Last night, . Bulletproofs, was originally published in a and quickly became an area of research within the blockchain community. With the announcement, Monero becomes the first cryptocurrency to adopt bulletproofs as a privacy protocol. Just like predecessors such as zk-SNARKS or Secure Multi-Party Computations, bulletproofs has all the ingredients to become one of the most important privacy protocols in the next wave of blockchain applications. news broke that Monero will be implementing a new and more scalable privacy protocols as part of its blockchain 2017 whitepaper from Stanford University Bulletproofs is not necessary a breakthrough in cryptography but rather a very clever combination of existing techniques. Specifically, bulletproofs has its origins in another privacy protocol such as confidential transactions and zero-knowledge-proofs. In fact, the easiest way to understand bulletproofs is to analyze the evolution of these two other cryptographic methods. Confidential Transactions and Zero-Knowledge-Proofs If we think about the steps required to validate a cryptocurrency transaction, they can be summarized in three steps: · The transaction comes from a valid node. Signatures are Correct: · There is no double spending issues. Amounts are Unspent: · Specifically: Outputs = Inputs — Transaction Fees. The Sum of the Inputs is Greater than the Sum of the Outputs: While all cryptocurrencies have a way to validate transaction correctly, most do so maintaining public access to the information. In 2016, Greg Maxwell introduced the notion of confidential transactions which effectively replaces the amounts of the transactions with cryptographic commitments that can be verified by the receiver. The cryptographic assertion is typically based on which is a method that can express a statement about a value that can be verified while hiding the value itself. Confidential transactions certainly enable secure transactions with verifiable signatures and unspent amounts but make it impossible for the recipient to verity that the amounts of the inputs is greater than the amounts of the outputs. That’s where zero-knowledge-proofs come to play. Pedersen commitments Zero-knowledge-proofs of knowledge expand confidential transactions by allowing the recipient to challenge the sender to prove a specific assertion. While this technique is incredibly effective from the privacy standpoint, they drastically increase the size of the transaction and, very often, require a trusted setup which difficult its applicability at scale. STARKs is trying to address some of these limitations but remains not very viable practically. Enter bulletproofs. What are Bulletproofs? Conceptually, bulletproofs can be considered a more efficient form of zero-knowledge-proof that does not require a trusted setup. Bulletproofs are a new zero-knowledge argument of knowledge system, to prove that a secret committed value lies in a given interval. To achieve that, bulletproofs leverages some of the optimization methods proposed by to implement space efficient zero-knowledge-proofs. Bottle was able to create proof-size that grew logarithmically instead of linearly. However, many of the assumptions behind Bottle’s thesis also resulted impractical. Jonathan Bottle Bulletproofs improves on some of Bottle’s ideas to create short, non-interactive zero-knowledge proofs and even more efficient form of zero-knowledge-proof that does not require a trusted setup. Bulletproofs are, effectively, a much more efficient and secure form of range proofs that utilize zero-knowledge proofing methods as seen in zk-SNARKS and STARKs, but do not require the trusted setup as required with zk-SNARKS and are not as large as STARKs. Bulletproofs are more generic than some of its predecessors and can be used, in theory, to prove any arbitrary statements. The logarithmic-size complexity increments of bulletproofs means that they are substantially more efficient than other techniques. For instance if we need additional t proofs, the complexity of the algorithms will increase additively by a factor of log(t) instead of linearly 10 times. The following image clearly illustrates that concept. Another advantage of bulletproofs is that it can be used in multi-party environments by leveraging multi-party-computation(MPC) models. Specifically, bulletproof MPC is a variation of the protocol in which a proof can be constructed from different parties using a constant number of rounds. Bulletproofs represents a faster, nimbler and more robust alternative to other blockchain privacy methods. Monero’s implementation is certainly a step towards making bulletproofs more widely adopted within the blockchain community but we should expect more implementation to be available soon.

Monero

fees

Bulletproofs: The New Kid in Blockchain Security Land

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

10 Cryptocurrency Data Points to Takeaway from 2019

(1/100) Crypto Countdown: Golem

A Research Report on the Trader $JOE DeFi Platform

07/03/2018: Biggest Stories in the Cryptosphere

05/02/2018: Biggest Stories in the Cryptosphere

01/06/2018: Biggest Stories in the Cryptosphere

10 Cryptocurrency Data Points to Takeaway from 2019

(1/100) Crypto Countdown: Golem

A Research Report on the Trader $JOE DeFi Platform

07/03/2018: Biggest Stories in the Cryptosphere

05/02/2018: Biggest Stories in the Cryptosphere

01/06/2018: Biggest Stories in the Cryptosphere

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps