base on zkBitcoin: zero-knowledge proofs on Bitcoin! # zkBitcoin Use **zero-knowledge applications (zkapps)** on Bitcoin! (**Currently only on testnet.**)  **How does it work**? Write your zkapp in [circom](https://github.com/iden3/circom) and deploy it on Bitcoin by sending a transaction to our multi-party wallet run by a committee of nodes. To use a zkapp, provide a correct proof of execution using [snarkjs](https://github.com/iden3/snarkjs) to our multi-party wallet which will trigger a threshold signature, eventually allowing funds to move out of the zkapp. 📃 Read [the whitepaper](./whitepaper.pdf). 🎥 Watch [an overview of the project](https://www.youtube.com/watch?v=2a0UYT5nbEA), [a walkthrough of the whitepaper](https://www.youtube.com/watch?v=3Y-Z4nZB8FE), [a walkthrough of the codebase](https://www.youtube.com/watch?v=gSNrRPauIEA). ## Installation Jump straight to [usage](#usage) if you want to see some examples, but make sure to read this section otherwise things won't work! ### Circom/snarkjs We build on top of the well-known [circom](https://github.com/iden3/circom)/[snarkjs](https://github.com/iden3/snarkjs) stack. To install `circom`, please follow [their guide](https://docs.circom.io/getting-started/installation/). To install `snarkjs`, just run: ``` npm install -g snarkjs@latest ``` ### Download SRS File To create a ZKP you would need to download the correct SRS file (based on your circuit size). For example, if your circuit has around 65K constraints then you would need to download the following file https://storage.googleapis.com/zkevm/ptau/powersOfTau28_hez_final_16.ptau. You can replace the number 16 in the above URL to download the correct SRS file for your circuit. > You can download the file to any location you wish. You will later provide the location of the file when running the CLI tool. ### Bitcoin wallet On top that, you'll need your own Bitcoin node/wallet. This application will perform queries to your node/wallet in order to fund your zkapp transactions. All the following commands expects the following environment variables to be set so that it can communicate with your node/wallet: ```shell export RPC_WALLET="walletname" export RPC_ADDRESS="http://127.0.01:18331" export RPC_AUTH="username:password" ``` ### zkbtc: the zkBitcoin CLI To install `zkbtc` and `zkbtc-admin`, run the following command: ```shell cargo install --git https://github.com/sigma0-xyz/zkbitcoin.git ``` ## Usage There are two types of zkapps: [stateless](#stateless-zkapps) and [stateful](#stateful-zkapps). ### Stateless zkapps A stateless zkapp is single-use, and the bitcoin it locks can be redeemed by anyone who can provide a proof of correct execution. An example of a stateless zkapp is in [`examples/circuit/stateless.circom`](examples/circuit/stateless.circom) (which releases funds to anyone who can find the preimage of a hash function). A stateless zkapp must always contains one public input that authenticates the transaction that spends it:  The zkapp doesn't have to do anything with the `truncated_txid` field (although it can if it wants to). You can deploy a stateless zkapp with the following command: ```shell $ zkbtc deploy-zkapp --circom-circuit-path examples/circuit/stateless.circom --srs-path ~/.zkbitcoin/srs_16.ptau --satoshi-amount 1000 ``` > Use the `--srs-path` where you downloaded the SRS file. Check "Download SRS File" above. This will lock 1,000 satoshis in the zkapp and return the transaction ID of the transaction that deployed the zkapp. A stateless zkapp can be referenced by that transaction ID. Bob can then unlock the funds from the stateless zkapp with the following command: ```shell $ zkbtc use-zkapp --txid "e793bdd8dfdd9912d971790a5f385ad3f1215dce97e25dbefe5449faba632836" --circom-circuit-path examples/circuit/stateless.circom --srs-path ~/.zkbitcoin/srs_16.ptau --proof-inputs '{"preimage":["1"]}' --recipient-address "tb1q6nkpv2j9lxrm6h3w4skrny3thswgdcca8cx9k6" ``` > Use the `--srs-path` where you downloaded the SRS file. Check "Download SRS File" above. ### Stateful zkapps A stateful zkapp is a zkapp that has a state, and which state can be updated without consuming the zkapp. An example of