“Mimblewimble” is the heart of two confidential cryptocurrencies called Grin and Beam. The privacy protocol was designed to make cryptocurrency transactions truly private – unlike Bitcoin transactions that can be traced – so that a third party can not identify the sender, the receiver or the amount. But a former deep learning software engineer and researcher at Google says Mimblewimble’s privacy is fundamentally flawed and is unlikely to be fixed.
According to the Grin platform,
“Mimblewimble leverages cryptography to allow past transaction data to be removed with no compromise on security. This avoids Grin collapsing under the weight of data having to be kept on chain.”
“Grin has no amounts and no addresses.”
In addition to being touted as a path to optional private transactions on the Bitcoin network, Mimblewimble is being tested for integration with Litecoin.
But Ivan Bogatyy, now a general partner at crypto hedge fund MetaStable Capital, says he broke Mimblewimble.
“Using only $60/week of AWS [Amazon Web Services] spend, I was able to uncover the exact addresses of senders and recipients for 96% Grin transactions in real time.”
While Bogatyy says Mimblewimble isn’t a viable alternative to privacy coins Zcash or Monero, he believes the protocol still has valuable features and that when combined with other technology, such an Ethereum-based protocol, it can offer users robust privacy options.
Writes Bogatyy,
“But this is how science always advances: we propose new theories, and then repeatedly knock them down, until what’s left standing has stood the test of time.”
Bitcoin developers from around the world are currently meeting throughout the month of November to explore other proposals for enhanced privacy and scalability. The global effort has attracted Jack Dorsey’s Square Crypto, a leader in Bitcoin tech development.
The developers are tasked with reviewing different methods to tackling Bitcoin’s limitations while protecting Bitcoin and the users who hold the cryptocurrency.
“The ultimate goal of the review is to allow participants to gain enough technical familiarity with the proposals to be able to either vocally support the proposals, advocate for changes to the proposals, or clearly explain why the proposals shouldn’t be adopted into the Bitcoin consensus rules.
Adding new consensus rules to Bitcoin is something that should be done carefully—because it can’t be undone safely for as long as anyone’s bitcoins depend on those rules—so it’s in every user’s interest that a large number of technical reviewers examine the proposals for possible flaws before they are implemented and before users are asked to consider upgrading their full nodes to enforce the new rules.”
