image descriptionhttps://grin.mw/
Image Source
No address! No quantity!
-- 2018 Grin Conference, Ignotus Peverell
Operation: Kaysen
Mimblewimble
first level title
If there is another cryptocurrency other than Bitcoin that has the spirit and credentials of a cypherpunk, it is Grin. Grin’s base protocol, Mimblewimble, is a particularly landmark privacy protocol that, combined with Grin’s economic model, makes peer-to-peer electronic cash systems possible in the future.
In simple terms, Mimblewimble exhibits two "magic tricks".
The first "magic" is to compress all the transactions being broadcast on the entire network together, so a block corresponds to a batch of transactions. In the Bitcoin network, all transactions are "atomic" and cannot be compressed. CoinJoin can be used, but this still requires interaction between the sender and receiver.
All quotes in this article, except for these two that are explicitly attributed to Ignotus Peverell, are taken from the Mimblewimble white paper published on July 19, 2016.
Tom Elvis Jedusor
first level title
Like Bitcoin, the story of Grin also originated from the white paper! In July 2016, an anonymous geek under the name of Tom Elvis Jedusor (Harry Potter's Voldemort) released the Mimblewimble white paper on a Bitcoin IRC channel, claiming that it can improve the privacy, scalability and substitutability of Bitcoin. The person then disappeared without a trace.
I named my creation Mimblewimble because it was designed to prevent the blockchain from being transparent about all user private information.
Jedusor first described Bitcoin's problems. He talks about having to replay every transaction to verify the blockchain state (sync), and points out the inefficiencies of this model.
It would be nicer if the censor only needed to check the data of the output itself, but this is impossible because outputs are valid if and only if they are at the end of the previous output on the chain. In other words, the entire blockchain must be verified to confirm the final state.
He then disapproves of the atomic and transparent properties of bitcoin transactions, which are easily tracked by specialized technology companies.
Furthermore, these transactions are cryptographically atomic, and the output of each transaction is clearly known. The resulting "transaction graph" reveals a wealth of information and is analyzed by many companies whose business model is to spy on and control the lower classes. This makes it very inprivate and even dangerous for the people using it.
The guide elaborates on the "transaction graph" that links bitcoin transactions together, going so far as to describe bitcoin as a "very dangerous asset".
What follows briefly describes the many privacy improvements since Satoshi Nakamoto launched Bitcoin::CoinJoinl Gregory Maxwell
: Multi-party bitcoin transactions used to confuse sender and receiver.CryptoNote: Ring signature transactions used to obfuscate sent and received amounts.
l Shen NoetherPrivacy transactionPrivacy transaction
: Combination of CoinJoin and CryptoNote to confuse sender, receiver and sending amount. (See Monero)l Dr. Yuan Horas Mouton'sOne-way aggregate signature (OWAS)
: Obfuscate sender, receiver, and amount by combining all transactions in a block into a single transaction.l BlockstreamPrivacy transaction
(Not to be confused with Noether's Confidential Transactions), an interactive implementation of OWAS, uses a "blinding factor" to obfuscate the amount sent. Adam Back, Gregory Maxwell and Andrew Poelstra were all involved in the development.
Tom Elvis Jedusor pointed out the weaknesses of these methods, CoinJoin is "interactive" and not enforced by default, CryptoNote is that the output must be stored forever, and Noether's private transaction data is too large (in bytes), It only adds to the problem of block size.
These solutions are all very good and will make Bitcoin much safer to use. But the problem of too much data can make things worse. Private transactions require multi-kilobyte (KB) proofs of each output, while van Saberhagen signatures require permanent storage of all outputs since it is not known when they will actually be used.
He goes on to cite a lesser-known paper by Dr. Yuan Horas Mouton, and claims that Mouton solves these problems by making transactions “merge-free” using a new primitive called “one-way aggregate signatures” (OWAS).
OWAS can merge transactions in blocks, which is a very good idea. Imagine we could merge transactions (possibly with some tightly coupled data) over multiple blocks so that when outputs are created and destroyed, it's as if they never existed.
However, OWAS also has problems. The cryptography technology it uses has not been recognized and approved by the academic community, so it is considered risky. The CoinJoin cryptography technology proposed by Dr. Maxwell has interactive problems. Dr. Yuan Horas Mouton solves this problem by allowing transactions on blocks to merge freely. Voldemort's magic was to create a similar system to create and destroy as if "they never existed" by taking advantage of the encryption method Bitcoin already uses, known as elliptic curve cryptography (ECC).
The Mimblewimble protocol transactions are efficiently created and destroyed in a single transaction merged into a block (body), so there is no longer an output chain to replay when syncing. In a process called "cut-through," the blockchain deletes UTXO data that is irrelevant to history. We can now think of each block as one big aggregated transaction. To verify it, we add together all output states and subtract all previous input states.
Secondly, the paper itself is very short and contains some grammatical errors, which may be due to the fact that Jedusor himself is not a native speaker of English. Obviously, this implies that the author is French, although this may be misleading, just like everyone thinks that Satoshi Nakamoto is Japanese. The paper may seem random, but the ideas within it were so compelling that Blockstream mathematician and applied cryptographer Andrew Poelstra was immediately drawn to it. Poelstra has made significant contributions to Bitcoin privacy solutions such as Coinjoin and private transactions, and released a more "precise" version in October 2016 that captures the ideas in the paper.
In fact, Blockstream's development of private transactions was inspired by OWAS, and Mimblewimble was in turn inspired by private transactions. The former is interactive, and the latter is non-interactive with a randomly generated "blinding factor", which means that all transactions in Mimblewimble are confidential by default.
For a while, there was talk of Mimblewimble being integrated into Bitcoin, or adding it as an experimental sidechain. This is not surprising as Jedusor reinvents Bitcoin in many ways using technology already created by Bitcoin developers and Blockstream researchers. Pieter Wuille later explained what prevented this from happening, citing technical difficulties. Of course, Blockstream also has its own federated sidechain called Liquid in its privacy exchange, so that could play into its motivations.
Grin
first level title
And shortly after Poelstr's paper was published, another Harry Potter character came along. Ignotus Peverell published the first partial implementation of Mimblewimble in March 2017, and published a technical introduction to Grin. In October 2017, Peverell published "Mimblewimble for Bitcoin Enthusiasts", a short document describing in detail how Grin is different.
Features are as follows:
1. No address
2. No quantity
3. Two transactions, one transfers to the other, can be merged into one block to form a transaction, and all intermediate information is deleted at the same time
Also, there are no other more transactions in a block. Grin's blocks look like they aggregate many transactions and lose all original associations between inputs and outputs.
Ignotus Peverell
image description
Despite their similar "cypherpunk" origins, Grin is distinct from Bitcoin, possibly inspired by the unlikely flaws in Bitcoin that Satoshi Nakamoto foresaw. Bitcoin has weak privacy. Under such rigorous analysis, a transparent ledger can escape scrutiny only by genius hackers. There is also Bitcoin's huge and clumsy database, highly centralized mining, slow on-chain transaction confirmation times, and high fees that make bankers blush.
However, perhaps the most fundamental difference lies in the economic model, Grin has no fixed supply and no halving cycle. One Grin is spawned every second - forever. This is not as uncommon as many people think, as many prominent cryptocurrencies today (such as Monero and Ethereum) plan to have some kind of long-tail token adjustment after most of the supply has been mined or minted. The unlimited supply also shields Grin from accusations of a Ponzi scheme, where early miners do not have any advantage and cannot deduce the distribution of the pyramid.
Computer scientist John Tromp provided Grin with a proof-of-work system called "Cuckoo Cycle". Tromp told "The Daily Chain" that the system is aimed at ASICs and GPUs and aims to help Grin implement a decentralized decentralized mining system. mining network.
John Tromp, 2020.12
"One Grin is produced every second, which makes people feel that time is value. When something occupies the Grin network for one hour (3600Grin), it represents one hour mined in the Grin life cycle. Grin is as precious as time, right The most straightforward interpretation of time = money."
It is not known whether the Bitcoin network is secure when miners receive transaction fees and there are no block rewards. Currently, Bitcoin is increasingly being considered a store-of-value currency (like gold), rather than the peer-to-peer electronic cash that Satoshi Nakamoto originally articulated in his white paper.
Grin was successfully issued without ICO, pre-mining or mining tax, and the fairness of its issuance also brought many challenges. The funds required to keep development going well are not small, although Grin has done so so far (the developer fund has around 100BTC). Grin doesn't have a huge marketing budget, and while it has a great foundation, it probably won't need it long-term.
Ignotus Peverell, Grin Conference, 2018
Since the launch of the mainnet, Grin and its community have made great progress in research and security, the code has been greatly improved, and many wallets have been released, including the recent full-node wallet Grin++ for devices.
Felix Felicis
first level title
The encryption field is currently very enthusiastic about DeFi. Although this is an important and worth exploring field (Farming), it is only a matter of time before the hype subsides. Until then, we will face the same problem. Bitcoin has poor scalability and weak privacy, while Ethereum's smart contracts (such as gas) use special methods, and the total supply is still less than twice what it was when it first started in 2016 (which means very poor distribution and wealth concentration. ).
With unlimited supply and strong privacy, Grin may be able to realize the original intention of creating a peer-to-peer electronic payment system, rather than being an extremely unstable "store of value" target. Since its birth in 2019, about 60 million Grins have been mined. There are many crypto projects with a total supply in excess of billions of tokens, and for Grin, it would take 31 years to mine 1 billion tokens, with an annual inflation rate of around 3%. A community member commented: "I would say that the numbers don't really matter here, for example, we could say we have billions of nanogrins, but in the end it doesn't really matter, what matters is how the supply changes ratio."
Voldemort's magic has Bitcoin "wizards" as excited as, if not more than, Satoshi Nakamoto's original white paper. While its extraordinary magic doesn’t live on Bitcoin’s sidechains, it lives on in Grin and other Mimblewimble cryptocurrencies.
His identity may remain a mystery, but his "teachers" are not.
Tom Elvis Jedusor, 2016
...We haven't met the amazing Dr. Maxwell yet!
Bitcoin limited by supply cap
The "Marvelous" Maxwell vehemently denies any connection to Mimblewimble or Grin, and insists he is not Tom Elvis Jedusor (better known as Tom Marvolo Riddle), nor the man who cannot be named.
Grin Limited by time
Bitcoin is determined by the total amount of circulation
