Bitcoin How Mimblewimble Could Make Bitcoin Work Better Published 2 years ago on September 4, 2016 By Lester Coleman The Money Makers Club now has 6 of 15 available seats. Learn more here! Mimblewimble claims to use a new cryptographic protocol that could revolutionize the way bitcoin works, making it more scalable and private. The protocol generates a blinding factor that can prove ownership of bitcoins, making private keys unnecessary, and offering a solution to the need to balance bitcoin privacy against fungibility while also improving scalability, according to a white paper that appeared mysteriously on a bitcoin research site authored by a person using a pseudonym. The author refers to himself as “Tom Elvis Jedusor,” a name taken from the Harry Potter novels. Bitcoin’s Verification Challenge Bitcoin is the first widely used financial system for which all the necessary data to validate the system status can be cryptographically verified by anyone, the white paper notes. It accomplishes this by storing all transactions in a public database called “the blockchain.” Someone who wants to check this state has to download the whole chain and replay each transaction, checking each one as they go. It would be easier if an auditor only had to check data on the outputs themselves, but this is not possible since they are only valid if the output is at the end of a chain of prior outputs. The whole blockchain has to be validated to confirm the final state. Considering that the transactions are cryptographically atomic, the outputs that go into and emerge from every transaction are very clear. The “transaction graph” that results reveals a lot of information and is subjected to analysis by numerous companies whose business model is to monitor and control the lower classes. This makes it very non-private and even dangerous to use. Proposed Solutions Some solutions to this have been proposed, Jedusor notes. Greg Maxwell discovered how to encrypt the amounts so that the graph of the transaction is faceless but still validates the sums. Maxwell also produced CoinJoin, a system for bitcoin users to combine interactively transactions, confusing the transaction graph. Nicolas van Saberhagen developed a system to blind the transaction entries, further clouding the transaction graph. Shen Noether combined the two approaches to obtain the “confidential transactions” of Maxwell and the “darkening” of van Saberhagen. These solutions would make bitcoin safe, Jedusor observes. But too much data can make things worse. Confidential transactions require multi-kilobyte proofs on every output. van Saberhagen signatures require every output to be stored forever, as it is not possible to truly tell when they are spent. Maxwell’s CoinJoin needs interactivity. Yuan Horas Mouton fixed this by making transactions freely mergeable, but he had to use pairing-based cryptography which can be slower and harder to trust. He called this “one-way aggregate signatures” (OWAS). OWAS combined the transactions in blocks. It could be possible to combine across blocks (perhaps with some glue data) so that when the outputs are created and destroyed, it is as if they never existed, Jedusor notes. Then, to validate the entire chain, users only need to know when money enters the system (new money in each block as in bitcoin or Monero or peg-ins for sidechains) and final unspent outputs. The rest can be removed and forgotten. Confidential transactions hide the amounts and OWAS to blur the transaction graph by using less space than bitcoin to enable users to verify the blockchain. Mimblewimble prevents the blockchain from referencing all of a user’s information, Jedusor observes. Confidential Transactions The first step is to remove bitcoin Script. It is too powerful, so it is impossible to merge transactions using general scripts. Maxwell’s Confidential Transactions are enough (after some small modification) to authorize the spending of outputs and also to make combined transactions without interaction. This is identical to OWAS, enabling the relaying nodes to take some transaction fee or the recipient to change the transaction fee. Bitcoin cannot do these additional things. In Confidential Transactions work, the amounts are coded by the following equation: C = r*G + v*H. C is a Pedersen commitment, G and H are fixed nothing-up-my-sleeve elliptic curve group generators, v is the amount, and r is a secret random blinding key. Attached to this output is a rangeproof proving that v is in [0, 2^64], so the user cannot exploit the blinding to produce overflow attacks, etc. To validate a transaction, the verifier will add commitments for all outputs, plus f*H (f being the transaction fee that is given explicitly) and subtracts all input commitments. The result must be 0, proving no amount was created or destroyed overall. To create such a transaction, the user has to know the sum of the values of r for