Glossary

Covenant

2 min read

A Bitcoin Covenant is a type of transaction where the transaction’s output places conditions on how that particular output can be spent in the future. These spending constraints are distinct from those that already exist in Bitcoin transactions—where a valid signature and a particular pubkey are required to spend a UTXO.

Covenants extend Bitcoin’s script in meaningful ways; they enable use cases such as secure vaults, 2-way pegged drivechains, reduced spending on fees, decentralized options trading, batched lightning channel opens, multiparty (3+) lightning channels, and more.

Instead of going through each covenant implementation proposal, we will categorize them based upon functionality.

Generalized: These covenants are flexible in the applications and use cases enabled. The trade-offs here are that this flexibility comes with increased implementation complexities and the potential for tricky edge cases.

Restrictive: As the name implies, these covenants are focused on enabling a specific feature set and not much else—vaults, for example. The reduced functional scope of these proposals also reduces the complexities around implementation.

Another way to classify covenants is by examining if and how their constraints are propagated into the future. Covenants that replicate themselves and their rules into future UXTOs to which funds are sent, without limitation, are called Recursive. Conversely, those that apply their rules for one “round” of value flowing through whatever logic tree is implemented are called Non-recursive.

We can also consider how these proposed covenants would be implemented; if they are opcode-based, then a soft fork will be required in order to add any new operation(s) to Bitcoin script.

Signature-based covenants—wherein future (presigned) transactions can have their attributes verified by constructing them while executing the script and comparing hash values with OP_CHECKSIG—would not require a soft fork to implement.

“The main idea behind this category of covenants is that, while transaction information is not directly available inside Script, it is used to construct the value hash(tx) used internally in OP_CHECKSIG, so it’s possible to perform comparisons against it indirectly through hacks in the signatures passed to OP_CHECKSIG.” - bitcoincovenants.com

The trade-off with signature-based covenants is that all possible future transactions would need to be built, and signed, which means that users would have to commit to specific fee rates and private keys.

Additional Resources (non-exhaustive list of proposals):

Related Terms
Eltoo
Eltoo is a proposed upgrade to Bitcoin whose main goal is to improve layer two solutions, most importantly, the Lightning Network. Eltoo would allow descendant transactions to be signed before their ancestors are published to the blockchain.
Learn more.
Unspent Transaction Output (UTXO)
A UTXO is a discrete piece of bitcoin. Bitcoin does not use accounts and balances. Instead, individual pieces of bitcoin are owned by individuals, analogous to physical coins or cash.
Learn more.
Bitcoin Script
Script is the language Bitcoin uses to determine who can spend a given piece of bitcoin (a UTXO). Script is intentionally limited in order to maintain Bitcoin's simplicity and ensure that any individual can run a node and validate the blockchain.
Learn more.
Transaction
A transaction exists as a record of the transfer of bitcoin from one address to another. All transactions are recorded in blocks on the blockchain.
Learn more.
Explore More Terms