Clemens Ley gave a great presentation a few months ago about his project called Bitcoin Token. For me, the presentation not only explained his project, but at a higher level explained how smart contracts and tokens can work on Bitcoin Cash.
Ethereum is by far the market leader in smart contracts. ERC-20 tokens (ICOs) and ERC-721 non-fungible tokens (crypto collectibles) are very popular and many people are developing interesting projects using this technology.
One thing Clemens' explained during his talk is how smart contracts and tokens are two sides of the same coin. A smart contract defines how tokens are created and can be transferred. For instance, with CryptoKitties, a smart contract defines how kitties are created and how they can be transferred between users.
Bitcoin has a scripting language that defines how coins are transferred. This language is fairly simple and isn’t easy to use for complex logic. So far the primary scripts used are for simple transfers. While many have experimented with interesting scripts that can be written, no tokens or smart contracts have become popular.
Ethereum on the other hand has a scripting language that makes it easier to do complex logic and store state. This has led to a large adoption of Ethereum for smart contracts and tokens. The downside, however, is that the Ethereum blockchain is growing very quickly with state and miners reached throughput capacity when a single Ethereum “dapp” became popular - CryptoKitties.
Bitcoin Token and all other token solutions on BCH, take a different approach than Ethereum. Instead of miners validating smart contracts, smart contracts are only evaluated by the parties involved. Transferring tokens look the same as a normal bitcoin transaction with the exception of some extra data. Miners can essentially ignore the additional data, however to the interested parties this data will define the token transfer.
So what are the risks of having smart contracts that are not evaluated by miners? What’s to stop people from generating additional tokens, how do you know which tokens are valid if miners aren’t validating them?
Let’s say Alice creates her own token called AliceToken and sends 10 AliceTokens to Bob. To do this Alice sends Bob a small amount of BCH with some extra data that says “send 10 AliceTokens”.
Bob then transfers the 10 AliceTokens to Carol. To do this, Bob uses that same UTXO and sends it to Carol with “send 10 AliceTokens”. Even though miners are not aware of these AliceTokens, Alice, Bob, and Carol have all agreed these are valid tokens and they can freely transfer them using blockchain transactions.
Now let’s say Bob decides he didn’t agree to the original smart contract and that under his smart contract he can generate extra AliceTokens. So instead of his transaction to Carol saying “send 10 AliceTokens”, it says “send 20 AliceTokens”. This is still a valid blockchain transaction. But, since Alice and Carol did not agree to Bob being able to generate additional tokens, this becomes an invalid token transfer. Not only are the additional tokens not generated, Bob’s original 10 tokens are also lost since Bob already spent the UTXO.
Let’s say Bob’s friend Dave agrees with Bob that the smart contract allows him to do this and that Bob had sent Dave the tokens instead of Carol. In a worst case scenario this could lead to something similar to a chain split. However with layer-2 tokens it wouldn’t work the same as a layer-1 chain split. Since tokens are tied to UTXOs they can only be sent once.
What this means is that a token split doesn’t result in you getting two tokens like with a chain split. Instead you have to choose which smart contract to continue following. Do you follow Bob’s version of AliceToken or Alice’s? If you transfer your token to someone using Alice’s rules they will be considered lost to anyone using Bob’s rules. Conversely, if you transfer your token using Bob’s rules they will be considered lost by anyone following Alice’s rules.
Even though only a small number of people are validating the smart contract it still gets to inherit the main benefits of bitcoin - namely preventing double spending. Token splits are riskier since you must sacrifice your tokens on the main chain in order to split off. Would any of the other bitcoin forks exist if they had to sacrifice their BTC?
Having smart contracts as a layer on top of bitcoin means miners don’t have to evaluate the smart contracts. This also means they don’t have to keep state (like the number of tokens each person has). Both of these have big scaling implications.
Ethereum ran into scaling issues when a single dapp became popular, CryptoKitties. They have scaling plans around PoS and sharding but those are still experimental and it’s not clear if they will be able to implement them successfully.
Having smart contracts as a layer-2 means you can write as complex or stateful contracts as you want without overloading the network. You still get many of the benefits of blockchain and the BCH network and have strong incentives to not have a token split since you must sacrifice your tokens to split off.
This can be thought of similar to TCP/IP with packets being equivalent to transactions. Network switches only care that the packet is valid in order to relay it. They don’t care what data is inside. SSH exists on top of TCP/IP. Tokens and smart contracts will be data inside transactions that miners can ignore, as long as the transaction is valid it will be accepted.
I’m looking forward to BCH becoming a major player in the token space and showing what layer-2 really looks like.