I recently wrote a message that will forever be included in the #bitcoin blockchain. This got more attention than I expected, so I decided to dive into this controversial and misunderstood function of bitcoin called op_return.

Here's what a learned: a thread (1/23)

But first, here's the message I wrote.

The point of this message was to prove that the government of China doesn't control bitcoin or bitcoin mining. Because if they did, then why have all the Chinese miners confirmed this transaction (3,000+ times)? https://twitter.com/pourteaux/status/1354114145961046016

Anyway, so how do you include a message in the bitcoin blockchain and what is it's purpose?

The way this is done is with an opcode (an instruction in bitcoin) called op_return.

op_return has a long and controversial history.

The story starts in 2010, when there was debate on bitcointalk about a proposal to include a DNS service on bitcoin called BitDNS. There was concern (including from Satoshi) that this would bloat the bitcoin blockchain, making it harder to do things like verify transactions.

Satoshi: "Piling every proof-of-work quorum system in the world into one dataset doesn’t scale. Bitcoin and BitDNS can be used separately. Users shouldn’t have to download all of both to use one or the other."

Some people point to this Satoshi quote as an implicit acceptance of altcoins, but I'll leave that debate for another day. And, BitDNS eventually did find a home in a separate blockchain called Namecoin. It never took off.

But, this isn't the end of the story.

A debate continued about the purpose of the bitcoin ledger. Is bitcoin for:
1. Recording financial transactions only, or
2. A secure, distributed data store

Option 1 is more scalable and sustainable. Option 2 allows for more experimentation and could grow the bitcoin ecosystem.

I'll keep my opinion to myself, but neither camp won. Instead, a compromise was struck in May 2014 where Bitcoin Core enabled extremely short (40 byte) messages in a function called op_return. This was a sufficient size to, for example, store hashes linked to an external service.

This was a compromise because while it allowed messages, the size was limited and importantly- **these messages were prunable.**

Super important concept: what does prunable mean?

Prior to op_return, people who wanted to write messages on bitcoin were sending btc dust payments to fake addresses where the address itself was the message. This was a problem because all unspent bitcoin outputs have to be stored by all nodes forever as part of the UTXO.

op_return fixed this, because op_return transactions are unspendable. Thus, nodes can safely ignore them since they are dead ends for btc and therefore take up no space in the memory of a bitcoin node.

These transaction are, however, forever stored in the bitcoin blockchain.

Even though Bitcoin Core allowed these short messages in op_return, the developers made no mystery of their opinion on using the bitcoin ledger in this way. From the release notes:

Fast forward to 2018 - 2019.

Something like 20% of all bitcoin transactions are op_return transactions during this time. These messages mostly came from two sources: Veriblock (an altcoin that settles on bitcoin) and Omni (a way to mint tokens like Tether with bitcoin).

Bitcoin fees were quite high at this time due to op_return.

Supporters of op_return argue that this is good for bitcoin: raises demand for btc and pays fees to miners to secure the network.

Opponents say say these were crowding out bitcoin's intended financial transactions.

In all, Veriblock and Omni added about 10GB to the bitcoin blockchain from 2018 - 2019 with about 32 million transactions. (Link to a good academic article on this). https://link.springer.com/article/10.1007/s10723-020-09537-9

Today, Veriblock/Omni have fallen out of favor, but the 10GB contribution to the blockchain is a permanent cost to nodes (some label it as "pollution"). But, because op_return transactions are prunable, there is luckily no memory cost since they aren't included in bitcoin's utxo.

Yet, op_return remains. Does it have any use?

Well, it's safe to say that it isn't being used much currently. http://opreturn.org  does a good job tracking this.

Many argue that the functions op_return was used for are better off being executed with things like timestamps (eg, @opentimestamps) that don't bloat the bitcoin blockchain while still allowing you to prove the existence of something at a certain time (akin to a digital notary).

I'm motivated a lot by freedom of expression and human rights, so while learning about op_return, I included some human rights oriented messages. https://twitter.com/pourteaux/status/1358056621025472512?s=20

I'll leave it up to you whether you think this is a valid use case of bitcoin. To me, it seems incredible that these messages will forever be stored in the bitcoin blockchain and are beyond the reach of a censorious state. These values are what led me to bitcoin in 2012.

However, I'm also receptive to the idea that the use of op_return (especially in a systematic way) is a burden on full nodes.

Full nodes, of course, are paramount in bitcoin and we need to do everything we can to ease their use.

I hope you enjoyed this thread. I dove into op_return on an 8hr flight from BOS -> SF and wanted to share what I've learned. I did my best to be accurate, but I know there are many more sophisticated bitcoiners out there (please correct me).

A few resources I found very helpful:
https://bitzuma.com/posts/op-return-and-the-future-of-bitcoin/

https://en.bitcoin.it/wiki/OP_RETURN 

https://opreturn.org/op-return-per-month/

https://www.blockchainresearchlab.org/wp-content/uploads/2020/03/BRL-Working-Paper-No-7-Dominating-OP-Returns.pdf

END

(Also h/t to my expert bitcoiner friends on Signal who taught be a lot on this but I'll respect your privacy).

Addendum: an anon messaged me that you can easily write your own op_return messages with http://bitscribble.com 

I haven’t tried to confirm, but it looks legit!

More advanced users can learn to do this themselves.