Mimblewimble, or How Blockchain Sorcery Works

In October 2016, at the opening of the international conference Scaling Bitcoin in Milan, Blockstream developer Andrew Poelstra proposed a Bitcoin’s scaling solution called Mimblewimble. On July 19, 2016, the white paper of the project was published under the pseudonym Tom Elvis Jedusor (French for Harry Potter’s archnemesis Lord Voldemort). The author says that he called his creation Mimblewimble, because “it is used not to let the blockchain babble out user information” (in the book Harry Potter and the Deathly Hallows, Mimblewimble is the tongue-tying spell that binds the tongue of the victim, not allowing it to utter a single word).

The technology is aimed at increasing the privacy, scalability, and interchangeability of Bitcoin tokens, and since 2016, the service has been looking for ways to integrate into the project. “Mimblewimble is a Bitcoin solution that can be implemented as a soft fork or sidechain. Also, the Lightning Network protocol can operate on top of Mimblewimble,” Andrew Poelstra said. In its present form, however, Mimblewimble is difficult to be made compatible with the Bitcoin protocol, since it requires removing scripts contained in the inputs and outputs of Bitcoin transactions and confirmation of their validity. “It’s sad, but we’ll demonstrate that Dr. Maxwell’s confidential transactions (after a little refinement) will be enough to authorize expended outputs,” says the crypto Voldemort.

By “Maxwell’s confidential transactions,” the white paper author means a technology that allows for hiding the number of transmitted Bitcoins. This idea was first proposed in 2013 by the current president of Blockstream Adam Beck and then developed by Bitcoin Core developers Gregory Maxwell, Pieter Wuille, and Andrew Poelstra. Later, it was implemented in Elements, the test side blockchain of Blockstream. To encrypt the number of Bitcoins, private transactions use “blinding factors,” or a string of random numbers. But if in the implementation of Blockstream these numbers were set by the sender and deciphered by the recipient using the information contained in the transaction, Mimblewimble reverses this technique, allowing the recipient to generate a string of random digits, discarding private keys and addresses.

As explained by Catheryne Nicholson, the CEO and co-founder of BlockCypher for blockchain applications, “MimbleWimble is initially private,” without a ring signature, as in Monero, and without a zero-knowledge proof (zk-SNARK in Zcash), “all transaction details are completely hidden, there are no addresses that can be reused or identified, all transactions from the outside look the same.”

The main requirement for Mimblewimble transaction participants is to prove that no new coins have been created. For this, a balance equation is created that demonstrates that the sum of the outputs less the inputs is zero. And with the addition of “blinding factors,” the equation remains true. Nicholson gives an example of the transaction equation: 17 + 12 = 29, where 17 and 12 are the outputs, and 29 is the input, then an arbitrary “blinding factor” is added, in this case, the number 11, and we get: 17 * 11 + 12 * 11 = 29 * 11, or 187 + 132 = 319. The balance equation still proves that no new coins were created, but without knowing the “secret number” 11, one cannot obtain the original details of the transaction.

This scheme also allows solving the problem of scaling, discarding the inputs and outputs that have already been “self-verified.” When using Mimblewimble, the nodes only need to know that the concrete outputs are valid, while in the Bitcoin network, validation of the entire blockchain, which now exceeds 145GB, is necessary to confirm the last transaction. Mimblewimble grows with the number of users, and transactional data stored on the blockchain does not increase as nodes store only unused outputs and block headers. In turn, the removal of “extra” data also contributes to increased privacy.

The next improvement that follows is that the concept of transaction history disappears, which makes tokens interchangeable, unlike today’s Bitcoins. Catheryne Nicholson calls interchangeability a key characteristic of the currency, citing the identity between paper and minted dollars as an example. Since the Bitcoin’s blockchain retains all inputs and outputs, each coin has its own “history.” Thus, a hierarchy of coins is created, where the most valuable are the Bitcoins obtained during the extraction of a new block. The purchase of such “clean” coins often includes a premium, whereas tokens with a darknet-past are much more difficult to spend. And since Mimblewimble discards the inputs and outputs at the end of the transaction, all coins are equal and interchangeable. In addition, when processing Bitcoin transactions in their current form, payment services, miners, and exchanges see inputs and history, evaluating the “quality of the transaction,” while confidential Mimblewimble transactions allow the user to choose what data to disclose and also determine the time and manner of using such data by third parties.

At the end of 2016, the developer under the pseudonym Ignotus Peverell (the owner of the Cloak of Invisibility in the Harry Potter series) started the GitHub project called Grin. The “Credits” section includes the names of Tom Elvis Jedusor “for the first outline of Mimblewimble,” Andrew Poelstra “for his contribution,” John Tromp “for creating the Cuckoo Cycle proof-of-work algorithm,” and Joanne Rowling “for that she did it, despite extreme difficulties.”

In September 2017, developers announced the creation of their own cryptocurrency, the Grin. Due to the difficulties in integrating with Bitcoin, it was decided to follow the path of creating an independent blockchain. “Although Grin did not start from the place I would have preferred, everything is moving in the right direction, i.e., towards increasing confidentiality and scaling Bitcoin,” said Andrew Poelstra. He also does not rule out that in the future the Grin will be tied to Bitcoin. In November of last year, the project launched a test network, the Testnet1 and test tokens, which can be sent to other network members. The main goal is to detect vulnerabilities before the launch of the main network and the real cryptocurrency. “We hope to receive as many messages about bugs as possible so that we can eliminate the shortcomings that were looked through,” said the lead developer Ignotus Peverell. According to him, this is the first network that tests what has developed already, namely a peer-to-peer network, a mechanism for reaching consensus, a Mimblewible cryptographic chain protocol, and a software wallet. But further test versions are planned (the next one is planned for the spring of this year), which will include “scriptless scripts” for the implementation of the Lightning Network, multi-signatures, and the Bulletproofs privacy technology. In mid-December, Grin also announced the first fundraising, designed to raise $30,000 in Bitcoins to support the full-time work of developer Michael Cordner throughout the year. One of the first donations was from Catheryne Nicholson of BlockCypher. At the moment, according to Ignotus Peverell, a full-fledged launch is scheduled for “sometime in 2018.”

Source: Read Full Article

Leave a Reply