Cryptocurrency protocol MimbleWimble could challenge Bitcoin’s status as the crypto king. | Source: Shutterstock
By CCN.com: MimbleWimble, named after a curse from the Harry Potter book series, is a protocol, much like Bitcoin’s blockchain, that contains improved privacy features derived from multiple technologies, some more established than others.
Key components in MimbleWimble are:
(a) Elliptic Curve Cryptography (ECC), which enables private-public key encryption – a way to prove you know something without revealing the content of the encrypted information;
(b) Confidential Transactions, which allows for public verification of the transaction without revealing any significant details, like the amounts or addresses – which, in essence, do not really exist in MimbleWimble, but I’ll get to that later;
(c) CoinJoins, through a mechanism called anonymity set that enables transactions from multiple senders to be batched into a single transaction; and
(d) Dandelion, an improved gossip protocol network that contains increased privacy working mechanics, by using hops in-between nodes before publicizing the transaction to the neighboring nodes.
History has taught me any technology represents a means to achieve an end, and the purpose of MimbleWimble is quite similar to Bitcoin’s: to allow for value to be transferred and stored in a decentralized manner, privately and without intermediaries.
A Brief History of MimbleWimble
My goal today is to explain to non-magical folk how this technology works and why are there so many prominent cryptocurrency enthusiasts, such as Bitcoin Core developers Andreas Antonopoulos and Jimmy Song or authors like Chris Dixon and Daniel Jeffries, discussing the hypothesis of MimbleWimble becoming a serious side-chain protocol, by exponentially improving on Bitcoin’s privacy features.
The initial MimbleWimble whitepaper was drafted by Tom Jedusor in 2016, with clear references to Greg Maxwell’s work on confidential transactions and CoinJoin, as well as to a previous anonymous paper posted in 2013 introducing one-way aggregate signatures, a functionality which obfuscates inputs and outputs, similar to CoinJoin.
The first MimbleWimble implementation, Beam, was fully released on January 3 and is now live and minable. This means anyone can join to support the network – although in order to do so, one does require both specific hardware, in this case, a GPU processor, and some technical savviness to understand how to set up a node.
Anyhow, the oldest implementation of Milmblewimble (and the one I will focus my attention on), is called Grin.
The first Grin testnet was launched in November 2017, and the project is currently live, since January 15. The Grin repository is currently maintained by anonymous developers and does not have a clear business model just yet, whilst Beam is a much more hierarchical and organized structure, like Blockstream for example.
Both are aiming to achieve the same goal, which is to provide a live and functional network for MimbleWimble.
The Blueprint of Privacy
As mentioned a couple of times already, the purpose MimbleWimble serves is to improve users privacy, as transactions cannot be linked to a specific IP, which is one of the current bottlenecks with Bitcoin. Not only that, but the way MimbleWimble works allows for close-to-infinite scalability.
Before we get into the whole scalability ordeal, let’s see how MimbleWimble combines the technologies mentioned initially.
Firstly, both implementations chose to use an ASIC-resistant algorithm, such as Cuckoo Cycle (in Grin) or Equihash Pow (Beam) to promote a higher degree of decentralization while adopting a secure model (a: ECC).
Secondly, when a transaction is broadcast, it will hop to a number of other neighboring nodes before being broadcast to the entire network (d: Dandelion). Remember what I mentioned in the beginning? No one knows the inputs and outputs (b: Confidential Transaction).
Well, good luck trying to find the originator, as each additional hop means an additional node you need to inspect (c: CoinJoin), including its connections – an almost impossible task to accomplish with a set of 3 to 4 hops per transaction.
Thirdly (and lastly), the MimbleWimble blockchain is bound to the number of users using the network, not to the number of transactions/addresses, so you can already imagine the impact on scaling the network: nodes only need to register block headers for current UTXO (unspent transactions), not for the entire chain. Plus, this means there are neither addresses nor transactions.
Right – But How Does MimbleWimble Actually Work?
The first time I read the whitepaper, it did seem…magic!
However, after many failed attempts, I understood how users could transact with neither addresses nor amounts – not an easy accomplishment if you ask me.
The validation of MimbleWimble transactions relies on two basic properties:
Verification of zero sums. The sum of…