a stateful zkapp is in [`examples/circuit/stateful.circom`](examples/circuit/stateful.circom). A stateful zkapp must always contains a number of additional public inputs, allowing an execution to authenticate the zkapp state transition, as well as the amounts being withdrawn and deposited:  You can deploy a stateful zkapp with the following command: ```shell $ zkbtc deploy-zkapp --circom-circuit-path examples/circuit/stateful.circom --initial-state "1" --satoshi-amount 1000 ``` You can use a stateful zkapps with the following command: ```shell $ zkbtc use-zkapp --circom-circuit-path examples/circuit/stateful.circom --proof-inputs '{"amount_in":["1000"], "amount_out":["1000"]}' --recipient-address "tb1q6vjawwska63qxf77rrm5uwqev0ma8as8d0mkrt" --txid "76763d6130ee460ede2739e0f38ea4d61cc940b00af5eab83e5afb0fcc837b91" ``` specifying the following inputs: - `amount_out`: amount being withdrawn - `amount_in`: amount being deposited Other inputs will be automatically filled in (for example, it will use the zkapp's state as `prev_state` input). ## Get information about a zkapp You can retrieve information about a specific zkapp by running the following command with the zkapp's transaction id: ```shell $ zkbtc get-zkapp 7f08eeb5a4cba9bed161ba54bb28db4fc6ce51273e48d40969d5d89fdab61770 ``` ## List all deployed zkapps You can list all currently-deployed zkapps in the following way: ```shell $ zkbtc list-zkapps ``` ## Tell me more You can read more about zkBitcoin in [our whitepaper](./whitepaper.pdf), [our documentation](docs/), and about advanced usage in [our developer documentation](DEVELOPER.md). ", Assign "at most 3 tags" to the expected json: {"id":"7206","tags":[]} "only from the tags list I provide: [{"id":77,"name":"3d"},{"id":89,"name":"agent"},{"id":17,"name":"ai"},{"id":54,"name":"algorithm"},{"id":24,"name":"api"},{"id":44,"name":"authentication"},{"id":3,"name":"aws"},{"id":27,"name":"backend"},{"id":60,"name":"benchmark"},{"id":72,"name":"best-practices"},{"id":39,"name":"bitcoin"},{"id":37,"name":"blockchain"},{"id":1,"name":"blog"},{"id":45,"name":"bundler"},{"id":58,"name":"cache"},{"id":21,"name":"chat"},{"id":49,"name":"cicd"},{"id":4,"name":"cli"},{"id":64,"name":"cloud-native"},{"id":48,"name":"cms"},{"id":61,"name":"compiler"},{"id":68,"name":"containerization"},{"id":92,"name":"crm"},{"id":34,"name":"data"},{"id":47,"name":"database"},{"id":8,"name":"declarative-gui "},{"id":9,"name":"deploy-tool"},{"id":53,"name":"desktop-app"},{"id":6,"name":"dev-exp-lib"},{"id":59,"name":"dev-tool"},{"id":13,"name":"ecommerce"},{"id":26,"name":"editor"},{"id":66,"name":"emulator"},{"id":62,"name":"filesystem"},{"id":80,"name":"finance"},{"id":15,"name":"firmware"},{"id":73,"name":"for-fun"},{"id":2,"name":"framework"},{"id":11,"name":"frontend"},{"id":22,"name":"game"},{"id":81,"name":"game-engine "},{"id":23,"name":"graphql"},{"id":84,"name":"gui"},{"id":91,"name":"http"},{"id":5,"name":"http-client"},{"id":51,"name":"iac"},{"id":30,"name":"ide"},{"id":78,"name":"iot"},{"id":40,"name":"json"},{"id":83,"name":"julian"},{"id":38,"name":"k8s"},{"id":31,"name":"language"},{"id":10,"name":"learning-resource"},{"id":33,"name":"lib"},{"id":41,"name":"linter"},{"id":28,"name":"lms"},{"id":16,"name":"logging"},{"id":76,"name":"low-code"},{"id":90,"name":"message-queue"},{"id":42,"name":"mobile-app"},{"id":18,"name":"monitoring"},{"id":36,"name":"networking"},{"id":7,"name":"node-version"},{"id":55,"name":"nosql"},{"id":57,"name":"observability"},{"id":46,"name":"orm"},{"id":52,"name":"os"},{"id":14,"name":"parser"},{"id":74,"name":"react"},{"id":82,"name":"real-time"},{"id":56,"name":"robot"},{"id":65,"name":"runtime"},{"id":32,"name":"sdk"},{"id":71,"name":"search"},{"id":63,"name":"secrets"},{"id":25,"name":"security"},{"id":85,"name":"server"},{"id":86,"name":"serverless"},{"id":70,"name":"storage"},{"id":75,"name":"system-design"},{"id":79,"name":"terminal"},{"id":29,"name":"testing"},{"id":12,"name":"ui"},{"id":50,"name":"ux"},{"id":88,"name":"video"},{"id":20,"name":"web-app"},{"id":35,"name":"web-server"},{"id":43,"name":"webassembly"},{"id":69,"name":"workflow"},{"id":87,"name":"yaml"}]" returns me the "expected json"