Shulou(Shulou.com)05/31 Report--

This article mainly explains "what is the privacy of cryptocurrency in the block chain". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Next let the editor to take you to learn "what are the contents of cryptocurrency privacy in the block chain"?

1 Privacy of Bitcoin (that is to say, Bitcoin has no privacy)

Originally, Bitcoin was developed as an anonymous cryptocurrency, protecting privacy as long as real-world identities cannot be linked to Bitcoin addresses. However, because of the openness of the bitcoin blockchain, it was soon discovered that it was possible to identify individuals based on usage patterns based on certain addresses and transactions. In addition, the node will disclose its own IP address when broadcasting the transaction.

Each node represents an address, and each edge represents a transaction. Many nodes (such as Mt. The identities of Gox, Silk Road and Satoshi Dice) have all been identified according to their transaction patterns.

In 2013, Meiklejohn and others successfully identified many online wallets, merchants and other service providers. Today, service providers such as Chainalysis and Elliptic have de-anonymized blockchains to detect money laundering, fraud and irregularities.

-in this example, you can see that {Alice, Bob} sent bitcoin to {Carol, Ted}, but it is impossible to accurately determine the identity of the sender and receiver. After different users repeat this process several times, the anonymous set expands. -

* * in order to solve the problem that the privacy of Bitcoin has been weakened, Tumbler services such as CoinJoin (mixed coin) have emerged to improve the anonymity of Bitcoin. * * CoinJoin allows users to jointly create transactions to change the ownership of their tokens, giving anonymity to each user in the collection. As different users repeat the process, the anonymous gathering expands. Criminals have been using the Tumbler service to mix identifiable bitcoin with other funds, masking the source of the money.

But Coinjoin has its own flaws. The privacy of Coinjoin depends on the size of the anonymous set. In fact, there are on average only two to four participants in each Coinjoin transaction, so the researchers were able to de-anonymize 67 per cent of Coinjoin transactions. In the later stage, with the improvement of Coinjoin, there are better cryptocurrency Tumber services, such as TumbleBit, etc., but TumbleBit also has limitations.

2 Privacy currency

Due to the lack of privacy of Bitcoin and there are no plans to improve its privacy at the protocol level, several new cryptocurrencies have emerged that support private transactions.

Zcash was created by a powerful team of cryptographers through zk-SNARKs technology. In 1985, Goldwasser, Micali and Rackoff first put forward the groundbreaking idea of "zero knowledge proof". In 2015, Eli Ben-Sasson et al. further developed zk-SNARKs technology on the basis of zero knowledge proof, which enables people to succinctly and non-interactively prove that they know certain information without revealing specific content. Zk-SNARKs provides technical support for many privacy-related projects and can use a technique called recursive composition to compress the size of the blockchain.

The Zcash team is currently working on the Sapling project, a performance upgrade to the network that will improve the performance and functionality of covert (encrypted) transactions and is scheduled to be launched in October 2018. Since approximately 85% of Zcash transactions are still sent publicly, the computational cost of sending protected transactions is very high, so the Sapling project is expected to increase the number of protected transactions (editor's note: on October 28, 2018, Sapling was successfully activated on the main Zcash network).

Monero is another private currency that uses ring signatures rather than zk-SNARKs technology. Currently, Monroe's team is building Kovri to support privacy packet routing so that users can hide their geographic location and IP address. Anonymizing users' network traffic will greatly improve the security of the Monroe coin network and ensure that users will not be arrested or personally injured for using Monroe coins.

Zcash and Monroe coins are often compared. Both communities are led by Twitter celebrities-Zooko Wilcox leads Zcash,Riccardo Spagni (@ fluffypony) leads Monroe dollars-but the difference is that Zcash is backed by a company and a foundation, while Monroe dollars has only an organic community of core developers. Both projects had anonymity flaws: researchers were able to link 69 per cent of Zcash covert transactions to founders / miners and de-anonymize 62 per cent of Monroe transactions, but these deficiencies have now been corrected.

However, the two projects essentially adopt very different approaches to privacy protection and adopt different compromises. So far, I'm not sure which of the two projects is better in the long run. In my opinion, Zcash and Monroe will continue to coexist like Coca-Cola and Pepsi.

Mimblewimble is the tongue-locking spell in Harry Potter, Tom Elvis Jedusor is Voldemort's French name, and Ignotus Peverell is the original owner of the invisibility cloak. (proofreading note: the aliases adopted in the following text are all from Harry Potter:))-

Mimblewimble is a new block chain project focused on privacy, based on the design of bitcoin. On July 19, 2016, Tom Elvis Jedusor submitted a white paper to a bitcoin research channel and then disappeared. Later, Ignotus Peverell launched a GitHub project called Grin and began to actually implement Mimblewimble's white paper. Blockstream's Andrew Poelstra presented the results of their work at the Stanford BPASE conference in 2017, and Grin began to get a lot of mainstream attention. Grin's third test network has been released, and its main network is expected to make its debut in early 2019.

Mimblewimble/Grin is an improvement on Bitcoin's private transactions and Coinjoin. Key features include no public address, complete privacy, and block chain simplification. Recently, Grin mining has ushered in a boom, because, like Bitcoin, Grin coins can only be obtained through workload proof of mining. Grin uses the cuckoo cycle (Cuckoo Cycle) workload proof algorithm, which was originally designed to resist ASIC but is now considered to support ASIC.

Overall, Grin combines a set of social features that make Bitcoin so powerful-anonymous founders, unled development teams, POW consensus, no ICO, no chain governance-with technological improvements for Zcash and Monroe. Unlike Bitcoin, the total supply of Grin is unlimited, and it adopts a linear supply monetary policy, which means that inflation was very high in the early days, but gradually approached (but did not reach) zero over time. After the release of the Grin network, early inflation will stimulate consumption rather than speculation. Although persistent inflation will prevent Grin from becoming an ideal store of value, Grin can avoid bitcoin-like instability when block rewards for bitcoin disappear and miners can only earn transaction fees.

Grin's new monetary policy is a far cry from the controversial Zcash founder award, which means that project developers will receive 20 per cent of the newly cast ZEC in the first four years. The size of the MimbleWimble chunk chain is proportional to the number of users rather than the number of transactions, and the expansion of UTXO sets can be avoided by using circular signatures with Monroe coins.

Other interesting privacy coins, including MobileCoin and BEAM, are still in the early stages of development.

3. Intelligent contract privacy

* * the program code in the smart contract is open, so the privacy of the smart contract is different from that of the payment. * * Unfortunately, program confusion has proved impossible, so smart contracts currently lack both confidentiality (hiding the amount of payment) and anonymity (hiding the identity of the sender and receiver).

In my opinion, when enterprises are ready to build decentralized applications on a large scale and need to hide their customers' activities, there is a strong demand for the privacy of smart contracts; at present, there is nothing wrong with letting everyone see the use of decentralized applications such as encryption cats. This is a bit like the HTTP protocol used by basic websites at the beginning of the Internet, and then introduced the HTTPS protocol for related websites because e-commerce and other activities need to encrypt network traffic.

-there is no privacy in Ethernet Square, and everyone can see the use of decentralized applications on DappRadar. -

In the case of etherland, Benedikt B ü nz is conducting a study at Stanford University on a private payment mechanism called Zether;, which is fully compatible with ethernet and can provide confidentiality and anonymity for ethernet smart contracts. Zether will be executed as an ethernet smart contract to minimize gas consumption. Zether also has a variety of functions that can bring provable privacy to common applications such as payment channels.

* * Keep * * is another project that builds the privacy layer of Taifang by creating a container under the chain for private data. As a result, smart contracts can manage and use private data without exposing it to the public chain.

Although the priority of privacy is currently second only to Casper for Ether Fong, the progress of the implementation of Casper by the Ether Square Foundation is slow, and the risk is that privacy will not become a core feature of Ether Fong until many years later. If the privacy of smart contracts becomes an urgent problem for the encryption community during this period, there will be a new private intelligent contract platform to fill this gap, just as the emergence of Zcash and Monroe coin filled the shortcomings of Bitcoin in privacy payments. Enigma, Origo and Covalent are also new smart contract platforms that try to implement native privacy features in the blockchain.

* * Oasis Labs * * is another exciting privacy project that builds a new smart contract platform, Ekiden, that separates the execution of smart contracts from the underlying consensus mechanism. Smart contracts run inside a separate hardware called a safe zone, such as Intel SGX. This security zone is like a dark box that keeps computing private relative to other applications. It also generates an encryption certificate to prove that the program is executed correctly, and then stores the proof in the block chain. By separating the execution of smart contracts from consensus, Ekiden can be compatible with different underlying block chains, including Ethernet Square.

4 Privacy Architecture

In addition to privacy coins and proprietary intelligence contracts, there are other important privacy architecture projects worth mentioning on the Web 3 stack.

* * Orchid * * is trying to build an optimized version of Tor, in which users rent their own extra bandwidth to get tokens and become repeaters in Orchid networks. The problem with Tor is that there are only about 6000 trunk nodes and fewer than 2000 bridge nodes, so the government can blacklist all relay nodes and bridge nodes to prevent its citizens from accessing Tor. If tokens are used as economic incentives to encourage more people to become repeaters, it will be more difficult to block Orchid unless the barrier increases as the network expands.

* * BOLT * * is establishing a private payment channel that uses blind signatures and zero-knowledge certificates to hide the identity of participants when they open accounts, trade, and close payment channels. The initial payment channel is based on Zcash, but will be able to interoperate with Bitcoin and ethernet.

* * NuCypher * * is building a decentralized key management system that uses proxy re-encryption to provide the same functions as HTTPS. Proxy re-encryption is public key encryption, which allows users to convert ciphertext from one public key to another without knowing the underlying message.

* * Starkware * * is implementing zk-STARKs on various block chains, including Ethernet Square. The advantage of zk-STARKs over zk-SNARKs is that the former does not require a trusted setting, although the capacity of the encryption certificate is much larger.

5 Privacy research

The academic research of cryptography promotes the innovation in the field of privacy. The main topics involved in privacy research are zero knowledge, multi-party computing and homomorphic encryption.

In addition to zk-SNARKs and zk-STARKs, Bulletproofs is a new type of short non-interactive zero-knowledge proof. Similar to zk-STARKs, Bulletproofs does not require a trusted setting, but verifying Bulletproofs is more time-consuming than verifying zk-SNARKs proof. Bulletproofs is designed to achieve efficient private transactions of cryptocurrencies and reduce the size of certificates from more than 10 KB to 1-2 KB. If all bitcoin transactions are confidential and use Bulletproofs, then the overall size of the UTXO set is only 17 GB, and in terms of the amount of work currently in use, the overall size of the UTXO set is 160 GB.

-tradeoffs for different zero-knowledge proof systems. -

Multi-party computation enables a group of people to calculate a function using their respective input values without revealing their respective input values. For example, Alice and Bob want to know who holds more bitcoins without revealing their respective amounts. Unfortunately, the current limitation of multi-party computing lies in its extremely low efficiency in practical application.

Full homomorphic encryption enables people to calculate based on encrypted data. For decades, this was an unsolved problem in the field of cryptography, until 2009, when Craig Gentry, a doctoral student at Stanford University, conceived the first full-homomorphic encryption scheme using ideal lattices. For example, if Bob wants to do arbitrary calculations on Alice data, such as training machine learning models, and Alice does not need to disclose its plaintext data, then the scheme can be useful. Like multi-party computation, full-homomorphic encryption is still in the theoretical stage, and the efficiency in practical application is too low.

At this point, I believe you have a deeper understanding of "what is the privacy of cryptocurrency in the blockchain?" you might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.