In 2009, Satoshi Nakamoto launched Bitcoin with the genesis hash "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks".

What you might not know was this was not the first genesis block. An early prerelease version of the bitcoin source code, distributed on the metzdowd cryptography mailing list, contained an alternative genesis block mined in 2008, on the date the Lehman Brothers filed for bankruptcy (credit: SerHack).

bitcoin-nov08.tgz / bitcoin.cpp:39
0x000006b15d1327d67e971d1de9116bd60a3a01556c91b6ebaa416ebc0cfaa646

tinychain is a chain building upon Satoshi's alternative genesis block. We are building a modern, cleanroom implementation of a Nakamoto blockchain, that automatically compresses its history in realtime using ZK proofs, and allows anyone in the world to sync the chain in only 10s.

Philosophy.

Our goal: to give everyone on the planet a cryptographically-sovereign bank account.

How? By building a Nakamoto chain where syncing your node takes only 10s.

We believe this is not only possible, it is the only way forward. There are 8.1B people in the world. If each person had a bitcoin account denoted by (pubkey [32]byte, balance uint64) pair, the total state size would be 40 B * 8100000000 B = 324 GB.

With ZK proofs, we can ensure anyone can run a node with zero reliance on external centralizer infrastructure (e.g. indexers). A tinychain node downloads the latest block headers (~5MB, 1 proof) and verifies the proof which demonstrates this is the longest chain (~10s). Then to query balances, they download the latest balance (40 bytes) for an account from a distributed hash table, and verify it belongs to the current state root using a Merkle proof (32 * 32B = 1KB).

The total cost to access the network and sync your account for anyone in the world? A 56kB/s internet connection, 1MB of storage, and a CPU that existed in the early 2000's.

Why proof-of-work?

A simple question is - why proof-of-work? Proof-of-work consensus is the ultimate in liveness mechanisms for blockchains. Proof-of-stake, although effective, is still not as simple and robust as proof-of-work. Using just two nodes and an internet connection, POW can run a full financial system that will outlast the bureaucratic machinery of any one nation state fiat.

Why not upgrade Bitcoin?

We believe in building the most efficient chain. Bitcoin is weighed by 15 years of technical complexity (SegWit, etc.), which transfers into additional ZK proving work, thus decreasing the speed of proofing and increasing the size of proofs.

There is a real opportunity to both take what we have learnt about blockchains in 15 years, as well as economic distributions, and regenerate the old money into the new.

Tinychain will do one thing and do it really well - an alt-sovereign store-of-value asset ($TNY), that is securely transferable to any blockchain network due to ZK proofs, widely distributed through anti-centralizing POW block rewards, with an extremely lightweight node software (>10K LOC) that allows anyone to sync and access to the Tinychain payment network near-instantly (10s, 1x 5MB proof download) with zero configuration and dependencies.

Design.

tinychain augments the core Nakamoto primitives with ZK-friendly ones:

• Hashcash: SHA256 -> Poseidon.
• Signatures: ECDSA signatures -> ZK signatures which show knowledge of a hash's preimage.
• Scripts/VM: Script -> commitments to provable spending conditions which allow Turing-complete computation with fixed-size verification cost (1 groth16 proof).
• Blockchain history: blocks processed into state -> succinct state snapshots with ZK-STARK/SNARK proofs of validity.

In doing so, we make it possible to efficiently prove the validity of blocks, and thus the history of nakamoto state, in realtime.

• In addition to mining the POW solution, miners generate a proof of their block before disseminating it.
• Each proof shows the validity of the POW solution, the signatures of all transactions, and the new accounts state. Proofs verify the proof of the previous block using recursive verification.
• Bitcoin scripts is replaced by commitments to script programs. In order to spend a UXTO, you produce a proof of evaluating that program and unlocking the coin. Developers can use this to build privacy pools for example, by
• Using the groth16 ZK-SNARK proving scheme, with the BN256 curve, and Poseidon hash function, we can create proofs of size 32B (3 field elements of 8 bytes each) and verify them in 1.2ms [1].
• By building atop proof aggregation [2] and recursive verification schemes (using mixtures of proving schemes [3]), it is possible to rollup these proofs into a single proof.

With this design, we can ensure that the entire history of the chain is compressed into a series of proofs, which can be verified in realtime by any node in the network.

Consequently, it becomes possible to securely bridge $TNY to other blockchain networks such as Ethereum because of ZK proofs. We believe enshrining the ZK proofing as part of Tinychain, rather than relying on external dependencies such as prover networks, is the right decision for the long-term sovereignity of the chain.

Distribution.

Tinychain is designed to fulfill Satoshi's original vision for Bitcoin as global P2P alt-sovereign hard money. As such, 95% of the Tinychain supply will be distributed permissionlessly through mining.

The Tinychain token, $TNY, will be widely distributed to every person with a computer in the entire world, as Satoshi desired.

To prevent centralization of mining power (ASIC's and FPGA's) which skews the distribution of $TNY, Tinychain will reuse the Ethash POW kernel pioneered by Ethereum, adapted for ZK proofing.

Our fundraise.

We are hosting an uncapped IDO raise of $5M for 1% of the $TNY supply (and only that). Buyers will have their tokens generated at launch with 4YR linear unlock (matching the release of the first 1% of block rewards). We are looking for investors who believe in the vision of a world where everyone has a crypto bank account, and are willing to support us in building it.

Who is behind this?

• liamzebedee: core developer
• 0x13rian: core developer
• 0xymoron: core developer

A final note.

I believe with ZK proofs we have a real opportunity to build "Bitcoin 2.0", that is 1,000x faster to access, while retaining the same robustness and security of POW. Moreso, I believe it is our responsibility to Satoshi to fulfill his vision - global, P2P money that is distributed fairly and widely.

And emphasis on fairly. Tinychain's economics will not be a series of private rounds and then dumping on retail. We will be selling 1% of the total supply in a fair raise and that's it.

It's time we get back to our roots. Stay humble, mine tiny.