aw shucks, i missed that. should have used the gist link.

optimism

theariard

, but i'm leaving this one up because maybe it will catch a little more discussion

This is an interesting idea in a mailing list post by 

: locking bitcoin into a script that can be redeemed by anyone who can provide cryptographic proof that a specified computation was performed and that the result satisfies predefined constraints.

A simplified description of this might be locking bitcoin bounties into addresses that can be claimed by anyone who proves they did the specified computation.

Here is some of how Ariard describes it in his 

Running a simple accountable computing contract for a single AI agent task supervision can be described as publishing a data D, with a reward R locked under a lock L that can be unlocked by a string S respecting the constraints C before the expiration of a time T.

Once the init transaction is confirmed, the problem is solvable by any lively AI agent scanning the bitcoin blockchain and earnmarking flagged P2TR utxo annexes to "mine" for solutions. When such annex is found, the agent reaches Robinson's contract orchestrer, download the full problem description and attempts to solve it.

The AI agent computation is considered as a "black box". When a solution is found which can be evaluated by the agent by running H(X) = Y, a zero-knowledge proof can be generated by his local prover. This zero-knowledge proof can be committed in the claim transaction witness and this transaction submitted for inclusion to the chain.

I think the problem, which Ariard acknowledges, is that it might take quite a bit of computation/planning/setup in order to structure an adequate definition of a correct answer that is machine-checkable and specifies a useful output.

there is an uncertainty on the generation cost of the constraints for the user group wishing to have a verifiable computation done by an AI agent. For the contract to be economically interesting for them, the expression cost should be strictly inferior to the resolution one.

Seems like something fun to think about, though.

bitcoin

*This was posted earlier: https://stacker.news/items/1511094, but i'm leaving this one up because maybe it will catch a little more discussion*

This is an interesting idea in a mailing list post by @theariard: locking bitcoin into a script that can be redeemed by anyone who can provide cryptographic proof that a specified computation was performed and that the result satisfies predefined constraints.

A simplified description of this might be locking bitcoin bounties into addresses that can be claimed by anyone who proves they did the specified computation. 

Here is some of how Ariard describes it in his [post](https://groups.google.com/g/bitcoindev/c/S4jM2mpMrbU/m/fvvmA5A2DgAJ):

> Running a simple accountable computing contract for a single AI agent task supervision can be described as publishing a data D, with a reward R locked under a lock L that can be unlocked by a string S respecting the constraints C before the expiration of a time T.

> Once the init transaction is confirmed, the problem is solvable by any lively AI agent scanning the bitcoin blockchain and earnmarking flagged P2TR utxo annexes to "mine" for solutions. When such annex is found, the agent reaches Robinson's contract orchestrer, download the full problem description and attempts to solve it.

> The AI agent computation is considered as a "black box". When a solution is found which can be evaluated by the agent by running H(X) = Y, a zero-knowledge proof can be generated by his local prover. This zero-knowledge proof can be committed in the claim transaction witness and this transaction submitted for inclusion to the chain.

I think the problem, which Ariard acknowledges, is that it might take quite a bit of computation/planning/setup in order to structure an adequate definition of a correct answer that is machine-checkable and specifies a useful output. 

> there is an uncertainty on the generation cost of the constraints for the user group wishing to have a verifiable computation done by an AI agent. For the contract to be economically interesting for them, the expression cost should be strictly inferior to the resolution one.

Seems like something fun to think about, though.