commitments entries. Therefore, r-values (and their sums) serve as secret keys. If the r output values are made known only to the recipient, an authentication system exists. Unfortunately, by keeping the rule that commits all to add up to zer0, this is impossible since the sender knows the sum of all his r values, and therefore knows the recipient’s r values sum to the negative of that. Instead, the transaction is allowed to sum to a non-zero value, k*G, and require a signature of an empty string with this as key, proving its amount component is zero. The transactions can have as many k*G values as they want, each with a signature, and sum them up during verification. Creating Transactions To create transactions, the sender and recipient do the following: 1) The sender and recipient agree on the amount to send. Call this b. 2) The sender creates a transaction with all inputs and change output(s), and gives the recipient the total blinding factor (r-value of change minus r-values of inputs) along with the transaction. The commitments sum to r*G – b*H. 3) The recipient chooses random r-values for his outputs, and values that sum to b minus fee, then adds these to the transaction (including range proof). Now the commitments sum to k*G – fee*H for some k that only the recipient knows. 4) The recipient attaches the signature with k to the transaction, and the explicit fee. Creating transactions like this supports OWAS already. To demonstrate this, consider two transactions that have a surplus k1*G and k2*G, and the attached signatures with these. Then combine the lists of inputs and outputs of the two transactions, with both k1*G and k2*G to the mix, and it is again a valid transaction. From the combination, it is not possible to know which outputs or inputs are from which original transaction. Because of this, the block format changes from bitcoin to this information: 1) Explicit amounts for new money (block subsidy or sidechain peg-ins) with whatever else data this needs. For a sidechain peg-in, it may reference a bitcoin transaction that commits to a specific excess k*G value. 2) Inputs of all transactions. 3) Outputs of all transactions. 4) Excess k*G values for all transactions. Each is grouped together because it does not matter what the transaction boundaries are originally. In addition, lists 2, 3 and 4 should be coded in alphabetical order, since it is quick to check and prevents the block creator from leaking any information about the original transactions. The outputs are now identified by their hash, rather than their position in a transaction that could easily change. Therefore, it should be banned to have two unspent outputs equal at the same time to avoid confusion. Merging Transactions Maxwell’s Confidential Transactions has already been used to create a non-interactive version of his CoinJoin. Another idea is needed. A non-interactive version of this is created to show how it is used with several blocks. Each block can be seen as one large transaction. To validate it, add the output commitments together, then subtract the input commitments, k*G values, and the explicit input amounts times H. The transactions from two blocks can be combined to form a single block, resulting again in a valid transaction. The difference is that output commitments have an input commitment equal to it, where the first block’s output is spent in the second block. Both commitments can be removed and still have a valid transaction. There is not even the need to check the rangeproof of the deleted output. The extension of this idea, all the way from the genesis block to the latest block, shows that each non-explicit input is deleted with its referenced output. All that remains are the unspent outputs, explicit input amounts and every k*G value. The entire mess can be validated as if it were one transaction by adding all unspent commitments output, subtracting the values k*G, validating explicit input amounts (if there is anything to validate) and subtracting them times H. If the sum is zero, the complete chain is good. When a user downloads the chain, the following data is needed from each block: 1) Explicit amounts for new money (block subsidy or sidechain peg-ins) with whatever else data this needs. 2) Unspent outputs of all transactions, along with a merkle proof that each output appeared in the original block. 