• Bitcoin PIPEs v2: Covenants and ZKPs on Bitcoin Without a Soft Fork
• Disposing of Dust UTXOs via OP_RETURN to Mitigate Dust Attacks
• Hornet UTXO (1): Parallel UTXO Database with Constant-Time Queries
• GOAT Network Releases GOAT BitVM2 White Paper

§Bitcoin PIPEs v2: Covenants and ZKPs on Bitcoin Without a Soft Fork

The cryptography research team \[\[alloc\]init] published a paper on Bitcoin PIPEs v2, which enables covenants and zero-knowledge proofs on Bitcoin without requiring any fork.

The core idea of PIPE v2 is to use Witness Encryption (WE) to lock a Bitcoin private key under an NP statement. Only a party capable of providing a valid witness for that statement (e.g., a SNARK proof) can recover the private key and thus gain the ability to spend the associated Bitcoin. Once unlocked, the mechanism outputs a standard Schnorr signature indistinguishable from any ordinary Bitcoin signature. From Bitcoin’s perspective, these transactions appear entirely standard; cryptographically, however, they are guaranteed to enforce arbitrary off-chain logic.

The paper formalizes how PIPEs v2 can impose predicate constraints at the signature layer—purely through cryptographic techniques and without modifying consensus rules—thereby enabling arbitrary spending conditions on Bitcoin. It introduces a new primitive, Witness Signatures (WS), to model signatures conditioned on hard relations. The authors prove that combining PIPE with witness encryption and standard digital signatures enables programmable covenants and SNARK-verifiable conditions on Bitcoin, without requiring a soft fork, trusted third parties, or interactive fraud proofs as used in BitVM-style constructions.

§Disposing of Dust UTXOs via OP_RETURN to Mitigate Dust Attacks

A dust attack refers to an attacker sending tiny UTXOs (dust) to many addresses, hoping wallet users will unknowingly spend them together with other UTXOs. Once merged, the attacker can infer common ownership and compromise user privacy.

Developer bubb1es discussed how to safely and effectively handle dust attack UTXOs in on-chain wallets. Most wallets currently adopt a locking strategy to prevent dust from being spent, but this results in bloating the mempool with unspendable UTXOs. Risks remain: software bugs, key recovery, or migration to a new wallet may unlock dust UTXOs; future inheritors of a wallet may also unknowingly spend them, leading to de-anonymization.

With Bitcoin Core lowering the minimum relay fee to 0.1 sats/vB, the author proposes an active disposal strategy: create a transaction that uses the entire amount for fees and has an OP_RETURN output. While feasible, the proposal still faces practical challenges such as wallet fingerprinting, multisig operational complexity, and linkage risks from batch broadcasting.

§Hornet UTXO (1): Parallel UTXO Database with Constant-Time Queries

Developer Toby Sharp introduced Hornet UTXO (1), a custom, highly parallel UTXO database supporting constant-time queries. Hornet Node is an experimental Bitcoin client aiming to provide a minimal executable specification of Bitcoin consensus rules. The new database is designed to improve Initial Block Download (IBD) through a lock-free, highly concurrent architecture.

Hornet UTXO (1) is written in modern C++23 with no external dependencies. To optimize performance, it prefers sorted arrays and LSM trees over hash maps. Operations such as append, query, and fetch can be executed concurrently. Blocks can be processed out of order upon arrival, with data dependencies automatically resolved by the system.

§GOAT Network Releases GOAT BitVM2 White Paper

The white paper first outlines several limitations of BitVM2 in real-world zkRollup deployments, including the inability to support arbitrary-sized withdrawals, inconsistent challenge incentives, potential double-spending risks by operators, and large on-chain data requirements for dispute resolution.

To address these issues, GOAT Network proposes GOAT BitVM2, a trust-minimized settlement protocol that enables Bitcoin to natively support zkRollups without weakening the 1-of-n honest assumption. The design enhances verifiability of L2 state and state transitions by committing public inputs of ZK proofs to Bitcoin. It migrates operator and challenger collateral to L2 while leveraging on-chain synchronization primitives and CPFP (Child Pays For Parent) to improve capital efficiency. Atomic swaps are used to enable arbitrary-amount withdrawals from L2 to L1.

Architecturally, GOAT BitVM2 combines garbled circuits with designated-verifier (DV) SNARKs, moving most computation off-chain while committing only necessary data on-chain to reduce costs. The system balances on-chain and off-chain complexity through zero-knowledge proofs and multiple cryptographic verification mechanisms to ensure correctness and security.