21inc’s Balaji S. Srinivasan recently pointed out an interesting paper that proposes to anonymize all Bitcoin transactions. The process is called Mimblewimble, and it prevents the blockchain from broadcasting user information.
Mimblewimble Proposes to Anonymize All BTC Transactions
The paper written by Tom Elvis Jedusor published on July 19 gives a comprehensive new outlook on the anonymization of Bitcoin transactions. Jedusor explains how Bitcoin exchanges can be monitored and mentions there are companies are being created at this very moment to bolster this activity.
The writer also acknowledges proposed solutions that are already on the table such as CoinJoin, encryption of broadcasted amounts, and the confidential transactions concept. All of these use cases are helpful, but face issues, such as data being leaked and CoinJoin’s need for interactivity.
The method Jedusor proposes has its own potential downfalls, one of them being the removal of Bitcoin’s script.
The author explains the theory:
Confidential Transactions and one-way aggregate signatures (OWAS).The first thing we need to do is remove Bitcoin Script. This is sad, but it is too powerful so it is impossible to merge transactions using general scripts. We will demonstrate that confidential transactions of Dr. Maxwell are enough (after some small modification) to authorize spending of outputs and also allows to make combined transactions without interaction. This is in fact identical to OWAS, and allows relaying nodes take some transaction fee or the recipient to change the transaction fees. These additional things Bitcoin can not do, we get for free.
The second section involves merging transactions across blocks using the Confidential Transactions protocol and CoinJoin. Jedusor extends the idea, so every nonexplicit input is deleted with its tethered output. All that remains is unspent outputs and can still be validated as one transaction. This created explicit amounts for new money, unspent outputs of transactions with merkle proof and excess k*G values for all transactions.
With the data held for all transactions, the blockchain is about 80GB of information to validate. The estimate using a Mimblewimble chain could reduce this by 50GB with the bonus of confidential transactions, and an obscured transaction graph claims the author.
There are a few questions people might ask when thinking about the Mimblewimble scheme, and Jedusor has explanations for these observations. However, the author has some issues regarding the proposed theory that he cannot answer at the time. This includes what script support is possible, can a discrete logarithm be combined, and issues with a denial-of-service option listing the wrong unspent outputs.
The Race For Anonymity
There are numerous projects trying to create better anonymity including protocols such as Dash, Zcash, Stash, and Monero. The paper does talk about Monero peg-ins for side chains as well. The research by Tom Elvis Jedusor gives another example of how cryptocurrency can be fungible in the long term without suffering from blacklisting or tainting.
On the flip-side, companies such as Elliptic and Chainaylsis are steadily on the move to improve their monitoring capabilities as user anonymity is becoming increasingly difficult to achieve across well known public blockchains. But while Mimblewimble could enhance transaction privacy on the Bitcoin network, more research and development will be required to resolve the remaining issues.
What do you think about the Mimblewimble concept? Let us know in the comments below.
Images courtesy of Pixabay