* [bitcoindev] Fly Client Proposal
@ 2026-04-29 21:00 Zac Mitton
2026-04-30 18:52 ` [bitcoindev] " Super Testnet
2026-05-03 16:56 ` Tom Harding
0 siblings, 2 replies; 8+ messages in thread
From: Zac Mitton @ 2026-04-29 21:00 UTC (permalink / raw)
To: Bitcoin Development Mailing List
[-- Attachment #1.1: Type: text/plain, Size: 849 bytes --]
Hi, Ive been looking into FlyClient first described here
<https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
BIPs, or previous discussion in this forum about it either.
On bitcoin It could allow a light-client to verify the entire work of the
heaviest chain with a single ~100KB proof.
It can theoretically be done as a soft-fork by injecting a single hash into
the coinbase tx (similar to how segwit is committed to).
What do you guy's think?
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/edb5d954-37f6-4b57-a3ce-70d92d6a9407n%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 1209 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bitcoindev] Re: Fly Client Proposal
2026-04-29 21:00 [bitcoindev] Fly Client Proposal Zac Mitton
@ 2026-04-30 18:52 ` Super Testnet
2026-05-01 8:42 ` Nuh.dev
2026-05-03 16:56 ` Tom Harding
1 sibling, 1 reply; 8+ messages in thread
From: Super Testnet @ 2026-04-30 18:52 UTC (permalink / raw)
To: Bitcoin Development Mailing List
[-- Attachment #1.1: Type: text/plain, Size: 1670 bytes --]
Seems pretty cool. It looks like it has similar trust assumptions as a
standard light client: the light client trusts the merkle root once it is
buried under several blocks of proof of work, believing that an attacker is
unlikely to do all that work just to fool a light client (especially when
they could have been actually mining bitcoin with all that hashrate). A
nice property is that, to get started, a fly client does not have to
download a variable number of block headers (namely, all of them, however
many there are), only a constant number of block headers, and it's a pretty
small total number. That property seems to make fly clients more efficient
than standard light clients.
On Wednesday, April 29, 2026 at 5:03:36 PM UTC-4 Zac Mitton wrote:
> Hi, Ive been looking into FlyClient first described here
> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
> BIPs, or previous discussion in this forum about it either.
>
> On bitcoin It could allow a light-client to verify the entire work of the
> heaviest chain with a single ~100KB proof.
>
> It can theoretically be done as a soft-fork by injecting a single hash
> into the coinbase tx (similar to how segwit is committed to).
>
> What do you guy's think?
>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/1283ada3-6231-4e18-b8a3-056a8f142babn%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 2421 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bitcoindev] Re: Fly Client Proposal
2026-04-30 18:52 ` [bitcoindev] " Super Testnet
@ 2026-05-01 8:42 ` Nuh.dev
2026-05-02 19:23 ` Zac Mitton
0 siblings, 1 reply; 8+ messages in thread
From: Nuh.dev @ 2026-05-01 8:42 UTC (permalink / raw)
To: Bitcoin Development Mailing List
[-- Attachment #1.1: Type: text/plain, Size: 2222 bytes --]
FlyClient is very useful compared to SPV client, especially for blockchains
with much more headers per day than Bitcoin. But fortunately, this is one
of the few soft forks that we don't actually need, because we can
substitute with a STARK proof as you can see here;
https://github.com/starkware-bitcoin/raito ... so any energy for gathering
consensus for a soft fork, before Bitcoin ossifies forever, is better spent
elsewhere.
On Thursday, 30 April 2026 at 21:55:05 UTC+3 Super Testnet wrote:
> Seems pretty cool. It looks like it has similar trust assumptions as a
> standard light client: the light client trusts the merkle root once it is
> buried under several blocks of proof of work, believing that an attacker is
> unlikely to do all that work just to fool a light client (especially when
> they could have been actually mining bitcoin with all that hashrate). A
> nice property is that, to get started, a fly client does not have to
> download a variable number of block headers (namely, all of them, however
> many there are), only a constant number of block headers, and it's a pretty
> small total number. That property seems to make fly clients more efficient
> than standard light clients.
>
> On Wednesday, April 29, 2026 at 5:03:36 PM UTC-4 Zac Mitton wrote:
>
>> Hi, Ive been looking into FlyClient first described here
>> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
>> BIPs, or previous discussion in this forum about it either.
>>
>> On bitcoin It could allow a light-client to verify the entire work of the
>> heaviest chain with a single ~100KB proof.
>>
>> It can theoretically be done as a soft-fork by injecting a single hash
>> into the coinbase tx (similar to how segwit is committed to).
