With Bulletproofs privacy of bitcoin will be cheaper

Bulletproofs method described in the publication «Bulletproofs: Efficient Range Proofs for Confidential Transactions» category
the ACG group dealing with applied cryptography at Stanford University, describes a new system with the evidence of zero disclosure.

The proposal uses the scaling of the network to ensure privacy and proposes a new, faster and more compact method of verification «confidential transaction» (CT). In particular, Bulletproofs can significantly reduce the size of verification for these types of transactions. In addition, the authors have created a practical implementation Bulletproofs.

Currently, all information about the transaction, including the addresses of the wallets and the number of bitcoins sent, is displayed in the blockchain of Bitcoin. This affects the privacy of all users. For example, if someone wants to pay via Bitcoin, which means that each paycheck will be visible in the blockchain. This, in turn, means that someone can use this information for their own purposes. For example, the landlord can see how much money earns a specific person, to try to increase the rent for the apartment.

Confidential transactions necessary to bring in any type of blockchain higher level of privacy. Confidential transactions are combined and use some cryptographic tricks to only the sender and recipient of a transaction knew of the amount of the transaction. These cryptographic tricks enable users to hide the amounts that they transmit at the same time allowing observers to make payments on the hidden amount. In principle, anyone can verify that the amount sent bitcoins more than the amount of bitcoins.

Confidential transactions are implemented using «proofs with zero knowledge.» These proof – method to prove that the other party confidential transaction is valid without sending any information about her.

However, as noted in the document Bulletproofs «the Current proposals for the proof of zero knowledge of CT were either too large, or require a trusted setup. None of these options are not desirable».

First of all, if we need to confirm a group of evidence that is relevant transactions multimediali, complexity and size will be scaled in a linear manner. For example, if the evidence is equal to 2KB, then the two proof — 4K, three evidence — 6kb etc.

In addition, proof of zero knowledge usually require a trusted setup: they must be initialized by a trust centre. However, the security properties of the Bitcoin system do not apply to this centre, because in practice, this means that the centre can create fake «evidence». These fake proof can lead to uncontrollable and undetectable inflation.

Bulletproofs can solve these problems. According to the article: «In any distributed system, where is the evidence transmitted across the network or stored for a long time, a short proof lower total cost».

Bulletproofs can significantly reduce the size of the cryptographic proof from 8Kb up to 734 bytes, although it depends on what constitutes a transaction. Moreover, when working with multiple evidence size increases only a few percent instead of linear scaling. In addition, Bulletproofs do not require a trusted setup.

Andrew Poelstra (Andrew Poelstra), one of the authors of the work and the employee Blockstream believes that Bulletproofs very practical:

«We have already implemented the first version of the cryptographic library libsec256k1 Bitcoin that can verify the proof in three and a half times faster than the verifier for classical groups proof. It is a simplified replacement for the classical groups of evidence which do not affect other aspects of the system and therefore very easy to integrate».

Still confidential transaction was just a theoretical concept, because they were very difficult to implement. With Bulletproofs implementation of a confidential transaction in the Bitcoin becomes more likely. Earlier, Litecoin Creator Charlie Lee (Charlie Lee) said
of intent to introduce confidential transaction to the network immediately after they appear in Bitcoins. It is possible that confidential transactions will appear in several networks in the near future.


Добавить комментарий