Verified on Po.et Created with Sketch. Verified on Po.et

How Bulletproofs Could Make Bitcoin Privacy Less Costly

by

         How Bulletproofs Could Make Bitcoin Privacy Less Costly

Bulletproofs, presented in a paper titled “Bulletproofs: Short Proofs for Confidential Transactions and More,” describe a new zero-knowledge proof system. The proposal uses on-chain scaling for privacy and suggests a new, faster and more compact way to verify privacy-enhancing Confidential Transactions (CTs). Specifically, Bulletproofs can decrease the size of these verifications for these types of transactions drastically. Furthermore, the authors of the paper — Stanford University’s Applied Cryptography Group, overseen by professor Dan Boneh — have already managed to create a practical implementation for Bulletproofs.

This is how it works.

Currently, all transaction information — such as wallet addresses and especially the sent amount of bitcoins — are visible on the Bitcoin blockchain. This affects the privacy of all users. If we wish to pay wages via the Bitcoin network, for example, this means that every salary will be visible on the blockchain network. This, in turn, could mean that someone (like your landlord) could look up how much money you’re making to try and increase your rent accordingly.

Confidential Transactions are much needed to bring any type of blockchain to a higher level of privacy. Confidential Transactions combine and utilize several cryptographic tricks so that only the sender and the receiver of a transaction are aware of the amount transacted. These cryptographic tricks let users obfuscate the amounts they are transacting while still allowing onlookers to perform math on the obfuscated amounts. Basically, anyone can still check that the sum of sent bitcoins is greater than the sum of received bitcoins.

Confidential Transactions are realized with “zero-knowledge proofs.” These proofs are best described as a method for proving to another party that a Confidential Transaction is valid without conveying any information about the Confidential Transaction itself.

However, as stated in the Bulletproofs paper: “Current proposals for CT zero-knowledge proofs have either been prohibitively large or required a trusted setup. Neither is desirable.”

First of all, if we have to prove multiple range proofs, which is the case for multisignature transactions, the complexity and size will scale in a linear fashion. For example, if the size of a single proof is 2 kB, two proofs are 4 kB, three proofs are 6 kB and so on.

Additionally, zero-knowledge proofs typically require a trusted setup: they must be initialized by some trusted authority. However, the security properties of the Bitcoin system don’t apply to that authority because in practice it means that the authority could produce fake “proofs.” These fake proofs could lead to uncontrolled and undetectable inflation.

Bulletproofs could solve these problems.

According to the paper, “In any distributed system where proofs are transmitted over a network or stored for a long time, short proofs reduce overall cost.”

Bulletproofs are claimed to be able to reduce the cryptographic proof significantly: from 8 kB to 734 bytes, though this depends on what the transaction looks like. Moreover, when dealing with multiple proofs, the size increases with just a few percent instead of this linear scaling. And in addition, Bulletproofs do not require a trusted setup.

Andrew Poelstra, contributor to the research paper and mathematician at Blockstream, believes that Bulletproofs are very practical: “We have already implemented a first version in the Bitcoin crypto library libsec256k1, which can verify proofs three and a half times faster than the verifier for the classic rangeproofs. It is a drop-in replacement for classic rangeproofs that does not affect other aspects of the system and is therefore very easy to integrate.”

Until now, Confidential Transactions were just a theoretical concept because they were so heavy to implement. With Bulletproofs, the implementation of Confidential Transactions on Bitcoin suddenly becomes more likely.

Recommended

Grim Stories of Ethical, Privacy Abuses Emerge About Coinbase’s New Partners

Among other issues, Reporters Without Borders labeled Hacking Team (the team behind Neutrino) as one of five “Enemies of the Internet” in 2013 for its role in humanitarian abuses against journalists.

Colin Harper

Cryptopia Calculates That 9.4 Percent of Assets Stolen in January Hack

The New Zealand-based crypto asset exchange Cryptopia has made their assessment of a January hack, claiming that up to 9.4 percent of all their assets were stolen.

Landon Manning

“Clear and Robust Strategy” Nets 0.023% Recovery of Bitfinex’s Hacked Funds (So Far)

Bitfinex said that U.S. federal law enforcement informed them in November of last year that it had obtained access to some of the cryptocurrency funds stolen when the exchange was hacked.

Jimmy Aki

Coinbase Snaps Up Blockchain Intelligence Startup Neutrino

With its analytical capabilities, Neutrino will help Coinbase add new features and tokens to the platform, while ensuring "compliance with local laws and regulations."

Jimmy Aki