In May 2016, an anonymous white paper described a privacy-encryption implementation named MimbleWimble, after a Harry Potter spell that prevents people from revealing secrets.

* Harry Potter — Warner Bros


Unlike the popular Zcash, MimbleWimble does not require trusted Settings, and all transactions are private by default, requiring no opt-in Settings. This article focuses on how MimbleWimble achieves privacy and how MimbleWimble projects compare Grin and Beam to each other.

The “Privacy” chapter in the white paper issued by Satoshi Nakamoto clearly explains the limitations of BTC’s Privacy. Once a network attack occurs, hackers can obtain the relevant data location of BTC users and other data labels to make users “transparent”. The side description of these data can be shown as follows:

  1. Sender address

  2. Number of BTC sent

  3. Receiver address


The UXTO model at the bottom of BTC avoids double-spending and keeps the balance of transactions. To verify that the underlying system of BTC meets the second condition, a corresponding private key is generated for each address user, where the public address holder of BTC sender generates a signature by using the corresponding private key and signs his transaction. Everyone can verify that the signature was generated by the private key corresponding to the address that holds the bitcoin; So we verify that the transaction came from someone who had the authority to initiate the transaction.

Mimblewimble, on the other hand, can conduct full transactions without disclosing the addresses of both parties and the number of transactions. Mimblewimble is more anonymous and lighter than the Bitcoin protocol.

What is the MimbleWimble protocol?

Mimblewimble was originally defined as an improvement on Bitcoin. Due to the design of the decentralized principle at the beginning of bitcoin’s foundation, the number of complete nodes that can run is decreasing, and the cost of recording is increasing as a single node carries all the history of the blockchain.

MimbleWimble is based on elliptic curve encryption and changes the Bitcoin model by creating a multiple signature for all inputs and outputs. Parties to a transaction create a common multi-signed key that validates the transaction. In particular, there is no address in the system, because the two parties involved in the transaction share “blinding factor” information, which simply means that only the two parties will know the relevant transaction information, thus protecting users’ online privacy.


Blinding factor (abbr. BF) : A coinage technique used in electronic money. The function of blinding factor is to blind the serial number of the electronic coin, and send the serial number and amount of the electronic coin identity to the bank by using the private key of the customer. The bank uses the public key of the customer on the network to unlock the data packet, confirm the identity and account balance is correct, and increase the customer’s e-cash liability amount. Then the private key of the bank is transmitted to the customer, and the customer unlocks the data packet with the public key issued by the bank on the network. After the customer obtains the signature of the electronic coin, the blinding factor is removed in the way of restoration, and the original electronic coin serial number after the signature of the network bank can be obtained.


Blinding factor helps both parties to share transaction information, but also shields the node from the possibility of knowing the transaction information, and encrypts the input and output of a particular transaction as well as the public and private keys of the transaction party. The Pedersen commitment scheme is used at MimbleWimble, in which the full node subtracts the amount of encryption at the transaction sender from the amount of encryption at the transaction receiver (output).

This balanced equation means that coins are not created out of thin air and nodes never need to know about transactions.

Here’s a simple example of how blinding factors work:

1 + 1 = 2 // 1 + 1-2 = 0

This is just a simple balancing equation that shows that no new money is being created (by rearranging it to show a net zero balance).

5 + 1 * 1 * 2 * 5 = 5

Here you multiply the number 5, which needs to be encrypted, by all the variables, obscuring the original value.

5 plus 5 is 10





Thus, the value is constant, and the blinding factor is encrypted. This shows the creativity of MimbleWimble, where the blinding factor is actually a combination of the private key and public key of the trading party. Through this blurred but equal equation, I can prove that the number of transactions is equal and I am the holder of the key.

At the end of the transaction, you get multiple signatures for the transaction, and most of the input at the time of the transaction is consumed by the output, making full validation possible in less space (compared to Bitcoin), reducing the data on the chain and eliminating the cumbersome steps to weed out excess data. MimbleWimble works largely because it stores only a small amount of data in the blockchain.

Grin and BEAM are two different encryption schemes based on the MimbleWimble protocol and, although superficially similar, differ in every respect except for the MimbleWimble protocol.




GRIN

MimbleWimble protocol was first implemented in November 2016 under the Grin name and was released at IRC by Ignotus Peverell, who remains Grin’s most active code contributor. Grin’s main compiled language is Rust. The main network was launched on January 15 this year and attracted a large number of capital mining pools and miners once it was launched.

