CryptoURANUS Economics

Anti-AdBlocker

Tuesday, July 9, 2019

GRiN-(AltCoin): Cryptocurrency

GRiN-(AltCoin)


GRiN-(AltCoin): Launched on January 15th, 2019, Grin is a cryptocurrency focused on privacy without censorship in its implementation of Mimblewimble. According to their website, the developers want Grin to be usable by everyone regardless of borders, culture, skills or access.

Without address information or amounts stored on the blockchain, the chain is meant to be lean and scalable. Grin was launched without a premine, ICO, or founders rewards and relies on donations to support the long-term development of the project.

GRiN-(AltCoin) is an exciting new cryptocurrency leveraging the MimbleWimble protocol. But tutorials on Grin are notoriously nondescript. This post aims to share exactly how Grin transactions work.




















Introduction:
MimbleWimble and Grin


MimbleWimble is a blockchain format and protocol that provides extremely good scalability, privacy and fungibility by relying on strong cryptographic primitives. It addresses gaps existing in almost all current blockchain implementations.

GRiN-(AltCoin) is an open source software project that implements a MimbleWimble blockchain and fills the gaps required for a full blockchain and cryptocurrency deployment.
The main goal and characteristics of the Grin project are:
  • Privacy by default. This enables complete fungibility without precluding the ability to selectively disclose information as needed.
  • Scales mostly with the number of users and minimally with the number of transactions (<100 byte kernel), resulting in a large space saving compared to other blockchains.
  • Strong and proven cryptography. MimbleWimble only relies on Elliptic Curve Cryptography which has been tried and tested for decades.
  • Design simplicity that makes it easy to audit and maintain over time.
  • Community driven, encouraging mining decentralization.
A detailed post on the step-by-step of how Grin transactions work (with graphics) can be found in this Medium post.

Introduction:


This document is targeted at readers with a good understanding of blockchains and basic cryptography. With that in mind, we attempt to explain the technical buildup of MimbleWimble and how it's applied in Grin. We hope this document is understandable to most technically-minded readers. Our objective is to encourage you to get interested in Grin and contribute in any way possible.

To achieve this objective, we will introduce the main concepts required for a good understanding of Grin as a MimbleWimble implementation. We will start with a brief description of some relevant properties of Elliptic Curve Cryptography (ECC) to lay the foundation on which Grin is based and then describe all the key elements of a MimbleWimble blockchain's transactions and blocks.

Brief primer on Elliptic Curve Cryptography:


We start with a brief primer on Elliptic Curve Cryptography, reviewing just the properties necessary to understand how MimbleWimble works and without delving too much into the intricacies of ECC. For readers who would want to dive deeper into those assumptions, there are other opportunities to learn more.

An Elliptic Curve for the purpose of cryptography is simply a large set of points that we will call C. These points can be added, subtracted, or multiplied by integers (also called scalars). Given such a point H, an integer k and using the scalar multiplication operation we can compute k*H, which is also a point on curve C. Given another integer j we can also calculate (k+j)*H, which equals k*H + j*H. The addition and scalar multiplication operations on an elliptic curve maintain the commutative and associative properties of addition and multiplication:
(k+j)*H = k*H + j*H


In ECC, if we pick a very large number k as a private key, k*H is considered the corresponding public key. Even if one knows the value of the public key k*H, deducing k is close to impossible (or said differently, while multiplication is trivial, "division" by curve points is extremely difficult).
The previous formula (k+j)*H = k*H + j*H, with k and j both private keys, demonstrates that a public key obtained from the addition of two private keys ((k+j)*H) is identical to the addition of the public keys for each of those two private keys (k*H + j*H). In the Bitcoin blockchain, Hierarchical Deterministic wallets heavily rely on this principle. MimbleWimble and the Grin implementation do as well.

Structure of transactions:


The structure of transactions demonstrates a crucial tenet of MimbleWimble: strong privacy and confidentiality guarantees.
The validation of MimbleWimble transactions relies on two basic properties:
  • Verification of zero sums. The sum of outputs minus inputs always equals zero, proving that the transaction did not create new funds, without revealing the actual amounts.
  • Possession of private keys. Like with most other cryptocurrencies, ownership of transaction outputs is guaranteed by the possession of ECC private keys. However, the proof that an entity owns those private keys is not achieved by directly signing the transaction.
Sources for this Content above:
Source-1

Other Sources of Related Content:
Source-2
Source-3







 



The Begining

Privacy-Token Economic-Review: Cryptocurrency

Privacy-Token Economic-Review






Table of Contents:




 
















Why Privacy Token?


