How OP_CAT Could Boost BitVM

BitVM is a programming paradigm aimed at bringing more advanced computational capabilities to Bitcoin. However, the Bitcoin script currently doesn’t allow data to be easily combined for hashing, which is a limitation that’s problematic for BitVM, as it needs to hash multiple pieces of data together to function efficiently.

For example, in a typical BitVM use case, the script must commit to state variables (data representing the current state of the system) by hashing them one by one. In an ideal scenario, developers would take each piece of data, combine it with the previous hash, and hash the result. But without OP_CAT, Bitcoin script can’t concatenate data, so developers resort to simulating hash functions using pure arithmetic operations.

Imagine trying to build an intricate LEGO structure, but without any connecting pieces. It can be done, but only with tedious workarounds that make the process clunky and inefficient. Currently, simulating a simple hash function like Blake3 requires over 75,000 bytes of Bitcoin script code for each operation, leading to bloated and costly transactions.

If OP_CAT were available, BitVM could easily concatenate any two data elements on the stack—the place where data is stored during script execution—and then apply Bitcoin’s built-in hash functions to the combined data. This would cut the script size down from tens of thousands of bytes to just a few bytes per hash operation, making BitVM more practical.

But simplifying hash operation doesn’t solve all the challenges. For many of its advanced features, BitVM also requires covenants—powerful primitives that define rules for how Bitcoin can be spent in the future. In Bitcoin, each transaction "destroys" input coins and "creates" new output coins. In standard transactions, the input owner controls the creation of output coins. Covenants, however, impose restrictions, limiting the destinations of these output coins so that they can only be sent to specific addresses.

Currently, Bitcoin doesn’t natively support covenants, so developers often rely on multisignature committees that introduce additional trust assumptions, where specific members must approve transactions—something Bitcoin aims to avoid to maintain its decentralized and trust-minimized nature.

With OP_CAT, developers could simulate some covenant-like behaviors. By concatenating and hashing transaction data, they can build scripts that enforce certain spending conditions without needing trusted third parties. For example, they could create a script that only allows funds to be sent to specific addresses or under certain conditions by combining and hashing transaction data in specific ways. In this way, BitVM can take decentralization a step further by eliminating the reliance on committees with trust assumptions.

Last updated