Litecoin Creator, Ethereum Co-Creator and Grin Crypto Developers Weigh in on ‘Breaking Mimblewimble’ Privacy

 

Charlie Lee, the creator of Litecoin, is responding to a new blog post criticizing a protocol called Mimblewimble that is intended to improve the privacy of cryptocurrency transactions by obscuring identifying data such as names, addresses and transfer amounts.

Lee is currently testing the protocol for Litecoin integration. Mimblewimble is also used in two privacy cryptocurrencies: Grin and Beam.

According to a post by Ivan Bogatyy, general partner at MetaStable Capital and a former Google software engineer, Mimblewimble is fundamentally flawed and requires only $60/week on Amazon Web Services (AWS) to uncover the exact addresses of senders and recipients for 96% of Grin transactions in real time.

Via Twitter, Lee says there’s a lot of work to be done and that privacy and fungibility are an ongoing battle.

“This limitation of MimbleWimble protocol is well known. MW is basically Confidential Transactions with scaling benefits and slight unlinkability. To get much better privacy, you can still use CoinJoin before broadcasting and CJ works really well with MW due to CT and aggregation.”

Adds Quentin Le Sceller, a Grin core developer,

Thanks for the article! To be honest, we knew about this ‘new’ vulnerability since the very beginning of Grin github.com/mimblewimble/d.

Recently formalized as an Open Research Problem github.com/mimblewimble/d. We are working on it.”

Grin developers agree that the limitations of the protocol are well-known within the community and also acknowledge that Grin’s privacy is far from perfect.

“Mimblewimble privacy is not ‘fundamentally flawed’. The described ‘attack’ on Mimblewimble/Grin is a misunderstanding of a known limitation. While the article provides some interesting numbers on network analysis, the results presented do not actually constitute an attack, nor do…

Source Link