Blockchain is a network allowing peer-2-peer transactions without centralized local bank exchanges keeping transaction counter-parties anonymous.

Privacy, the ability within an individual or group ghost their personal information invisible and selectively. Remember this that every transaction is broadcasted, and viewable to all on a public ledger, therefore not private as intended.

Privacy transaction patterns of certain wallets known as identity of the account owner can be profiled using social  / freaking / engineering hacking skill serts.

Privacy, translates into several meanings to different people. PRIVACY MATTERS in blockchain, but deeper research unveils there is never any privacy.
Remember The Key Things:
Sender Privacy [Wallet/Address Privacy]
Cryptographic Privacy [Transaction Privacy]
Balance Visibility [Data/Content Privacy]






Privacy Tokens Review:

There are a few privacy tokens with different technology address ing privacy concerns mentioned already.


DASH was founded after the Bitcoin fork in 2014.
AltCoins: Dash, Monera, Zcash, and including PIVX, Grin, Verge, NavCoin, and traditional tokens, such as LTC all contemplate adding privacy features into their token gaining some comparative advantages, but still lacking note-worthy privacy; as with most coins. 


Dash (DASH AltCoin):
DASH s not cryptographically private.
DASH guarantees security through Mixing, using an adjusted variant of CoinJoin — a strategy at first made to “anonymize” Bitcoins.
DASH is a Proof-of-Work framework that has two kinds of hubs on the system; masternodes and diggers.
DASH Masternodes give moment send and private send capacities.

CoinJoin is a technique to anonymize exchanges proposed by Gregory Maxwell.
CoinJoin depends on the standard of collection together exchanges to make joint installments.
CoinJoin based blending techniques increment security for all clients since it is never again likely that all contributions to an exchange originate from a solitary wallet, and can never again be dependably connected with another solitary client.

Monero (XMR):

Monero was launched April 2014.

XMR was a fair, pre-announced launch of the CryptoNote reference code.

There was no premine or instamine AltCoin, and no portion of the block reward goes to development. Know what Bitcointalk really is.

The founder proposed controversial changes to the cryptocoin that the community disagreed with.

A fallout ensued with the centralizing cryptocoin double talk community, and the Monero Core Team forked a new project within the community following this new Core Team breakaway, as a CryptoCoin-Civilization.

This Core Team has provided oversight since within common and controlled.

Monero has made several very large privacy improvements since it's conceptional launch of decentralization in opposition to the, (IRS), government snitch database exchanges.

The blockchain migrates constantly morphing into a highly privatized database structure to provide greater efficiency and flexibility centered in privacy from bankster centralization.

This highly privatized database structure maintains minimum ring signature sizes set into place so that all transactions are private by Monero Core Team Mandates; unconditionally.

RingCT,  (Ring Confidential Transactions), was implemented to hide the transaction amounts. Nearly all improvements have provided improvements to security or privacy, or they have facilitated use.

Monero is adamant about their coin develop with goals of privacy and security always first in opposition to terrorist networks working with centralization agencies, ease of use and efficiency second.



Monero is the #1 only privacy cryptocurrencies of all the cryptocurrencies upon earth.

The Monero AltCoin is created from a hard fork by Bytecoin in 2014, and still improving it's worth each day.


Monero uses encoded transactions that hide the addresses and the quantities transferred, also adding fraudulent, (fake), transactions that make it impossible to know the contents of the operations -i.e. Monero is a real Crypto-AltCoin-Currency, because it is truly cryptographic, unlike the other AltCoins that are no wheres near.

This Monero uses Ring CT to maintain an anonymous transaction and tighten security wallet.

The Monero team also integrated the powerful Linux-Tails-OS, an operating system passing transactions through the TOR, (most extreme privacy), network, to further protect from government and civilian hackers adding an umbrella of absolute privacy.

