From c49bc72deeba6a60184e4be1724d9d3382eac59a Mon Sep 17 00:00:00 2001
From: moonsettler <moonsettler@protonmail.com>
Date: Wed, 27 Nov 2024 01:42:51 +0100
Subject: [PATCH] Add: Use for proving computation section

---
 bip-PC.md | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/bip-PC.md b/bip-PC.md
index 12227ca6e1..0782f69534 100644
--- a/bip-PC.md
+++ b/bip-PC.md
@@ -120,6 +120,25 @@ ELSE
 ENDIF
 ```
 
+### Use for proving computation
+
+Merkle trees can be used to prove out computation where the root of the tree
+represents the function and the leaves represent the inputs and output. There
+are practical limits to the entropy space for the inputs as it needs to be
+iterated over and hashed up.
+
+Currently MAST trees can cover 128 bits of entropy space, which is well over
+the practical limits to iterate over and merklize. Therefore we assume this
+capability does not materially extend what computations are possible to prove
+out in bitcoin script. While `OP_PAIRCOMMIT` is not limited to a height of 128,
+that should not be practically feasible to utilize.
+
+There is a way to reduce the size of the witness for proving out computation,
+by eliminating the merkle path inclusion proofs, using `OP_CHECKSIGFROMSTACK`
+together with `OP_PAIRCOMMIT`. This method involves deleted key assumptions,
+most likely using MPC to create an enormous amount of signatures for the stack
+elements representing the inputs and the output of the function.
+
 ## Reference Implementation
 
 A reference implementation is provided here:
@@ -174,7 +193,7 @@ TBD
 
 ## Credits
 
-Jeremy Rubin, Brandon Black, Salvatore Ingala, Anthony Towns
+Jeremy Rubin, Brandon Black, Salvatore Ingala, Anthony Towns, Ademan555
 
 ## Copyright