Understanding how smart contracts work in Bitcoin’s UTXO paradigm
Experimental TechnologyAll code and concepts presented in this documentation are for exploration and proof of concept purposes only. These examples should not be used in production environments. The Arkade Language ecosystem is under active development and subject to significant changes.
Bitcoin’s Unspent Transaction Output (UTXO) model differs fundamentally from the account-based model used in platforms like Ethereum. This difference creates both challenges and opportunities for smart contract development. Arkade builds upon Bitcoin’s UTXO model to enable powerful smart contracts while maintaining Bitcoin’s security properties.
Each transaction consumes one or more UTXOs as inputs
Each transaction creates one or more new UTXOs as outputs
Each UTXO can only be spent once
Each UTXO has an associated script that defines the conditions for spending it
This model provides excellent security and scalability but creates challenges for stateful applications. Traditional smart contract platforms use an account model where contract state is stored directly in accounts, but in Bitcoin, we must think differently.
Traditional Bitcoin script has limited ability to enforce state transitions. When a UTXO is spent, its script can only verify the spending conditions, but cannot directly enforce conditions on the outputs being created.This limitation makes it difficult to implement contracts that need to maintain state across multiple transactions, such as:
Transaction introspection allows a script to examine properties of the transaction that’s spending it, including the outputs being created. This enables:
Verification that outputs maintain certain properties
Enforcement of state transitions
Implementation of covenants (restrictions on how funds can be spent)
Instead of just revealing values during spending, contracts can verify the entire state transition:
Copy
Ask AI
// Verify that output 0 maintains the contract with updated staterequire(tx.outputs[0].scriptPubKey == updatedContractScript, "Invalid state transition");require(tx.outputs[0].value >= minValue, "Insufficient value in next state");
Taproot enables more complex script conditions while maintaining privacy. Combined with key tweaking, it allows:
Verification that outputs commit to specific contract terms
Complex spending conditions hidden in Taproot trees
Efficient verification of contract continuation
Example of verifying continuation through key tweaking:
Copy
Ask AI
// Verify that output 0 contains a Taproot output with the expected tweaked keybytes expectedTweakedKey = tweakKey(internalKey, contractHash);require(tx.outputs[0].scriptPubKey == new P2TR(expectedTweakedKey), "Invalid continuation");
Recursive covenants allow contracts to enforce conditions on their future spending:
Self-replicating contract logic
Enforced state machine transitions
Preservation of invariants across transactions
Example of a recursive covenant:
Copy
Ask AI
function updateState(int newValue, signature userSig, pubkey user) { // Verify current state int currentValue = tx.input.current.value; // Verify state transition is valid require(newValue > currentValue, "New value must be greater than current value"); // Verify output maintains the same contract with updated state require(tx.outputs[0].scriptPubKey == tx.input.current.scriptPubKey, "Contract script must be preserved"); require(tx.outputs[0].value == newValue, "Output must contain new value"); // Verify user signature require(checkSig(userSig, user), "Invalid user signature");}
Arkade introduces the Virtual Transaction Output (VTXO) paradigm, which combines the security of Bitcoin’s UTXO model with the flexibility needed for complex applications:
Immediate Execution Path: Cooperative execution with server co-signature for instant finality
Timelock Unilateral Path: Fallback mechanism for onchain redemption with timelock constraints
This dual-path approach enables efficient offchain execution while maintaining Bitcoin’s security guarantees.
Smart contracts in the UTXO model require different design patterns than account-based systems, but with Arkade Script’s innovations, they can achieve comparable functionality with Bitcoin’s security advantages. The following sections will explore the Arkade Language in detail, showing how to build powerful applications using these principles.