Zoltan asks: “What are bulletproofs? A team of researchers has published a paper entitled”Bulletproof. Short proofs of confidential transactions and more”It’s described bullet proofs as a new non interactive zero knowledge proof protocol is very short proof without a trusted setup.What does it mean? How does it work? And what will be the practical benefits?”

Highly technical question. Thank you for asking, Zoltan, let me try to explain this as best I can.

Confidential transactions isan invention that was published three years ago that allows you toencrypt the amount in a Bitcoin transaction. Andby encrypting the amounts you can break a very very important source ofinformationleakage where analytics companies can track amounts. Now, in an answer to a previous questionI’ve mentioned a coinjoin, where lots of people participate together in a transaction andone of the disadvantages of that is ifunless you are all tradingapproximately the same amount, it’s very easy to track which input belongs to which output because of the amounts involved.

Soconfidential transactions are meant to be used together with coin mixing strategies to create very very anonymousand privateBitcoin transactions, whereby no one can track who’s paying whats to who. Andconfidential transactions encrypt thevalue, andbyencrypting the value you can’t see how much is being transacted and if you use that together with mixing you can’t really tell which output corresponds to which inputs and it makes it much more robust privacy.

Now you might be thinking: “Ok, but if the amount is encrypted, how do we know they didn’t spend money they didn’t have and how do we know they didn’t create new money from nothing? And the technique that’s used in confidential transactions is called “a zero knowledge proof”. And “a zero knowledge proof” is where you prove something is true without knowing some underlying information.

So in the case of confidential transactions, what you can do is you can use a special type of math in the zero knowledge proof that allows you to add the inputs and outputs and show that they add up to zero. Basically show that the amount of the inputs and the amount of the outputs are equal and add up to zero without knowing what these amounts are. And this seems impossible and trust me, the math when you read it doesn’t make it seem any more possible.

It is quite confusing and very difficult to understand and I don’t really understand it, but what I do understand is that if you encrypt values A in the input and B in the outputs you can then apply a proof that says A and B cancel out each other and the sum of them is zero. So that you know that there is an equal amount of inputs an out, but no new money has been created.

The specific “zero knowledge proofs” is using confidential transactions called “a range proof” and you can prove that a numbers within a certain range without knowing what the number is. And “bulletproof” is a development, because one of the problems with non-interactive zero knowledge proof is that they tend to be very large. They use a large amount of data.

So, if a transaction with confidential transactions that contains these non-interactive zero knowledge proofcould be twenty kilobytes compared to a normal transaction, let’s say 200 bytes, and that’snot a very good trade-off.

So you got a lot of privacy,but in return the capacity of your blockchain just decreased tremendously, because the transaction just became,you know, a hundred times larger.

So,what the authors of that paper achieved and it’sinteresting read, although you might find it challenging, isthey achieved a much shorter proof so that you can prove that the numbers in the inputs and outputs are within a rangewithout using as much data, without making a very largetransaction that then reduces the capacity of yourblockchain, it’s a veryincredible development incryptography and it’s, once again, a demonstration thatBitcoin and the crypto ecosystem in general and the research that’s going on is pushing the boundaries of cryptography.It’s generating new cryptographicknowledge and discoveries and scienceevery single day.

So, the practical benefits, as you asked, the practical benefits is that we can get confidentialtransactions with much shorter proofs which allow us to encrypt the value of a transaction, so thatwe can gain greater anonymity without that transaction being enormous in size

What are Bulletproofs обновлено: November 21, 2018 автором: