MimbleWimble simplified (better Scalability and Privacy than Bitcoin today)


Hello Cryptogang Welcome to another LamboLife
video. Blockstream’s Andrew Poelstra says Mimblewimble
could replace Bitcoin. It’s more scalable and private. That’s bold
I’ll dice up the Mimble protocol and assess how valuable it really is. I’ll also compare it to similar technologies. Let’s begin. It all began with when an anonymous cryptographer
by the name of Tom Elvis Jedusor showed up at a bitcoin research channel. This name is actually French for Tom Riddle,
which was the real name of Lord Voldemort in the Harry Potter series. Now he posted a link to a whitepaper called
Mimblewimble. At first, nobody noticed it, but as soon as
they read it, they realized this was a really big deal! This cryptographic protocol, that was left
by a ghost, had the potential revolutionize the way bitcoin works. There’s some Harry Potter trivia in the
whitepaper. Apparently we have a fanboy here. Mimblewimble is actually a spell in Harry
Potter, that ties the target’s tongue robbing him of his ability to speak clearly. Hence, the source of people’s misconception
that Mimblewimble is mainly just a privacy protocol, but that’s not exactly right. It is primarily a scaling solution and secondarily
a privacy solution. That’s because the scaling benefit is greater
than the privacy benefit in Mimblewimble’s case. So how does Mimblewimble scale? First of all, there’s different ways of
scaling. Let’s explore them first. The blockchain conceptually looks like this:
a series of blocks that represents a history of transactions. Bitcoin plans to scale by offloading most
of its trasactions offchain with its second layer, the Lightning Network. In my opinion, this is the most potent scaling
solution and is by and large above any others. Unfortunately, today it is still unstable
and might have a long way to go before its ready for mass adoption. Bitcoin Cash on the other hand, has an immediate
solution by increasing the block size. But there’s also a third option. Which is to compress the transaction data. That’s what Mimblewimble does. Instead of making bigger a blocker, it makes
the contents inside smaller. You see, BTC has increased its blocksize before,
but the community has agreed that doing this forever is catastrophic. Why? Take a look at this graph. The rate of increase of Bitcoin’s blockchain
is not linear, it’s exponential. Currently we have about 200000 megabytes;
or 200 gigs, which is the amount of hard drive space you need to set up your own full node,
provided that your hardware has enough bandwidth support and computing power. As time goes by and history unfolds, storing
this history becomes more and more demanding; as the memory necessary to store the data
in each block also needs to increase, as well as the computing power needed to validate
them. If all we do is increase the blocksize perpetually,
we are essentially preventing the average guy from being able to run a full node, because
of the high costs required to set it up. And as a result, allow mining cartels and
monopolies to have a lot of influence, hurting decentralization. Bitcoin Cash is doing this block size increase
a little conservatively, but Bitcoin SV went all out, which is absolutely insane. Now what’s interesting with Mimblewimble,
is that it allows Bitcoin’s transaction history to be compacted and quickly validated
with average computing hardware even after many years of chain operation. The result? a faster and more scalable blockchain! You could literally start up a full node on
your smart phone, and almost instantly synchronize your full node to the blockchain. Mimblewimble’s privacy features are derived
from different cryptographic innovations. For simplicity’s sake I’ll only include
the major parts. First is Confidential Transactions. This allows the senders to encrypt the amount
of crypto they want to send using what you call blinding factors. Again for simplicity, blinding factors are
simply random numbers that mess up the inputs and outputs and make it look confusing for
an outside observer. So in this scenario, only the sender and receiver
are aware of the amount. However, third parties can still ensure that
the transaction is valid, by comparing the number of inputs and outputs; But as far as
they are can see, it’s just uniform random things went in, and uniform random things
went out. And if both inputs and outputs are the same,
then the transaction is valid. This procedure ensures that no bitcoins have
been created from nothing. But, this is not enough. There is the possibility of an omniscient
observer—someone who has the resources to do a graph analysis of Mimble’s transaction
history, think CIA or a Chinese hacker army. In that case, they could still uncover some
information you don’t want them to know. Lucky for us, Mimble also leverages another
cryptographic innovation called CoinJoin. Coinjoin is a mechanism by which transactions
sent by multiple spenders are combined to form a single transaction. Now because of this, it’s difficult for
an outsider to determine which payment was intended for whom, adding even more confusion
and misdirection So now you might be wondering. How do we ensure that no one is cheating? What type of consensus model does Mimble have? Well, it is quite different from Bitcoin’s
consensus mechanism. You see, with Bitcoin’s Proof-of-work algorithm,
its more complex; the whole blockchain must be downloaded, the history of a transaction
outputs have to be analysed; all to ensure validity. This takes up a lot of time, and is quite
hard to scale, hence, the need for a second layer solution like Lightning. But with Mimble, there’s a simpler way to
preserve the integrity of the system. Mimblewimble blocks only consist of a list
of inputs, a list of outputs, and signature data. This offers significant space savings in blocks,
because other transaction data no longer need to be stored, only inputs and outputs. And by subtracting the total inputs from the
total outputs, that is to say ensuring that the difference is zero, the blockchain is
validated, because no new coins were created out of thin air. With innovation, there’s always things that
need to be improved on. Otherwise, there wouldn’t be progress. Mimblewimble has one of the best privacy features,
but it’s not really perfect. Even with all its privacy methods, Mimble
is not 100 percent anonymous. There’s still the very small chance that
some whale or multi million dollar organization can override your anonymity, should they desperately
want to. But it’s not something that’s really expected
to happen often or ever really. You see, the privacy and scalability aspects
of Mimble are intertwined. The more it can scale, the more users it can
handle. And the more users, the stronger the privacy. We’ve already established that Confidential
transactions are not enough. And coinjoin needs more transaction volume
to be effective. With low transaction volume, it’s not too
difficult to bypass Coinjoin’s privacy. I’ll use Assassin’s Creed as an analogy
here so it’s more fun. In the AC franchise, The Assassin’s have
Three main principles, which are 1. “Stay your blade from the flesh of the innocent.” 2. “Never compromise the brotherhood” and
3. “Hide in plain sight”, which is what we’ll
focus on. What this essentially means is that as an
assassin, one should know how to blend in the crowd; to become anonymous. The keyword here is crowd. If you want to be hidden, you have to get
lost. You can’t be the only person in a field
wearing a hood. That’s not helping you in any way. The Templars will freaking kill you. Scaling drives privacy in almost every technology. Simply put, the bigger the crowd, the easier
to get lost. And that applies especially to Mimblewimble,
afterall, it is one of Bitcoin’s scaling solution. Unfortunately it’s not quite there yet. This has something to do with what you call
rangeproofs. Range Proofs are present in all cryptocurrencies
with Confidential Transactions such Monero or Zcash. It’s not just Mimble. Range Proofs are important because it prevents
the blockchain from having negative outputs. You don’t want a negative Bitcoin, or a
negative Monero. So this Rangeproofs is necessary for Mimblewimble
to work correctly. But rangeproofs are also hefty to verify,
atleast for today. They’re working on it, obviously, but, reducing
the timeframe for verification, as well as the size of this rangeproofs, is something
that they need to deal with, before Mimble could reach a level where users can easily,
run a full node on their smartphone. Its called bulletproofs, but we’re not gonna
discuss that right now. Also, Mimblewimble does not support scripting. Scripting is implemented in Bitcoin, and it’s
very handy. It allows advanced features such as multisignature,
secure cross-chain trading, high frequency trading, and many other complex stuff. But, Mimble has really advanced crypto magic
to work around this. Many smart contracts in Bitcoin that require
a script can be achieved using the properties of what we call Elliptic Curve Cryptography. It’s not and probably never gonna be as
good as having a Bitcoin Script though. Also, you can’t simply merge the Mimble
protocol with Bitcoin. It’s not really an exact fit. But, you can implement it as a sidechain or
make a new implementation. Mimblewimble is a protocol just like Bitcoin. Now Bitcoin has 2 main implementations. Bitcoin Core for BTC and Bitcoin ABC for Bitcoin
Cash. Both use the same protocol but they are different
implementations. Mimble has 2 implementations called Grin and
Beam. Both went live sometime in January. The primary difference between Grin and BEAM
is their general community or governance approach. BEAM’s governance model is more company-like
structured, while Grin is more of an open-source community with members independently working
on the project through donations. Honestly I lean towards Grin more, being open
source and community-driven and all but I’m also a fan of Beam’s VC-funded startup approach. I’m closely keeping an eye on both. But I still don’t any of these is a replacement
for Bitcoin. They are their own thing. Damn it feels good to be in crypto. That’s it for today’s video. Thanks for watching. I’m so glad to finally upload this. It took quite a while to fully grasp how it
works hopefully my time was worth it and you learned something from me. If you enjoyed be sure to like and if you
haven’t already, subscribe. See you on the flipside!

