coinpool on top of hedgehog channels. The coinpool can have a bunch of cool properties:

  • a single-honest-party assumption, so the federation can't rug any user unless the keyholders in the federation are all scoundrels

  • users can onboard into the pool without an on-chain transaction (e.g. maybe you send in coins via lightning, or maybe another user gives you your first coins from within the pool)

  • every onboarded user gets their own wallet interface with their own personal balance and Send/Receive buttons

@supertestnet
supertestnet / gist:5f262c632cbcd00348824aad5c289705
Last active April 24, 2024 17:13
Unnamed Noncustodial Inchoate Sidechains On Bitvm (Unisob)

Unnamed Noncustodial Inchoate Sidechains On Bitvm (Unisob)

I have an independent bitvm sidechain model that works without a federation. Instead, there is a "bridge operator" who assists with depositing money to the sidechain as well as with the "happy path" of withdrawing from the sidechain. In my version, you can withdraw even if the bridge operator ceases operations, because there is also a "sad path" that does not require his ongoing cooperation

the main idea is that when you want to deposit money onto the sidechain you should get a "withdrawal contract" from the bridge operator

the withdrawal contract is done in bitvm and it basically says, if you (the withdrawer) can provide a proof of a valid withdrawal request from the sidechain, the prover has up to X blocks to supply proof that he sent you your money on bitcoin

if he does not supply that proof, you may slash him and take the funds that way

@supertestnet
supertestnet / gist:8df4b12812dd5a66ce965e0ae2f2d550
Last active January 10, 2024 15:57
How to do arbitrary data script with p2tr
https://mutinynet.com/tx/5e2be1456d1917338729449e60913781fe12b008b5b32cd76eacb953f66bd636
```html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, user-scalable=no">
<script src="https://cdn.jsdelivr.net/gh/6502/sha256@main/sha256.js"></script>
<script src="https://unpkg.com/@cmdcode/[email protected]"></script>
@supertestnet
supertestnet / gist:8d861b1fc8a7cee567f42734bfa57631
Last active November 26, 2023 05:25
8bit adder bristol circuit
49 66
3 1 8 8
2 1 8
2 1 0 8 17 AND
2 1 0 8 18 XOR
2 1 18 16 19 AND
2 1 18 16 20 XOR
2 1 17 19 21 LOR
2 1 21 7 22 AND
@supertestnet
supertestnet / gist:0d0064fe5d516726e624afd70ee0c687
Last active February 21, 2024 15:00
A tapleaf circuit for proving that a set of 64 bits are all 0s
The following "tapleaf circuit" is a BitVM implementation of this bristol circuit:
https://homes.esat.kuleuven.be/~nsmart/MPC/zero_equal.txt
The bristol circuit takes 64 bits of input and proves they are all zeros. Mine does the same.
More specifically, mine allows Vicky, the verifier, to penalize Paul, the prover, if he provides
64 bits and any of them *are not* zeros.
More info here: https://github.com/supertestnet/tapleaf-circuits/

Verifying that I control the following Nostr public key: npub1jfgursu7y5k06jnsttum5gc3qa84h0lrc3v7hfqw5vchvr0de8jqf7jn8g