BitVMX is a new design for a virtual CPU to optimistically execute arbitrary programs on Bitcoin based on a challenge response game introduced in BitVM. Similar to BitVM1 we create a general-purpose CPU to be verified in Bitcoin script. Our design supports common architectures, such as RISC-V or MIPS. Our main contribution to the state of the art is a design that uses hash chains of program traces, memory mapped registers, and a new challenge-response protocol. We present a new message linking protocol as a means to allow authenticated communication between the participants. This protocol emulates stateful smart contracts by sharing state between transactions. This provides a basis for our verification game which uses a graph of pre-signed transactions to support challenge-response interactions. In case of a dispute, the hash chain of program trace is used with selective pre-signed transactions to locate (via $n$-ary search) and then recover the precise nature of errors in the computation. Unlike BitVM1, our approach does not require the creation of Merkle trees for CPU instructions or memory words. Additionally, it does not rely on signature equivocations. These differences help avoid complexities associated with BitVM1 and make BitVMX a compelling alternative to BitVM2. Our approach is quite flexible, BitVMX can be instantiated to balance transaction cost vs round complexity, prover cost vs verifier cost, and precomputations vs round complexity.

翻译：BitVMX是一种虚拟CPU的新型设计，基于BitVM中引入的质询-响应博弈，在比特币上乐观地执行任意程序。与BitVM1类似，我们构建了一个可在比特币脚本中验证的通用CPU。该设计支持RISC-V或MIPS等常见架构。我们对现有技术的主要贡献在于提出了一种利用程序轨迹哈希链、内存映射寄存器以及新型质询-响应协议的设计。我们引入了一种新的消息链接协议，作为参与者之间实现认证通信的手段，该协议通过跨交易共享状态来模拟有状态智能合约。这为我们的验证博弈奠定了基础，该博弈使用预签名交易图来支持质询-响应交互。在发生争议时，程序轨迹的哈希链与选择性预签名交易配合使用，通过n元搜索定位并恢复计算中错误的确切性质。与BitVM1不同，本方法无需为CPU指令或内存字创建默克尔树，同时也不依赖签名二义性。这些差异避免了BitVM1的复杂度，使BitVMX成为BitVM2的强有力替代方案。我们的方法具有高度灵活性：BitVMX可根据需求实例化，以平衡交易成本与轮次复杂度、证明者成本与验证者成本、预计算与轮次复杂度之间的权衡。