Grin uses the new Cuckoo Cycle, which is a testament to the alternative POW developed by John Tromp in 2015. Although the algorithm was designed to resist ASics, the team had long assumed that ASics were inevitable. In September 2018, two solutions emerged: one optimized for ASIC friendly (Cuckatoo31+); Another optimization is to allow GPU race (Cuckaroo29), where POW balances mining rewards between two algorithms every 24 hours, thus countering hardware arms race phenomena like bitcoin.

In addition to its impressive Cuckoo algorithm, Grin has some interesting features:

  1. SnRoR signatures, also known as aggregate signatures, pave the way for ScriptlessScripts to support smart contracts.

  2. Dandelion protocol, which makes the IP of the original sender harder to trace. Before it goes on the air, all the deals linger on the web.

  3. Bulletproof technology, which allows processing of smaller, zero-proof private transactions, does not require trusted Settings.

  4. Flyclient, an ultra-lightweight client, synchronizes the Merkel-root of all previous Block headers, rather than references to previous blocks. It allows you to check the inclusion of any previous block by storing the Head.

  5. Atom swap, the first atom swap for Grin, has been successfully implemented between Grin Testnet3 and Ethereum Ropsten Testnet.


BEAM

In April 2018, another MimbleWimble attempt — Beam, compiled to C++, launched a testnet in a short time, and more recently the lightning network (LN), which is compatible with the MimbleWimble protocol, Implementing a second layer extension solution with rapid value transfer down the chain improves availability for commercial payment scenarios.

Equihash is a high memory proof of work, meaning how much coin you can mine depends on the amount of memory on your device. It is almost impossible to create a low-cost mining custom hardware (asIc) in the short term, so Equihash is considered a more decentralized POW algorithm.

In addition to Equihash, some of the interesting parts of Beam include:

  1. Further improve the Dandelion protocol in Stem phase with confound merger transactions.

  2. BatchBulletproofs signature.

  3. Ultra-lightweight flyClient implementation.

  4. Secure BBS, which reduces the need for both sender and receiver to be online at the same time.

  5. An auditable wallet capable of issuing one or more audit keys to third parties.

  6. Visually designed mobile wallets act as complete nodes and integrate with hardware wallets.

  7. Atomic exchange of Bitcoins via P2P transactions within the wallet.

The difference between BEAM and Grin





Lightning network is a bitcoin network improvement scheme originally proposed to solve the problem of bitcoin network congestion. Why use lightning Network?

Review: Qtum Quantum Chain Research Institute: Lightning Network (PART 1)

Qtum Quantum Chain Research Institute: Lightning Network (PART 2)

First, faster block time does not necessarily mean faster payment confirmation. Secondly, considering the more digital currency payment use cases, such as pay beer at the bar again in a hurry to leave, when the train bought a drink and so on situation need to be quick to pay, the experimental results show that the lightning network can realize the payment experience like a credit card payment is rapid, simple, making it become one of the basic encryption monetary mainstream applications.

There are many differences between Beam and bitcoin’s underlying protocols, so introducing a Lightning network compatible with the Mimblewimble protocol presents some challenges.

The main difference is the lack of scripting in the Mimblewimble protocol. The introduction of the lightning network requires the use of multiple transactions built on top of each other. The expenditure requirements of these transactions will collectively form the same structure as HTLC (Hashing secure time lock contract) in Bitcoin. This leads to an increase in messages being sent between channel participants, but Beam thinks it’s worth it.

On the other hand, the construction of hash time lock contract, the core concept of lightning network, requires two other smart contract schemes: hash lock and relative time lock. Hash locking is part of Beam’s basic protocol, but currently Beam does not implement relative time locking.


At present, Qtum quantum chain has realized lightning network test: Lightning network function introduction and test based on Qtum quantum chain


The resources

Conor O’Higgins, Mimblewimble explained like you’re 12

Mattia Franzoni, Grin: A Lightweight Implementation of the MimbleWimble Protocol

Brian Curran ,What is Grin Coin & MimbleWimble? Complete Beginner’s Guide

Grin’s website: https://grin.mw/up/

Lot of Grin: https://github.com/mimblewimble/grin

Beam’s website: https://www.beam-mw.com/

The Beam Github:https://github.com/beam-mw/beam

Arjun Balaji, From #reckless to Wumbology: Lightning Network’s Infrastructural Build Out

https://zh.wikipedia.org/wiki/%E7%9B%B2%E5%9B%A0%E5%AD%90