Monero uses a network of stealth, (false), addresses, (much like a fake browser cache, but more perfected), to allow users to hide their wallet address from criminals.

Our Monero stealth address is a one-time use address-only that is created for each and every transaction ounce.

That is right, only once unlike other CryptoCoins that are far more centralized into less privacy allowing hackers to steal your wealth.

Noted; Monero users also have a public address that is published on the blockchain, but most (if not all) of their transactions will be passed through unique stealth protective addresses system only if they desire being entirely ghosted.

Basically, The Dash-AltCoin groups up small transactions while Monero breaks down into small transactions for privacy and protection of decentralization, again, unlike the others.

Remember, Monero heavily relies on network resources unless you create your own local node from your downloaded "blockchain" in order to generate your own Monero currency.

They are different from Bitcoin in that regular PC can run Monero’s node service as local and across the internet.

Zcash (ZEC):

Shielded Zcash transactions are completely private(?).

Like Bitcoin, Zcash transaction data is posted to a public blockchain; but unlike Bitcoin, Zcash ensures your personal and transaction data remain completely confidential. Zero-knowledge proofs allow transactions to be verified without revealing the sender, receiver or transaction amount. Selective disclosure features within Zcash allow a user to share some transaction details, for purposes of compliance or audit.

Zcash also allows for transparent transactions, to accommodate for wallets and exchanges that don’t support private transactions.


Zcash is another Bitcoin-forked privacy coin with privacy features using zk-SNARKs. zk-Snarks, aka Zero-Knowledge Succinct Non-Interactive Argument of Knowledge, is a technology to allow miners to verify transactions without knowing who sent/received the coins.

The protocol team has implemented zk-Snarks on Quorum for JP Morgan, which is an enterprise-focused version of Ethereum. The team has worked with other teams to add the privacy feature to their project/platforms.

PIVX (PIVX):

PIVX is a re-brand of the Darknet Coin, and stands for private instant verified transaction. PIVX is a fork from Dash, implementing Bitcoin Improvement Proposals (BIP), and utilizing PoS to secure the network.
PIVX users are allowed to run master nodes with at least a stake of 10,000 tokens (while Dash only requires 1,000 DASH).


About PIVX

PIVX (PIVX), which stands for Private Instant Verified Transaction is an MIT licensed anonymity-based, community-governed fork of DASH. It is a Proof of Stake cryptocurrency with Zerocoin protocol implementation. PIVX has 2-tier currency: a regular coin for ordinary transactions, and an anonymous zPIV (which can be staked) for private transactions. Similar to Dash, PIVX supports quick and private transactions, along with masternodes. The decentralized network of masternodes facilitates treasury management and community governance.

PIVX: Private – Instant – Verified – Transaction(Tx) is an MIT licensed, open source, decentralized blockchain-based cryptocurrency focused on achieving fungibility, transaction privacy, community governance, network salability, and real-world utilization to become one of the most technically advanced globally-accepted online digital currency. NOTE: New Privacy Protocol is in development.

What is PIVX?

PIVX is  a form of digital online money using blockchain technology that can be easily transferred all around the world in a blink of an eye with nearly non-existent transaction fees with market leading security & privacy.

Launch Date: January 31st, 2016
Block Time:
60 seconds
Block Size: 2mb
Total Coin Supply To Date: 55 million
Circulating Supply: < 30 million.  This is due to masternode collateral (10,000 PIV per masternode) being locked in escrow as well as any staking wallets holding PIV off exchanges.

PIVX Transaction Fee: < $0.001 (for Normal sends), < $0.01 (for Private sends)

*********** 09D-07M-19Y ***********

PIVX DETAILS
PIVX is a multifaceted community-centric effort in the blockchain tech and cryptocurrency realms.  In translation here:  There is many components of what PIVX is and why PIVX was manifested.

PIVX is the fastest and lowest cost privacy-focused digital currency, using a Proof of Stake (PoS) consensus system algorithm allowing owners of PIVX to participate in earning block rewards while securing the network with full node wallets.

Designed to be used as a viable currency that preserves individuals privacy and security, PIVX has the most sustainable supply model, is not susceptible to 51% attacks, is already globally distributed without centralization of coins to select few, is supported by thousands of passionate individuals in a Decentralized Autonomous Organization (DAO), and is already being accepted and used by merchants (online and physical locations) around the world.

In support of our global reach, PIVX was the first cryptocurrency project to translate it’s website and materials into over 30+ native languages, providing unparalleled access to information about cryptocurrency and PIVX in individuals most familiar language.

PIVX is the first proof of stake coin with the zerocoin protocol (called zPIV) and zerocoin staking (named zPOS); a completely new Proof of Stake algorithm providing unparalleled privacy, speed of transactions, and low transaction costs.
PIVX employs a second-tier decentralized network of masternodes providing additional services such as community voting governance, self-funded treasury system and instant transactions.

It’s easy to implement and setup a PIVX wallet, be it desktop, mobile, raspberry Pi, etc, allowing for simple merchant adoption.

Additionally, PIVX has one of the most stable designed economic models in cryptocurrency. PIVX has implemented a Dynamic Supply System governing its coin supply; block rewards are static and inflation is reduced whenever a transaction is included in a block by burning transaction & zerocoin fees. At a certain threshold combination of transactions per minute, PIVX will become deflationary.

*********** 09D-07M-19Y ***********

GRIN (GRN):

Mimblewimble is a new privacy-focused blockchain project that is based on Bitcoin’s design. On July 19, 2016, “Tom Elvis Jedusor” dropped the whitepaper into a Bitcoin research channel and disappeared. Later, “Ignotus Peverell” started a Github project called Grin and began turning the Mimblewimble paper into a real implementation.

Mimblewimble refers to the tongue-tying curse in Harry Potter. Tom Elvis Jedusor is Lord Voldemort’s French name and Ignotus Peverell is the original owner of the invisibility cloak.


Mimblewimble/Grin is an improvement upon confidential transactions and CoinJoin from Bitcoin. Key features include no public addresses, complete privacy, and a compact blockchain.

There has been a lot of excitement around Grin mining lately since Grin coins, like Bitcoin, can only be created through PoW mining.

Grin uses the Cuckoo Cycle PoW algorithm, which was originally designed to be ASIC-resistant but is now considered to be ASIC-friendly.


Key Features of Grin:

  • Complete privacy as its default
  • Scalable transactions
  • Tried and tested cryptography
  • Easy design for person to person transaction
  • Community-driven — aimed at decentralized advancement and mining
Other interesting privacy coins that are relatively early in their development include MobileCoin and BEAM.

Verge (XVG):

Verge Coin started its journey as DogeCoinDark in 2014, named after the world’s most popular meme cryptocurrency. In 2016, the coin was rebranded to Verge Cryptocurrency, and has since been gaining enormous traction in technology and investment communities.
  • Verge coin is mineable. But Verge miners can choose one of three mining methods to get their Verge, rather than the expensive and limited options afforded to Bitcoin miners.
  • Verge allows for everyday payments. But where Bitcoin payments are not anonymous, Verge coin transactions are masked with TOR and i2P, for fully private transaction.
  • Verge is decentralized money. But Verge is also in the process of adding smart contract functionality, allowing it to develop for the needs of the world better than Bitcoin.
  • Verge has several key partnerships, including porn industry giant MindGeek, whose subsidiaries include Pornhub and Brazzers.

Litecoin (LTC):

Litecoin is getting tired of standing in Bitcoin’s shadow. After many years as Bitcoin’s second fiddle, Litecoin core developers are getting more interested in following the likes of privacy coins such as Monero (XMR) and Zcash (ZEC).


Charlie Lee opened a discussion on fungibility and hinted at the addition of Confidential Transactions in a “future release of the full-node implementation” in 2019. This will let LTC gain more comparative advantage as media of transaction and payment.

NavCoin (NAV):

NavCoin is a decentralized cryptocurrency that was forked from Bitcoin. It aims to solve 2 problems that are typically found in blockchain platforms:
  • Data is made public on the blockchain, leaving it vulnerable to malicious attacks by illicit users.
  • Most blockchains use “roll backs” as the solution to data vulnerability. They reset the blockchain to a backed-up point after a data breach, meaning transactions made leading up to the roll back are erased.
The NavTech system is a combination of the traditional Bitcoin blockchain and a NAV subchain. Using two chains allows users to send transactions with complete anonymity.

CloakCoin:

Cloak is a veteran privacy coin that is growing slowly, although it has been active in the privacy niche for approximately 4 years. The blockchain is operated using a Proof-of-Stake consensus protocol. It has relatively short blocktimes and quickly processes transactions.

The platform also offers 2 different methods of making your transactions untraceable. First is their onion-routing privacy protocol. Onion routing involves encrypting messages with many layers (similar to an onion).
It also offers the Enigma process to provide additional privacy cloaking on transactions. Enigma cloaking is applied when a user requests a cloaked enigma transaction.

Enigma (ENG):

The Enigma project is entirely separate from the Enigma cloaking process used in CloakCoin transactions. Enigma is not a cryptocurrency nor a blockchain; instead, it is a privacy protocol that can be deployed on blockchains and decentralized applications.


Therefore its token, ENG, is a distinct addition to the list of top privacy coins.
The Enigma network provides privacy by making nodes unable to see the data that they compute. Although they are unable to clearly see exactly what they are working on, these nodes are still capable of verifying that their computations have been run correctly.


With the data masked like this, Enigma hopes to open the door for what they call a new type of smart contracts — “secret contracts” — wherein the underlying data processed in a smart contract remains encrypted at all times.

DeepOnion:

DeepOnion is a new privacy coin project that is generating some interest in the community. Like a few of the other coins in this list, DeepOnion uses TOR to send untraceable transactions. It also uses a mix of Proof-of-Stake and Proof-of-Work protocols to offer fast confirmation times.

DeepOnion also employs stealth addresses to keep transactions private. The DeepOnion team is currently working on DeepSend and DeepVault. DeepSend will use a multi-signature method to prevent payments from being traced.


DeepVault is an information storage service that allows users to store data in the blockchain forever. In order to verify the integrity of a file, a user only needs to compare their current version of the file with the backup. This can be beneficial for the purpose of verifying the integrity of important documents.

ZenCash:

Zencash is more than a privacy cryptocurrency because it also contains a messaging platform, a Distributed Autonomous Organization (DAO). Users can send tokens anonymously (“Z” address) or pseudonym (“T” address). Even Zencash, a hard fork by Zcoin, wants to make an exchange with the same degree of privacy.

Zcoin:

Zcoin also uses the Zerocoin protocol. Zcoin is burned in a Zcoin transaction and Zerocoin are created and transferred, but since they have no history, they are not traceable. This costs a 0.01 Zcoin fee. Those who receive money only know that they have received them.

Bytecoin (BCN):

Bytecoin is probably the oldest cryptocurrency to deal with privacy problem, given that its birth dates back to 2012, but has recently had a flashback. As a security system, it combines a Stealth system for addresses joined to the Ring CT, with a protocol called Cryptonote. This privacy token is the father of Monero.

Bitcoin Private:

Bitcoin Private comes from a hard fork and a fusion, i.e. a hard fork of Bitcoin and then a merger with Zclassic, in turn, hard fork of Zcash in which the prize for creators was canceled. Bitcoin Private also implements the zk- Snarks.

SpectreCoin (XSPEC):

Spectrecoin (XSPEC) was created in December 2016 as a fork of ShadowCash (SDC), with its initial difference being that it ran over the tor network for added privacy. Since then, it has continued to make strides, developing into an even more user-friendly and anonymous cryptocurrency.

These advancements include OBFS4 Bridges, Wallet UI improvements, improved stealth addresses, updated tor, and better syncing. At just over a year old, the project has come a long way and has big plans for the future, such as stealth staking (a first for any crypto) and the implementation of Android and iOS mobile wallets.

