Skip to content

Instantly share code, notes, and snippets.


Offchain Contract Data for CSV Protocols

Alice and Bob want to put a token in an offchain contract that expresses:

  • Alice can take the token if she reveals the sha3 preimage of a hash within a week
  • Otherwise, Bob can take the token

The problem is that Alice does not want to use any onchain data to reveal the preimage. This is possible with the following setup upfront:

  • Alice creates a random key K and encrypts her preimage with that key
  • In the contract she commits to the resulting ciphertext and also to K
  • She sends the contract and the ciphertext to Bob
RobinLinus / simd.cairo
Last active November 17, 2022 23:59
Parallel processing in Cairo with single instruction, multiple data (SIMD) operations
View simd.cairo
// SIMD Operation for Bitwise Rotations of Seven UInt32 Values in Parallel
%builtins bitwise
from starkware.cairo.common.bitwise import BitwiseBuiltin
// How many bitwise steps do we want to rotate?
// 2**t expresses a rotation of t bits to the right.
RobinLinus /
Last active November 17, 2022 23:58
Emulate a Uint32 number type in a subfield of Cairo's `felt` type
# 32-Bit Arithmetic native to Cairo's Finite Field
# A collection of operations for 32-bit arithmetic performed in the
# exponents of elements of Cairo's finite field.
# The field's modulus is
# 2**251 + 17 * 2**192 + 1 == 2**192 * 5 * 7 * 98714381 * 166848103.
# so it contains multiplicative subgroups of sizes
# 2**192, 2**191, 2**190, ..., 2, 5, 7, 98714381, 166848103, ...
View uint32.cairo
%builtins range_check
from starkware.cairo.common.registers import get_ap, get_fp_and_pc
# from starkware.cairo.common.pow import pow
from starkware.cairo.common.registers import get_label_location
from starkware.cairo.common.math import assert_le
# P = 2**251 + 17*2**192 + 1
const G = 3
RobinLinus /
Last active July 28, 2022 21:01
A collection of resources related to covenants
RobinLinus /
Last active April 22, 2022 19:30
Enhancing Bitcoin's scripting capabilities with client-side validation

Enhancing Bitcoin's scripting capabilities with client-side validation

TL;DR: We can enhance Bitcoin's scripting capabilities with client-side validation protocols. However, off-chain protocols like RGB or Taro do require some on-chain data.

Suppose we're given a client-side validation scheme for tokens on Bitcoin such as Omni, RGB, or Taro.

We want to express a simple spending condition that we cannot express in Bitcoin Script alone. For example, a hashed timelock contract that uses SHA3 instead of SHA2. So we want to express:

  • Alice can take the token if she reveals the SHA3 preimage of <hash> within a week.
  • Otherwise, after one week, Bob can take the token.

Bitcoin Cash is the real Bitcoin Cash

Charge Dollar bills with Bitcoins to create inflation-resitant cash. This idea originated in an old post on Bitcoin Talk. Here's a detailed writeup.

How to mint Bitcoin Cash?

  1. Take a 1 Dollar bill
  2. Burn 5000 sats and add that Dollar bill's serial number to your burn transaction.

Now the note is worth 1 USD + 5000 sats.


Bitcoin-backed Fiat Money

A trust-minimised stablecoin for Bitcoin-backed fiat money. It mimics traditional banking. Dollar tokens (USDx) are created and destroyed based on collaterized loans.

Basic Protocol

  1. Alice sends a collateral of 1 BTC to a bank to receive a loan of e.g. $40000 in USDx tokens created by the bank.
  2. To redeem her collateral Alice has to pay back her loan within 4 years. To "pay back" means Alice destroys 40000 USDx.
  3. If Alice does not pay her loan back on time then the bank sells her collateral to the market. To "sell" means the buyer destroys 40000 USDx.

This protocol requires that within a period of 4 years the BTC price always increases.


XOR Seed Splitting

A simple 2-of-3 seed splitting scheme for BIP39 seed phrases by Ruben Somsen.


  1. Split your 24 seed words into share_A and share_B of 12 words each.
  2. Pairwise XOR the words of the first share with the second share to derive the 12 words of share_C, the backup.
backup_1 = word_1 xor word_13
backup_2 = word_2 xor word_14