3) Excess k*G values for all transactions. Bitcoin currently has about 423000 blocks, totaling around 80GB of data on the hard drive to validate everything. The data represents around 150 million transactions and 5 million unspent, non-confidential outputs. Each unspent output on a Mimblewimble chain is around 3Kb for rangeproof and Merkle proof. Each transaction adds around 100 bytes: a k*G value and a signature. The block headers and explicit amounts are negligible. Added together this is 30Gb – with an obscured transaction graph and a confidential transaction. Also read: Mimblewimble: A stripped down version of bitcoin improves privacy, fungibility and scalability Questions and Intuition The following questions arise. Q: If you delete the transaction outputs, the user cannot verify the rangeproof and may be a negative amount is created. A: This is acceptable. For the entire transaction to validate, all negative amounts must have been destroyed. Users have SPV security only that no illegal inflation happened in the past, but the user knows that at this time, no inflation occurred. Q: If you delete the inputs, double spending can happen. A: In fact, this means someone may claim that unspent output was spent in the old days. But this is impossible, otherwise the sum of the combined transaction could not be zero. An exception is that if the outputs amount to zero, it is possible to make two that are negatives of each other, and the pair can be revived without anything that breaks. So to prevent consensus problems, outputs 0-amount should be banned. Just add H at each output. They all amount to at least 1 at present. Future Research Here are some questions that cannot be answered at the time of this writing. 1) What script support is possible? One would need to translate script operations into some discrete logarithm information. 2) Users are required to check all k*G values when in fact all that is needed is that the sum is of the form k*G. Instead of using signatures, is there another proof of discrete logarithm that could be combined? 3) There is a denial-of-service option when a user downloads the chain. The peer can give gigabytes of data and list the wrong unspent outputs. The user will see that the results do not add up to 0, but cannot tell where the problem is. For now, maybe the user should just download the blockchain from a Torrent or something where the data is shared between many users and is reasonably likely to be correct. Images from Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this. Loading... Lester Coleman 3.9 stars on average, based on 8 rated postsLester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments. Follow @HackedCom Feedback or Requests? Related Topics:Gregory MaxwellMiblewimble Up Next Nobel Laureate Economist Thinks the US Govt Has ‘Shut Down’ Bitcoin Don't Miss Blanket Bitcoin Ban Isn’t Right, Says Russian Finance Ministry Chief You may like Sunday Devotional: Welcome the Chaos, Buy the Dips 1 Comment 1 Comment Ade September 4, 2016 at 11:25 pm Is that you Dr Satoshi ? Log in to Reply You must be logged in to post a comment Login Leave a Reply Cancel replyYou must be logged in to post a comment. Altcoins Bitcoin Price Defends $6,000 as Crypto Market Cap Returns Above $200 Billion Published 2 hours ago on August 15, 2018 By Sam Bourgi The Money Makers Club now has 6 of 15 available seats. Learn more here! Bitcoin rebounded sharply on Wednesday after a bear market breakdown dragged prices to within $100 of yearly lows. Although the technical indicators have improved, significant downside risks remain. BTC/USD Update Bitcoin’s price was up 4.6% on Bitfinex to trade at $6,483. The leading digital currency reached a session high of $6,483, having recovered more than 8% from Monday’s swing low. Bitcoin’s 24-hour trade volumes averaged $4.6 billion on Wednesday. The $6,000 price point has emerged as an important support level for bitcoin. As Hacked previously reported, this level is not only psychologically significant, it represents more or less the break-even rate for miners. The monthly technical chart shows improving conditions in the bitcoin price, though this should be taken with a grain of salt given the market’s extreme moves as of late. At current levels, bitcoin has a total market capitalization of $109.8 billion, which represents 53.6% of the total cryptocurrency market. Altcoins and tokens collectively rose by $8 billion on Wednesday to reach a total value of $94.4 billion, according to CoinMarketCap. The value of all digital assets was $204.6 billion. The Market’s Next Move Although predicting bitcoin’s next move is notoriously difficult, a successful defense of the $6,000 floor is an important step in facilitating the next rally. That the yearly low ($5,755) wasn’t breached during the latest downtrend suggests the bulls may be running out of steam. That said, bitcoin’s dominance rate reveals structural weakness in the cryptocurrency market, not to mention damaged investor psychology. As Hacked reported Tuesday, cash-out from the ICO boom appears to be largely responsible for the latest reversal, a sign that investors were losing confidence in riskier assets. This is further corroborated by Ethereum’s dramatic selloff over the past seven days. The so-called developer’s cryptocurrency has been responsible for three-quarters of initial coin offerings. According to BitMEX CEO Arthur Hayes, investors shouldn’t expect a large price recovery at this stage given the general lack of momentum, volume and stability in the market. Trading volumes – a key proxy for demand in the cryptocurrency market – averaged $13.4 billion on Wednesday, based on latest available data. Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading. Featured image courtesy of Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (2 votes, average: 5.00 out of 5)You need to be a registered member to rate this. Loading... Sam Bourgi 4.6 stars on average, based on 546 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts. Follow @HackedCom Feedback or Requests? Continue Reading Analysis Crypto Update: Market Surges 10% but Downtrend Still Intact Published 3 hours ago on August 15, 2018 By Mate Cser The Money Makers Club now has 6 of 15 available seats. Learn more here! Following two days of almost constant selling, the cryptocurrency segment experienced an oversold rally, with the major coins recovering a small part of their recent losses. The technical setup is little changed so far, with the steep short-term trendlines being intact in most cases, and with the key resistance levels towering ahead of the top altcoins. That said, as the longer-term charts have become clearly oversold, and as the selloff accelerated with signs of forced liquidations across the board, such as huge volumes and very high correlations between the majors, a durable bottom could already be forming in the segment. The next few days will be crucial in deciding that, as a successful test of the lows, and the formation of a relatively strong leadership could set up a broader short-term trend change. For now, our trend model remains on a sell signal in case of the top coins, with Bitcoin being the closest to a reversal from a technical perspective. Ethereum bounced off the $260 level, Ripple found support near $0.26, while BTC recovered above $6275 but been stopped by the $6500 resistance, failing to trigger an upgrade in the trend model. ETH/USD, 4-Hour Chart Analysis Ethereum surged higher after the US close yesterday and although it failed to add to those gains in early trading today, the coin is holding up just above the $275-$280 zone, but the steep downtrend is clearly in place. ETH has been very weak for more than a month, and especially since breaking below the $400 level last week, and more signs of strength would be needed for a trend change. Key resistance is ahead at $300, while further support below $260 is found at $235. BTC/USD, 4-Hour Chart Analysis On a positive note, Bitcoin joined the oversold rally after holding up well above the $6000 level and the key long-term zone near $5850. The coin also moved above declining trendline, but for now, the pattern of lower lows and lower highs is intact and the coin remains on a short-term sell signal. BTC is clearly in the strongest technical position among the majors, and it could be the leader in a recovery, should it manage to build a bottom in the coming weeks. Resistance above $6500 is ahead at $6750, and $7000, while further support is found between $5000 and $5100. Correlations Remain High as Bearish Conditions Persist XRP/USDT, 4-Hour Chart Analysis While Ripple managed to hold up above its spike low below the strong $0.26 level and the bounce took it as high as $0.30, the steep downtrend remains intact and bulls would need further confirmation before entering new positions here. The coin is still deeply oversold from a longer-term perspective, and we expect a more durable bottom to form soon. Further resistance is ahead at $0.32, while support below $0.26 is found near $0.23. LTC/USD, 4-Hour Chart Analysis Looking at the bearish leaders, most of the coins are in very similar setups, as correlations are still very high, and Litecoin and Monero are still slightly more promising than the likes of Dash, Neo, and IOTA, which remain very weak from a technical standpoint. LTC is trading near its recent swing low at $56 and should the coin manage to hold above that durably, a short-term bottom could form, which would be a positive sign for the segment. Featured image from Shutterstock Disclaimer: The analyst owns cryptocurrencies. He holds investment positions in the coins, but doesn’t engage in short-term or day-trading, nor does he hold short positions on any of the coins. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this. Loading... Mate Cser 4.6 stars on average, based on 317 rated postsTrader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive strategies, with a passion towards anything that is connected to the market. Follow @HackedCom Feedback or Requests? Continue Reading Altcoins Crypto Market Cap Falls Below $200 for the First Time Since November Amid ICO Backlash Published 1 day ago on August 14, 2018 By Sam Bourgi The Money Makers Club now has 6 of 15 available seats. Learn more here! Cryptocurrencies extended their selloff overnight Tuesday, as the total market capitalization pierced below $200 billion for the first time since November. The decline was far-reaching and severe, with 78 of the top 80 altcoins recording double-digit percentage losses. Crypto Market Update Roughly $26 billion was wiped from the cryptocurrency market overnight, a sign that the bears were firmly in control and not giving up their position anytime soon. The market bottomed at $189.6 billion late Monday and has since recovered to around $193 billion. Twenty-four hours ago, coins were collectively worth more than $217 billion. Below are two snapshots of the crypto top-50, as reported by CoinMarketCap. Although the declines were largely concentrated in altcoins, bitcoin also experienced a tumultuous overnight session, with prices coming within $100 of a new yearly low. The bitcoin price bottomed at $5,858.60 on Bitfinex but has since recovered above $6,100. Ethereum’s downward spiral intensified Tuesday, with prices crashing to fresh 14-month lows. At press time, ether was down 16.6% at $267. The second-largest cryptocurrency by market cap has shed more than 35% over the past seven days. The Market’s Next Move The rout in altcoins has left bitcoin with a 54.1% share of the total cryptocurrency market – the highest since December. Although this gives bitcoin a stronger gravitational pull on other digital assets, it’s also an indicator that investors are shifting their portfolios away from more speculative altcoins and tokens. As Bloomberg pointed out on Monday, Ethereum’s massive decline could be a sign that ICOs are cashing out. If this is true, ether could face a deeper short-term correction as token offerings fizzle out. Biswa Das, the head of quantitative hedge fund BloomWater Capital, said the following of ICOs: “These startups are raising a lot of funds but they don’t have treasury management or enough cash management experience, so they’re selling too early and causing a lot of pressure in the market. It was fine last year but right now the market is so fragile that it causes a lot of pressure.” The cryptocurrency market has lost a staggering $140 billion since June 1, and a look at bitcoin’s technical chart suggests more pain could be on the way. The bitcoin price faces a critical support test at $5,800; a break below that level could expose the digital currency, and the broader market, to new yearly lows as early as this week. Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading. Featured image courtesy of Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (2 votes, average: 5.00 out of 5)You need to be a registered member to rate this. Loading... Sam Bourgi 4.6 stars on average, based on 546 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts. Follow @HackedCom Feedback or Requests? Continue Reading 5 of 15 Seats Available Learn more here. Recent Commentsjhmblvd on Crypto Update: Altcoin Crash Continues, Ethereum Hits $250 as Bitcoin Holds UpSholaO on 2018: Year of the Crypto Fundridge195 on Crypto Update: Altcoin Crash Continues, Ethereum Hits $250 as Bitcoin Holds Updennisterh on 2018: Year of the Crypto Fundridge195 on Weekly Forecast: False Hope and Misinformation – How a Non-Issue Triggered a $50 Billion Selloff of Cryptocurrencies The Long-Awaited Altcoin Extinction Event May Be N... XRP Price Plunges Again; Down 93% from Record High... Crypto Psycho: Fear Could Be Our BFF Winklevoss Twins Shift Crypto Focus to Retail Inve... Crypto Update: Market Surges 10% but Downtrend Sti... Crypto Update: Altcoin Crash Continues, Ethereum H... Amid Downturn, Stellar Lumens Is Outperforming the... Enroll Now! Recent Posts Why Investors Should Pay Attention to OmiseGO August 15, 2018 Pre-Market: Selling Resumes as Dollar Extends Rally August 15, 2018 Crypto Update: Lisk’s Bearishness Hides True Trend August 15, 2018 Bitcoin Price Defends $6,000 as Crypto Market Cap Returns Above $200 Billion August 15, 2018 Trade Recommendation: Bread August 15, 2018 Crypto Update: Market Surges 10% but Downtrend Still Intact August 15, 2018 ICO Analysis: Solana August 15, 2018 Turkish Coffee Hangover August 15, 2018 Market Update: U.S. Stocks Rebound as Turkish Lira Rebounds; Cryptocurrencies Plumb 2018 Lows August 14, 2018 Augur (REP) Backtracks to 16-Month Lows; Aurora (AOA) Falls Away August 14, 2018 A part of CCN Hacked.com is Neutral and Unbiased Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com. Trending Altcoins7 days ago Why Investors Should Pay Attention to Waves Altcoins1 week ago Why Investors Should Pay Attention to VeChain Analysis7 days ago Has Ethereum Lost Its Cache? Analysis5 days ago Crypto Update: Coins Hit New Lows as Dead Cat Bounce Fizzles Out Altcoins6 days ago Why Investors Should Keep an Eye on Zilliqa (ZIL) Analysis1 week ago Crypto Update: Dogecoin’s Bearishness Fogs Bullish Outlook Altcoins7 days ago IOTA Price Affected by Controversy, Internal Strife Analysis5 days ago Crypto Update: Dead Cat Bounce?