Key Features:

  • Tor to hide the location and make tracking more difficult
  • Stealth addresses to keep the receiver anonymous
  • Ring Signatures to keep the sender hidden

Privacy Token Economics:

Due to different technology stacks to realize the privacy features, the token economics designs can be different to incentivize various ecosystem stakeholders. In this section, we will discuss the different token economics design for DASH, and Enigma Protocol.
First, let’s summarize some techniques used by Privacy Token.
  • CoinJoin — Join multiple transactions a group so that the transaction cannot be linked to a single wallet/address. It is a Mixing-based privacy solution.
  • TOR Network— TOR make the transaction untraceable. Another way to understand TOR is VPN. It transacts using multiple layers of proxy to hide the identity behind the transaction counter-parties. [check the 2-min video here]
  • i2P — The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a Mix Network) that allows for censorship-resistant, peer to peer communication. Anonymous connections are achieved by encrypting the user’s traffic (by using end-to-end encryption), and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world.
  • RingCT — RingCT stands for Ring Confidential Transactions, makes transactions harder to trace by obscuring the output of the true sender in a set of n other outputs on the blockchain, indistinguishable with respect to their amounts. It is a Mixing-based privacy solution.
  • Stealth Address — Stealth Address means that the created stealth address will be used only once for the transaction. That being said, each transaction corresponds to one stealth address, which makes it impossible to link the transactions to single wallet/address.
  • zk-SNARKS— zk-SNARKS stands for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge. It is a cryptography algorithm to verify the transaction without revealing the address and balance.
  • Mimblewimble — Mimblewimble uses elliptic-curve cryptography that requires smaller keys than other cryptography types. In a network that is using the Mimblewimble protocol, there are no addresses on the blockchain, and the network’s data storage is highly efficient.  
  • [A quick example by Crypto Potato Website]


DASH:

Dash works a little differently from Bitcoin, however, because it has a two-tier network. The second tier is powered by masternodes (Full Nodes), which enable financial privacy (PrivateSend), instant transactions (InstantSend), and the decentralized governance and budget system.


Because this second tier is so important, masternodes are also rewarded when miners discover new blocks. The breakdown is as follows: 45% of the block reward goes to the miner, 45% goes to masternodes, and 10% is reserved for the budget system (created by superblocks every month).

As of February 2019, the holders of DASH that run a masternode receive ~ 7% annual block rewards. https://masternodes.online/currencies/DASH/ is a great resource for real-time DASH network metrics.

The current block reward is 3.35 DASH, or 1.5075 for miners, 1.5075 for masternodes, and .335 DASH for the DAO per block. Dash features a block interval of ~ 2.5 minutes and ~ 550 blocks per day.

Each masternode requires 1,000 DASH as collateral. The 1,000 DASH are used as bonded collateral and required to earn the inflation funded block rewards. The collateral is always safe and never forfeited during masternode operation.
Since masternode rewards are fixed at 45% of the block reward, or 1.5075 DASH per block, and the number of active masternodes on the network is dynamic, expected masternode rewards will vary according to current total count of active masternodes. Masternodes are currently yielding ~ 7.01%.
The average Dash masternode reward frequency is just shy of nine days.

Enigma:

Enigma is a protocol related to process information securely. Its token must be purchased in order to run a node on their network. After buying the Enigma token, you can receive rewards for processing data. But in order to process data, each node must make a security deposit. If the data is tampered during the verification process, the deposit will be split between any nodes that processed the data without error.

In effect, owning ENG allows people to get started using the network. ENG also serves as a reward for participation in the network.


Other factors affecting the Token Economics include: randomness of miner/node selection, front-cost of providing mining service (e.g., ASIC vs. PC) and also coin reward number and coin prices.

Regulatory Surveillance vs. Privacy:

Recently, there have been different voices on SEC approving BTC ETF proposals. For people who don’t think it will come soon [Brian Kelly].
Over 2018, the SEC has received multiple Bitcoin ETF applications from various players, such as the Winklevoss twins, but is yet to approve any one of them. Expanding on his point of view, Kelly said that the agency is unlikely to change its opinion in the near future, as “there is too much that is unresolved.”

SEC officials have demanded better cryptocurrency surveillance and custody before approving BTC ETF applications for multiple reasons:
Concerns about hacking events and market manipulation
Concerns of money laundering without transaction traceability
Concerns of linking transaction with wallet/address for taxation reasons.
Here is the dilemma between regulatory surveillance vs. privacy. Until a balance/compromise is reached, the next bull market might be delayed as long as possible.