>>
>> What do you guy's think?
>>
>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/69c7bb7f-5bf5-40f1-a2fd-a985ec88ddd7n%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 3133 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bitcoindev] Re: Fly Client Proposal
2026-05-01 8:42 ` Nuh.dev
@ 2026-05-02 19:23 ` Zac Mitton
2026-05-02 21:24 ` Nuh.dev
0 siblings, 1 reply; 8+ messages in thread
From: Zac Mitton @ 2026-05-02 19:23 UTC (permalink / raw)
To: Bitcoin Development Mailing List
[-- Attachment #1.1: Type: text/plain, Size: 2892 bytes --]
It makes sense that a STARK proof can do similar, however the 2 benefits to
this would be that (1) This doesnt require (any) more strict assumptions
which I'm assuming STARKS do, and (2) just the sheer simplicity of its
design. Sorry to bring up a touchy topic but is the STARK version quantum
safe, for instance? The flyclient version requires no new cryptographic
assumptions beyond the "honest mining majority" used currently.
Admittedly my dumb brain understands it better. I assume it would get
grouped into some larger softfork rollout...
On Friday, May 1, 2026 at 5:03:47 AM UTC-4 Nuh.dev wrote:
> FlyClient is very useful compared to SPV client, especially for
> blockchains with much more headers per day than Bitcoin. But fortunately,
> this is one of the few soft forks that we don't actually need, because we
> can substitute with a STARK proof as you can see here;
> https://github.com/starkware-bitcoin/raito ... so any energy for
> gathering consensus for a soft fork, before Bitcoin ossifies forever, is
> better spent elsewhere.
>
> On Thursday, 30 April 2026 at 21:55:05 UTC+3 Super Testnet wrote:
>
>> Seems pretty cool. It looks like it has similar trust assumptions as a
>> standard light client: the light client trusts the merkle root once it is
>> buried under several blocks of proof of work, believing that an attacker is
>> unlikely to do all that work just to fool a light client (especially when
>> they could have been actually mining bitcoin with all that hashrate). A
>> nice property is that, to get started, a fly client does not have to
>> download a variable number of block headers (namely, all of them, however
>> many there are), only a constant number of block headers, and it's a pretty
>> small total number. That property seems to make fly clients more efficient
>> than standard light clients.
>>
>> On Wednesday, April 29, 2026 at 5:03:36 PM UTC-4 Zac Mitton wrote:
>>
>>> Hi, Ive been looking into FlyClient first described here
>>> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
>>> BIPs, or previous discussion in this forum about it either.
>>>
>>> On bitcoin It could allow a light-client to verify the entire work of
>>> the heaviest chain with a single ~100KB proof.
>>>
>>> It can theoretically be done as a soft-fork by injecting a single hash
>>> into the coinbase tx (similar to how segwit is committed to).
>>>
>>> What do you guy's think?
>>>
>>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/4cd9d2bd-28f8-47a5-95f5-a7c9ae222835n%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 4248 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bitcoindev] Re: Fly Client Proposal
2026-05-02 19:23 ` Zac Mitton
@ 2026-05-02 21:24 ` Nuh.dev
0 siblings, 0 replies; 8+ messages in thread
From: Nuh.dev @ 2026-05-02 21:24 UTC (permalink / raw)
To: Bitcoin Development Mailing List
[-- Attachment #1.1: Type: text/plain, Size: 3828 bytes --]
Yes, STARK proofs are post quantum secure, as they don't require much more
than polynomials and hash functions, and they don't have trust assumptions
like SNARKs, which is why they are called scalable Transparent arguments of
knowledge.
STARKs are not too difficult to vaguely understand, and in fact they aren't
too different from FlyClient, both start from an interactive proof, then
use Fiat-Shamir heuristic too convert it into a non-interactive proof, the
major difference is that FlyClient does that over a specific function (sum
of Work), whereas STARK needs to prove arbitrary functions, usually a CPU
instruction set.
Finally, there will most likely not be any future soft forks, not even
string concatenation in Script, so we are lucky this one doesn't need
consensus change.
On Saturday, 2 May 2026 at 23:07:22 UTC+3 Zac Mitton wrote:
> It makes sense that a STARK proof can do similar, however the 2 benefits
> to this would be that (1) This doesnt require (any) more strict assumptions
> which I'm assuming STARKS do, and (2) just the sheer simplicity of its
> design. Sorry to bring up a touchy topic but is the STARK version quantum
> safe, for instance? The flyclient version requires no new cryptographic
> assumptions beyond the "honest mining majority" used currently.
>
> Admittedly my dumb brain understands it better. I assume it would get
> grouped into some larger softfork rollout...
>
> On Friday, May 1, 2026 at 5:03:47 AM UTC-4 Nuh.dev wrote:
>
>> FlyClient is very useful compared to SPV client, especially for
>> blockchains with much more headers per day than Bitcoin. But fortunately,
>> this is one of the few soft forks that we don't actually need, because we
>> can substitute with a STARK proof as you can see here;
>> https://github.com/starkware-bitcoin/raito ... so any energy for
>> gathering consensus for a soft fork, before Bitcoin ossifies forever, is
>> better spent elsewhere.
>>
>> On Thursday, 30 April 2026 at 21:55:05 UTC+3 Super Testnet wrote:
>>
>>> Seems pretty cool. It looks like it has similar trust assumptions as a
>>> standard light client: the light client trusts the merkle root once it is
>>> buried under several blocks of proof of work, believing that an attacker is
>>> unlikely to do all that work just to fool a light client (especially when
>>> they could have been actually mining bitcoin with all that hashrate). A
>>> nice property is that, to get started, a fly client does not have to
>>> download a variable number of block headers (namely, all of them, however
>>> many there are), only a constant number of block headers, and it's a pretty
>>> small total number. That property seems to make fly clients more efficient
>>> than standard light clients.
>>>
>>> On Wednesday, April 29, 2026 at 5:03:36 PM UTC-4 Zac Mitton wrote:
>>>
>>>> Hi, Ive been looking into FlyClient first described here
>>>> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
>>>> BIPs, or previous discussion in this forum about it either.
>>>>
>>>> On bitcoin It could allow a light-client to verify the entire work of
>>>> the heaviest chain with a single ~100KB proof.
>>>>
>>>> It can theoretically be done as a soft-fork by injecting a single hash
>>>> into the coinbase tx (similar to how segwit is committed to).
>>>>
>>>> What do you guy's think?
>>>>
>>>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/85d0e4fb-26d5-44be-8c1b-461607b2fc28n%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 5347 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bitcoindev] Re: Fly Client Proposal
2026-04-29 21:00 [bitcoindev] Fly Client Proposal Zac Mitton
2026-04-30 18:52 ` [bitcoindev] " Super Testnet
@ 2026-05-03 16:56 ` Tom Harding
[not found] ` <CAOsDwYbfZXKe_dcNoL_t2DSrWokUXC2OJh33J8=CDHmO=n3AhA@mail.gmail.com>
1 sibling, 1 reply; 8+ messages in thread
From: Tom Harding @ 2026-05-03 16:56 UTC (permalink / raw)
To: Bitcoin Development Mailing List
[-- Attachment #1.1: Type: text/plain, Size: 1304 bytes --]
In the linked presentation by Benedict Bünz, it's worth listening to the
first audience question/answer. Questioner is spot on that an SPV client
polling the network to gain probabilistic confidence of unspentness could
easily subsume the task of gaining input inclusion proofs from the network,
with no forking change necessary.
On Wednesday, April 29, 2026 at 2:03:36 PM UTC-7 Zac Mitton wrote:
> Hi, Ive been looking into FlyClient first described here
> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
> BIPs, or previous discussion in this forum about it either.
>
> On bitcoin It could allow a light-client to verify the entire work of the
> heaviest chain with a single ~100KB proof.
>
> It can theoretically be done as a soft-fork by injecting a single hash
> into the coinbase tx (similar to how segwit is committed to).
>
> What do you guy's think?
>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/0aadce7a-b08b-4fd2-8bae-37df1cfc54afn%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 2091 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoindev] Re: Fly Client Proposal
[not found] ` <CAOsDwYbfZXKe_dcNoL_t2DSrWokUXC2OJh33J8=CDHmO=n3AhA@mail.gmail.com>
@ 2026-05-04 16:26 ` Tom Harding
2026-05-04 22:34 ` Zac Mitton
0 siblings, 1 reply; 8+ messages in thread
From: Tom Harding @ 2026-05-04 16:26 UTC (permalink / raw)
To: Zac Mitton; +Cc: Bitcoin Development Mailing List
[-- Attachment #1: Type: text/plain, Size: 2042 bytes --]
Zac,
That's probably because the question, and my post, are off-topic. They
are not about FlyClient, which is not interesting to me because
bitcoin's header chain is tiny.
Instead they touch on two techniques which would improve on most
historical implementations of SPV clients by adding protocol support for
them.
Sorry for the distraction.
Tom
On 5/3/26 12:26, Zac Mitton wrote:
> Tom I can’t seem to grok the question or your explanation of it. Could
> you spell it out for us in detail?
>
>
> Thanks, Zac
>
> On Sun, May 3, 2026 at 12:58 PM Tom Harding <tomh@thinlink.com> wrote:
>
> In the linked presentation by Benedict Bünz, it's worth listening
> to the first audience question/answer. Questioner is spot on that
> an SPV client polling the network to gain probabilistic confidence
> of unspentness could easily subsume the task of gaining input
> inclusion proofs from the network, with no forking change necessary.
>
> On Wednesday, April 29, 2026 at 2:03:36 PM UTC-7 Zac Mitton wrote:
>
> Hi, Ive been looking into FlyClient first described here
> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't
> see any BIPs, or previous discussion in this forum about it
> either.
>
> On bitcoin It could allow a light-client to verify the entire
> work of the heaviest chain with a single ~100KB proof.
>
> It can theoretically be done as a soft-fork by injecting a
> single hash into the coinbase tx (similar to how segwit is
> committed to).
>
> What do you guy's think?
>
>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/4516f3ab-0715-4dd9-825c-eed4eac3065a%40thinlink.com.
[-- Attachment #2: Type: text/html, Size: 4327 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoindev] Re: Fly Client Proposal
2026-05-04 16:26 ` Tom Harding
@ 2026-05-04 22:34 ` Zac Mitton
0 siblings, 0 replies; 8+ messages in thread
From: Zac Mitton @ 2026-05-04 22:34 UTC (permalink / raw)
To: Tom Harding; +Cc: Bitcoin Development Mailing List
[-- Attachment #1: Type: text/plain, Size: 2396 bytes --]
Ok, Let's keep this thread about Flyclient on Bitcoin. The challenges
related to actually getting a soft-fork into bitcoin are best discussed
elsewhere.
If anyone has information related to progress on this,
or implementation ideas please help by posting here or DMing me. I will try
to aggregate.
On Mon, May 4, 2026 at 12:26 PM Tom Harding <tomh@thinlink.com> wrote:
> Zac,
>
> That's probably because the question, and my post, are off-topic. They
> are not about FlyClient, which is not interesting to me because bitcoin's
> header chain is tiny.
>
> Instead they touch on two techniques which would improve on most
> historical implementations of SPV clients by adding protocol support for
> them.
>
> Sorry for the distraction.
>
> Tom
>
>
> On 5/3/26 12:26, Zac Mitton wrote:
>
> Tom I can’t seem to grok the question or your explanation of it. Could you
> spell it out for us in detail?
>
>
> Thanks, Zac
>
> On Sun, May 3, 2026 at 12:58 PM Tom Harding <tomh@thinlink.com> wrote:
>
>> In the linked presentation by Benedict Bünz, it's worth listening to the
>> first audience question/answer. Questioner is spot on that an SPV client
>> polling the network to gain probabilistic confidence of unspentness could
>> easily subsume the task of gaining input inclusion proofs from the network,
>> with no forking change necessary.
>>
>> On Wednesday, April 29, 2026 at 2:03:36 PM UTC-7 Zac Mitton wrote:
>>
>>> Hi, Ive been looking into FlyClient first described here
>>> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
>>> BIPs, or previous discussion in this forum about it either.
>>>
>>> On bitcoin It could allow a light-client to verify the entire work of
>>> the heaviest chain with a single ~100KB proof.
>>>
>>> It can theoretically be done as a soft-fork by injecting a single hash
>>> into the coinbase tx (similar to how segwit is committed to).
>>>
>>> What do you guy's think?
>>>
>>
>>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/CAOsDwYYw7bfRdfr5AsPWM1WmN7BePrvYDRQ2WRWhNpVcDHeo%2BA%40mail.gmail.com.
[-- Attachment #2: Type: text/html, Size: 4566 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2026-05-18 21:08 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-29 21:00 [bitcoindev] Fly Client Proposal Zac Mitton
2026-04-30 18:52 ` [bitcoindev] " Super Testnet
2026-05-01 8:42 ` Nuh.dev
2026-05-02 19:23 ` Zac Mitton
2026-05-02 21:24 ` Nuh.dev
2026-05-03 16:56 ` Tom Harding
[not found] ` <CAOsDwYbfZXKe_dcNoL_t2DSrWokUXC2OJh33J8=CDHmO=n3AhA@mail.gmail.com>
2026-05-04 16:26 ` Tom Harding
2026-05-04 22:34 ` Zac Mitton
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox