Bithoven Developer Guide

A guide to building safe, expressive smart contracts on Bitcoin.

Version 0.0.1 Beta Legacy / Segwit / Taproot

1. Introduction

Bithoven is a high-level, imperative programming language designed for Bitcoin smart contracts. It bridges the gap between complex contract logic and the low-level stack machine of the Bitcoin Virtual Machine (VM).

Unlike writing raw Bitcoin Script—which is notoriously difficult and error-prone—Bithoven allows you to write readable, auditable code with modern control flow (if/else), named variables, and built-in safety checks. It compiles down to highly optimized native Bitcoin Script.

Why Bithoven?

Imperative Syntax: Use familiar control flow instead of mental stack juggling.
Formal Safety: The compiler prevents "anyone-can-spend" bugs and signature reuse.
Zero-Cost Abstraction: Compiles to efficient opcodes with minimal overhead.

2. Getting Started

Installation

You can install the Bithoven compiler via the command line or package managers.

Terminal

# For Rust Users
cargo add bithoven

# For Node.js Users
npm install bithoven

# CLI Tool
cargo install bithoven

Online IDE

Try Bithoven instantly in your browser without installation:

Go to Bithoven Online IDE

3. Structure of a Contract

A Bithoven contract (file extension .bithoven) consists of three main parts:

Pragmas: Compiler directives.
Stack Definitions: The expected input variables (Witness data).
Logic Block: The executable code.

Example: Single Signature

// 1. Pragmas
pragma bithoven version 0.0.1;
pragma bithoven target segwit;

// 2. Stack Input Definitions (The "Witness")
(sig_alice: signature)

// 3. Logic Block
{
return checksig(sig_alice, "0245a6b3f8eeab8e88501a9a25391318dce9bf35e24c377ee82799543606bf5212");
}

4. Language Basics

Pragmas

Pragmas define the compiler version and the Bitcoin protocol target. The target controls opcode generation.

legacy: Generates P2SH-compatible script.
segwit: Generates P2WSH-compatible script.
taproot: Generates P2TR-compatible script (uses OP_CHECKSIGADD).

Types

Type	Description	Example
bool	Boolean values	true
number	Integer values (32-bit signed)	1000
string	Hex or ASCII string data	"secret"
signature	ECDSA or Schnorr signatures	sig_alice
pubkey	Valid public key point	"0245..."

Stack Input Definitions

Bithoven allows you to define multiple valid "spending paths" at the top of your file. The compiler verifies that every path is secure.

(condition: bool, sig_alice: signature) // Path A
(condition: bool, preimage: string, sig_bob: signature) // Path B

5. Control Flow

Conditionals

Use standard if/else logic.

if condition {
    // Branch A
    return true;
} else {
    // Branch B
    return false;
}

Assertions

Halts execution if false.

// Fails transaction if false
verify sha256(preimage) == "53de...4e45f";

6. Bitcoin Primitives

Time Locks

Keywords enforce 32-bit limits automatically.

older <n> Relative Timelock (CSV). Input must be older than n blocks.
after <n> Absolute Timelock (CLTV). Block height must be greater than n.

Cryptography

Hashing: sha256(data), ripemd160(data)

Signature Checks: Supports single and multisig via checksig.

// Single Signature
checksig(sig_var, "pubkey_hex")

// 2-of-2 Multisig
checksig [2,
(sig_alice, "pk_alice_hex"),
(sig_bob, "pk_bob_hex")
]

7. Security Features

Bithoven is "Correct-by-Construction." The static analyzer runs during compilation.

Liveness Safety

Ensures every variable (especially signatures) is consumed exactly once. Prevents signature reuse and resource exhaustion.

Semantic Security

Analyzes execution paths to ensure safe termination. Prevents Anyone-Can-Spend bugs.

Type Safety

Strictly validates types. Prevents consensus failures like arithmetic on strings or invalid public key points.

8. Examples

Hashed Time-Locked Contract (HTLC)

A standard contract used in Lightning Network. Alice can refund after a delay; Bob can redeem immediately with a secret.

pragma bithoven version 0.0.1;
pragma bithoven target segwit;

// Define inputs for both paths
(condition: bool, sig_alice: signature)
(condition: bool, preimage: string, sig_bob: signature)

{
    if condition {
        // Refund Path (Alice)
        older 1000; // Relative Lock
        return checksig (sig_alice, "0245...alice_pk...");
    } else {
        // Redeem Path (Bob)
        // Verify preimage matches hash
        verify sha256 sha256 preimage == "53de...hash_digest...";
        return checksig (sig_bob, "0345...bob_pk...");
    }
}

Inheritance Plan with Decay

Owner spends anytime. Heir spends after 1000 blocks with secret. Lawyer+Auditor multisig after 10,000 blocks.

pragma bithoven version 0.0.1;
pragma bithoven target segwit;

// Inputs corresponding to the 3 paths
(sig_owner: signature)
(sig_owner: signature, secret: string, sig_heir: signature)
(sig_owner: signature, secret: string, sig_heir: signature, sig_lawyer: signature, sig_audit: signature)

{
    // Path 1: Owner
    if checksig(sig_owner, "03da...owner_pk...") {
        return true;
    }
    else {
        older 1000; // Wait 1000 blocks

        // Path 2: Heir
        if sha256(secret) == "daed...hash..."
           && checksig(sig_heir, "0344...heir_pk...") {
                return true;
        }
        else {
            older 10000; // Wait 10,000 blocks

            // Path 3: Lawyer + Auditor Multisig
            return checksig[2,
                (sig_lawyer, "03da...lawyer_pk..."),
                (sig_audit, "03da...audit_pk...")
            ];
        }
    }
}