Blockchain Privacy Modeling

Given that blockchain transactions are pseudonymous, not anonymous, and that blockchains themselves are transparent, numerous protocols exist for the incorporation of greater privacy to protect individuals from those seeking to connect them with their transactions. It goes without saying that the motives behind this include facilitating protection from legal entities, but also the desire to grant individuals privacy from those who might wish to steal funds or identify those with large holdings for the purpose of solicitations or more serious crimes. With that in mind, not all privacy protocols are alike. There are different methods to achieve the goal at hand — namely obscuring transaction histories to the point where tracking someone’s balance history becomes prohibitively resource intensive, if not completely impossible. Here we discuss the three most common methods of achieving this, and their applications thus far.

Zero knowledge proof (ZCash, PIVX):





Last week we published an article going into detail on ZKPs, which can be read here. There is evidence to suggest this could be the most popular privacy technology moving forward, as it is promised in Ethereum, Cardano, Tron and others.

Ring signatures (Monero):

The earliest privacy coin, Bytecoin, uses a concept called ring signatures which had been theorized as far back as 2001 in a paper delivered to ASIACRYPT. The concept was proposed as a way to leak secrets with anonymity, for example in the White House or a Board of Directors, by having all members of the group in question sign the output even when it comes from only one individual. In cryptocurrencies, ring signatures send a transaction from a member of a group in which all members have their own account keys and sign the transaction. This creates a group of individual accounts which all could theoretically have sent a transaction, when only one has. Put more simply, it is not possible to say which of the group has actually sent the transaction.

Monero is a Bytecoin fork which maintained its employment of ring signatures, and in 2017 added “ring CT” (confidential transactions), which hide details of transactions from all but the sender and the recipient. Monero has a minimum of 7 signatures per transactions, and when combined with the range proofs introduced with its Bulletproofs update this year it is arguable that Monero remains the most comprehensive privacy blockchain platform (and indeed this is recognized by the market, where Monero stands at 13th on the top 100 coins by market cap, ahead of all other privacy tokens).

Coin mixing and change addresses (Dash):

In Bitcoin’s early days, coin mixing became popular for those trading on illicit activity websites to scramble their transaction histories and making tracing funds through the blockchain much more difficult. This was not a feature on Bitcoin’s blockchain, but rather a third party service which mixes coins for a fee of 1–3%. The concept is simple: swapping one denomination of Bitcoin for another of equal size, thereby obfuscating the trails of both and making identification much more difficult.
As discussed in our write up on Dash masternodes and their functions, Dash introduced a privacy feature initially called DarkSend (now PrivateSend), which facilitates a type of coin mixing directly into their blockchain using masternodes. When requested, these masternodes split a transaction into denominations, mixing them with the denominations of others using PrivateSend, before sending it back to a change address the user controls. At that point it is much more difficult to trace the transaction history.

Most notably, this is an elective feature which makes Dash a rare example of a currency with optional privacy or transparency, depending on the user’s goal and the demands of vendors — thereby avoiding the blacklisting problem which could devalue specific tokens devalued by privacy measures.
Article by Byron Murphy, Editor at Viewnodes. We help clients establish and maintain masternodes for the currencies which currently support them. To contact us for information on our masternode services, please submit this contact form.

Disclaimer:

All of the information of projects are sourced from online materials and do not necessarily reflect the current state of the projects. The information here does not constitute any advice on investment or consequence of any investment.

Reference:














PIVX-(PiVX): Cryptocurrency



About PIVX


PIVX-(PiVX):, which stands for Private Instant Verified Transaction is an MIT licensed anonymity-based, community-governed fork of DASH. It is a Proof of Stake cryptocurrency with Zerocoin protocol implementation. PIVX has 2-tier currency: a regular coin for ordinary transactions, and an anonymous zPIV (which can be staked) for private transactions. Similar to Dash, PIVX supports quick and private transactions, along with masternodes. The decentralized network of masternodes facilitates treasury management and community governance.


PIVX: Private – Instant – Verified – Transaction(Tx):  This is an MIT licensed, open source, decentralized blockchain-based cryptocurrency focused on achieving fungibility, transaction privacy, community governance, network salability, and real-world utilization to become one of the most technically advanced globally-accepted online digital currency. NOTE: New Privacy Protocol is in development.




BTC

















What is PIVX?


