From: "Nuh.dev" <ar.nazeh@gmail.com>
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: [bitcoindev] Re: Fly Client Proposal
Date: Sat, 2 May 2026 14:24:26 -0700 (PDT) [thread overview]
Message-ID: <85d0e4fb-26d5-44be-8c1b-461607b2fc28n@googlegroups.com> (raw)
In-Reply-To: <4cd9d2bd-28f8-47a5-95f5-a7c9ae222835n@googlegroups.com>
[-- Attachment #1.1: Type: text/plain, Size: 3828 bytes --]
Yes, STARK proofs are post quantum secure, as they don't require much more
than polynomials and hash functions, and they don't have trust assumptions
like SNARKs, which is why they are called scalable Transparent arguments of
knowledge.
STARKs are not too difficult to vaguely understand, and in fact they aren't
too different from FlyClient, both start from an interactive proof, then
use Fiat-Shamir heuristic too convert it into a non-interactive proof, the
major difference is that FlyClient does that over a specific function (sum
of Work), whereas STARK needs to prove arbitrary functions, usually a CPU
instruction set.
Finally, there will most likely not be any future soft forks, not even
string concatenation in Script, so we are lucky this one doesn't need
consensus change.
On Saturday, 2 May 2026 at 23:07:22 UTC+3 Zac Mitton wrote:
> It makes sense that a STARK proof can do similar, however the 2 benefits
> to this would be that (1) This doesnt require (any) more strict assumptions
> which I'm assuming STARKS do, and (2) just the sheer simplicity of its
> design. Sorry to bring up a touchy topic but is the STARK version quantum
> safe, for instance? The flyclient version requires no new cryptographic
> assumptions beyond the "honest mining majority" used currently.
>
> Admittedly my dumb brain understands it better. I assume it would get
> grouped into some larger softfork rollout...
>
> On Friday, May 1, 2026 at 5:03:47 AM UTC-4 Nuh.dev wrote:
>
>> FlyClient is very useful compared to SPV client, especially for
>> blockchains with much more headers per day than Bitcoin. But fortunately,
>> this is one of the few soft forks that we don't actually need, because we
>> can substitute with a STARK proof as you can see here;
>> https://github.com/starkware-bitcoin/raito ... so any energy for
>> gathering consensus for a soft fork, before Bitcoin ossifies forever, is
>> better spent elsewhere.
>>
>> On Thursday, 30 April 2026 at 21:55:05 UTC+3 Super Testnet wrote:
>>
>>> Seems pretty cool. It looks like it has similar trust assumptions as a
>>> standard light client: the light client trusts the merkle root once it is
>>> buried under several blocks of proof of work, believing that an attacker is
>>> unlikely to do all that work just to fool a light client (especially when
>>> they could have been actually mining bitcoin with all that hashrate). A
>>> nice property is that, to get started, a fly client does not have to
>>> download a variable number of block headers (namely, all of them, however
>>> many there are), only a constant number of block headers, and it's a pretty
>>> small total number. That property seems to make fly clients more efficient
>>> than standard light clients.
>>>
>>> On Wednesday, April 29, 2026 at 5:03:36 PM UTC-4 Zac Mitton wrote:
>>>
>>>> Hi, Ive been looking into FlyClient first described here
>>>> <https://www.youtube.com/watch?v=BPNs9EVxWrA&t=8386s>. I don't see any
>>>> BIPs, or previous discussion in this forum about it either.
>>>>
>>>> On bitcoin It could allow a light-client to verify the entire work of
>>>> the heaviest chain with a single ~100KB proof.
>>>>
>>>> It can theoretically be done as a soft-fork by injecting a single hash
>>>> into the coinbase tx (similar to how segwit is committed to).
>>>>
>>>> What do you guy's think?
>>>>
>>>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/85d0e4fb-26d5-44be-8c1b-461607b2fc28n%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 5347 bytes --]
next prev parent reply other threads:[~2026-05-02 21:26 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-29 21:00 [bitcoindev] Fly Client Proposal Zac Mitton
2026-04-30 18:52 ` [bitcoindev] " Super Testnet
2026-05-01 8:42 ` Nuh.dev
2026-05-02 19:23 ` Zac Mitton
2026-05-02 21:24 ` Nuh.dev [this message]
2026-05-03 16:56 ` Tom Harding
[not found] ` <CAOsDwYbfZXKe_dcNoL_t2DSrWokUXC2OJh33J8=CDHmO=n3AhA@mail.gmail.com>
2026-05-04 16:26 ` Tom Harding
2026-05-04 22:34 ` Zac Mitton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=85d0e4fb-26d5-44be-8c1b-461607b2fc28n@googlegroups.com \
--to=ar.nazeh@gmail.com \
--cc=bitcoindev@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox