Earlier this year Andrew Poelstra, mathematician and researcher at Blockstream, participated in the “Chasing Privacy in Blockchains” panel at the Consensus 2017 blockchain event. Andrew was joined by other experts in the field to discuss the topic of privacy in blockchains, including members from Symbiont, Zcash, Deloitte, and the US Treasury. One thing that all the panelists agreed on was that privacy is increasing on blockchains. As Andrew said, “there are things that will come online soon that no one has seen before”. He expects that to include higher efficiency, more real-world usability, and, yes, better privacy.
One of the advantages of a panel discussion is that it illuminates a multitude of viewpoints on a single topic. That’s vitally important for the topic of privacy on the blockchain because it’s evolving very quickly down a number of different paths. As Andrew said, “we’re really in a phase where we’re exploring different ideas, where we’re exploring different privacy models”.
Mirroring that multitude of viewpoints, Andrew Poelstra is working on not one but three different approaches to privacy on the blockchain, each one with its own advantages. He briefly touched upon all three at Consensus 2017.
Confidential Transactions is built on a simple zero-knowledge proof that uses homomorphic commitments to hide the values of a transaction. Participants of the blockchain can still prove that the transaction adds up, but they didn’t know the amounts. An expansion, Confidential Assets, also hides the types of assets being exchanged — a necessity for privacy in a blockchain with multiple assets. Both Confidential Transactions and Confidential Assets are available from Blockstream and are part of the Elements project.
MimbleWimble takes a different tack for privacy: it’s a new sort of sidechain that hides its transaction graph information by allowing the pruning of spent outputs. Not only does this create unprecedented privacy in a blockchain, but it also improves efficiency, allowing the verification of an entire chain based on a comparatively small number of signatures. MimbleWimble was originally formulated by Tom Elvis Jedusor and has been expanded by Andrew, who gave a talk on the topic last fall at Scaling Bitcoin 2016.
Scriptless Scripts looks at blockchain privacy in yet another way, through the lens of smart contracts. It enhances privacy by keeping its contracts largely offchain. Only the outcome of the contract touches the blockchain: a final signature acts as a verification token that the contract was correctly executed. Like MimbleWimble, Scriptless Scripts is a possible expansion for the privacy already offered by Blockstream with its Confidential Transactions and Confidential Assets.
As the Consensus 2017 panel suggested, improved privacy in blockchains is coming, and there are many different paths it could take. Andrew and Blockstream are working on many of these possibilities!
For the rest of the comments from Andrew and the other members of the panel, the “Chasing Privacy in Blockchains” panel from Consensus 2017 is available online. You can also find all of the session recordings from the event here.