Mimblewimble

From CryptoWiki

Revision as of 08:56, 23 January 2022 by 5imp5on (talk | contribs) (1 revision imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Basics

"Mimblewimble – the much-heralded privacy protocol created in 2016 – anonymizes transactions through batching inputs per block, like a CoinJoin. After mixing the numbers associated with a sender in a pool of similar transactions, equivalent values are spit out on the other side as unidentifiable outputs.

Styled a confidential transaction (CT), this process typically works pretty well once it scales to a large enough anonymity set, wherein the sheer number of inputs shields the knowledge about the outputs after a mixing. In CT, the amount and public addresses are never exposed, mainly because addresses don’t exist in the Mimblewimble universe, just transaction inputs and outputs."

"In the summer of 2016, a person under the pseudonym “Tom Elvis Jedusor” (the evil wizard Voldemort’s real name in the French Harry Potter novels) published awhite paper, to be mysteriously dropped in a Bitcoin research chat channel. In it, he described a proposal called “Mimblewimble” (a reference to a Harry Potter spell), which presented a radical slimming-down of the Bitcoin protocol.

"Mimblewimble is based on some of Bitcoin’s familiar privacy features. One of these is Confidential Transactions, which was mostly developed by Bitcoin Core and Blockstream developer Gregory Maxwell and is currently deployed on Blockstream’s Elements Alpha sidechain.

Another familiar Bitcoin trick that inspired Mimblewimble is CoinJoin, first proposed by (again) Maxwell.

with Mimblewimble there is no longer really such a thing as a transaction history per coin. Each coin does have a specific block in which it was first created. But from then on, its value simply becomes part of the combined Unspent Transaction Output (UTXO) set, which defines all outputs that store coins and could potentially be spent at any time.

This means that in order to verify new transactions, nodes no longer need to care about previous transactions. All they need to care about is that the specific outputs used are valid.

Mimblewimble, in its current form, is not very compatible with the Bitcoin protocol. This is mainly because for Mimblewimble to work, script must be purged from transactions. As such, there would no longer be room for a whole set of Bitcoin features, like time-locked transactions (used for the Lightning Network among other things), atomic swaps (for cross-blockchain interoperability), and more.

But that doesn’t make Mimblewimble useless. Mimblewimble may, for instance, be the perfect fit for a privacy-focused sidechain. Bitcoin users could lock their bitcoins into a specific output on the Bitcoin blockchain and “move” their coins to the Mimblewimble chain. On this sidechain, users could transact freely and privately for as long as they want, until the new owner decides to “move” the funds back to the Bitcoin blockchain by unlocking the original output.

Due to the efficiency offered by Mimblewimble’s sidechain, the added burden of maintaining it would be very manageable. Moreover, it could potentially unload much data from the Bitcoin blockchain, increasing scalability even for those who don’t use Mimblewimble at all. Where sidechains are typically not considered a scaling solution, Mimblewimble offers one.""

  • For more in depth information read the full article here.
  • And another more in depth explanation can be found here

Grin and Beam

"Two projects are close to realizing versions of the Mimblewimble protocol, which will be launched as separate cryptocurrencies. Beam and Grin, are set to launch on Dec. 30 and Jan. 15 respectively. Beam did launch on the 3rd of January.

The first project is developed by a group of mostly pseudonymous volunteer contributors, several of which are using Harry Potter-related screen names — like “Ignotus Peverell,” who started the project. They call their upcoming cryptocurrency “Grin” (yet another Harry Potter reference), which is being implemented in the coding language Rust. Similar to projects like Bitcoin and Monero, Grin will not be maintained by any specific company or foundation, nor will it do an ICO or anything of the sort; instead, the project accepts donations. Once launched, miners will be able to mine one coin (“grin”) per second on average, and (unlike Bitcoin) this rate will never decrease. Grin is currently being tested and is roughly expected to launch in early 2019.

The second project was announced more recently and is called Beam. Beam is being implemented in coding language C++ (like Bitcoin Core). More comparable to Zcash, Beam will be launched and maintained by a for-profit company with the same name (currently headed by Israeli entrepreneur Alexander Zaidelson), though this maintaining role should later transition to a non-profit foundation. Beam will also have a founders’ reward: the Beam company and foundation will receive 20 percent of all newly mined coins for the first five years. It’s not yet announced what Beam’s emission schedule will look like, but (unlike Grin and like Bitcoin) it will be capped. Beam is also being tested right now and is scheduled to launch in December 2018.

Each project deploys a slightly modified version of Equihash, and both have committed to changes in order to manage highly-optimized, application specific integrated chips, or ASICs.

Currently, Grin combines Equihash with another proof-of-work algorithm, named Cuckoo Cycle, which is intended to block the use of ASICs by making the algorithm less predictable.

After two years, Grin will settle on Cuckoo Cycle permanently, with the belief that ASIC hardware will have become more affordable by that time.

Beam has announced a similar strategy, launching with a slightly modified version of Equihash that only general purpose hardware (GPUs) should be able to mine. However, it only intends to keep the ASICs at bay for a 12 month period, giving the GPU miners a “head start,” Corem said."

Litecoin

"Litecoin is relying on a technology called mimblewimble, which reduces the amount of data that’s publicly visible on the main blockchain network, through the use of “extension blocks” that help to hide inputs and outputs."

On Quantum Secureness

"The other issue is that these things aren't quantum secure. Right now in bitcoin all of our signatures will be broken as soon as there are practical quantum computers that exist. If we had confidential transactions, then not only would the signatures be broken and coins vulnerable to theft, but also the soundness of the system would be in question. Anyone who claimed to own any amount of coins, just instantly everything is gibberish. petertodd has argued this is a benefit for something like mimblewimble-- if a quantum computer shows up, then every single output that ever existed on the mimblewimble chain can suddenly - to every value. So the entire chain then deletes itself. So that's pretty cool. That's kind of crazy. But it doesn't fit into the bitcoin ethos super well.... a very vocal segment of bitcoiners don't want everything to go away. So until we have a quantum secure version of something like bulletproofs or confidential transactions, my feeling is that it's not going to happen in bitcoin."