8 thoughts on “MimbleWimble simplified (better Scalability and Privacy than Bitcoin today)”

  1. You completely FAILED to realize GRIN gets rid of Addresses. This is by far the most valuable component. You need to understand how it works without Addresses. This is why it will be the fastest adopted form of crypto. Any social network can create accounts for GRIN for each of their users. Anyone can send GRIN to "Facebook: Username" etc. Goodbye complex unmemorable addresses.

  2. Hi! Small detail about the appearance of the Mimblewimble paper which everybody seems to cite incorrectly: It was not Thomas Elvis Jedusor who showed up at the #bitcoin-wizards research channel, but instead a person with the nickname "majorplayer". This person left a link to a txt-file hosted on a Tor server and the author in this textfile named himself Thomas Elvis Jedusor.

    Look up the archived IRC chatlogs yourself (here: https://irclog.whitequark.org/bitcoin-wizards/2016-08-02 or here: http://gnusha.org/bitcoin-wizards/2016-08-01.log), just search for "mimblewimble".

    And you also can see that Andrew Poelstra (nickname "andytoshi" in the channel) was immediately interested a few hours afterwards.

  3. Best video about beam surely. Unfortunately, the intro with harry potter isn't too good for that so technical and mature explanation

  4. Correction at 9:43 :

    Zcash doesn't use Confidential Transactions or Range Proofs. Instead, they verify their transactions using zk-SNARKs
    Also, Mimblewimble is not a primarily a scaling solution and secondarily a scaling solution, like I said in the video. It is more like a privacy-scaling solution.

Leave a Reply

Your email address will not be published. Required fields are marked *