PIVX is  a form of digital online money using blockchain technology that can be easily transferred all around the world in a blink of an eye with nearly non-existent transaction fees with market leading security & privacy.

Launch Date: January 31st, 2016
Block Time:
60 seconds
Block Size: 2mb
Total Coin Supply To Date: 55 million
Circulating Supply: < 30 million.  This is due to masternode collateral (10,000 PIV per masternode) being locked in escrow as well as any staking wallets holding PIV off exchanges.

The PIVX Transaction Fee: < $0.001 (for Normal sends), < $0.01 (for Private sends)

PIVX DETAILS

PIVX is a multifaceted community-eccentric endeavor in the blockchain tech and cryptocurrency realms.  What we mean by that is this:  There are many components of what and who PIVX is and why PIVX was manifested.

PIVX is the fastest and lowest cost privacy-focused digital currency, using a Proof of Stake (PoS) consensus system algorithm allowing all owners of PIVX to participate in earning block rewards while securing the network with full node wallets.

Designed to be used as a viable currency that preserves individuals privacy and security.

The PIVX is the most sustainable supply model, is not susceptible to 51% attacks, is already globally distributed without centralization of select few coins.

Our PIVX is supported by thousands of passionate individuals in a adamant Decentralized Autonomous Organization (DAO) that is already being accepted and used by merchants (online and physical locations) around the world, because of security and heightened privacy.


In support of this global reach, PIVX is the first cryptocurrency project to translate it’s website and materials into over 30+ native languages, providing unparalleled access to information about cryptocurrency and PIVX in individuals most familiar language.

PIVX is the first proof of stake coin with the zerocoin protocol (called zPIV) and zerocoin staking (named zPOS); a completely new Proof of Stake algorithm providing unparalleled privacy, speed of transactions, and low transaction costs.

Our PIVX employs a second-tier decentralized network of masternodes providing additional services such as community voting governance, self-funded treasury system and instant transactions.



It’s easy to implement and setup a PIVX wallet, be it desktop, mobile, raspberry Pi, etc, allowing for simple merchant adoption.

Additionally, PIVX has one of the most stable designed economic models in cryptocurrency. PIVX has implemented a Dynamic Supply System governing its coin supply; block rewards are static and inflation is reduced whenever a transaction is included in a block by burning transaction & zerocoin fees. At a certain threshold combination of transactions per minute, PIVX will become deflationary.

zk-SNARKs: Cryptocurrency

What are zk-SNARKs?





Zcash is the first widespread application of zk-SNARKs, a novel form of zero-knowledge cryptography. The strong privacy guarantee of Zcash is derived from the fact that shielded transactions in Zcash can be fully encrypted on the blockchain, yet still be verified as valid under the network’s consensus rules by using zk-SNARK proofs.


The acronym zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge,” and refers to a proof construction where one can prove possession of certain information, e.g. a secret key, without revealing that information, and without any interaction between the prover and verifier.
“Zero-knowledge” proofs allow one party (the prover) to prove to another (the verifier) that a statement is true, without revealing any information beyond the validity of the statement itself. For example, given the hash of a random number, the prover could convince the verifier that there indeed exists a number with this hash value, without revealing what it is.

In a zero-knowledge “Proof of Knowledge” the prover can convince the verifier not only that the number exists, but that they in fact know such a number – again, without revealing any information about the number. The difference between “Proof” and “Argument” is quite technical and we don’t get into it here.



BTC
















“Succinct” zero-knowledge proofs can be verified within a few milliseconds, with a proof length of only a few hundred bytes even for statements about programs that are very large. In the first zero-knowledge protocols, the prover and verifier had to communicate back and forth for multiple rounds, but in “non-interactive” constructions, the proof consists of a single message sent from prover to verifier. Currently, the most efficient known way to produce zero-knowledge proofs that are non-interactive and short enough to publish to a block chain is to have an initial setup phase that generates a common reference string shared between prover and verifier. We refer to this common reference string as the public parameters of the system.

If someone had access to the secret randomness used to generate these parameters, they would be able to create false proofs that would look valid to the verifier. For Zcash, this would mean the malicious party could create counterfeit coins. To prevent this from ever happening, Zcash generated the public parameters through an elaborate, multi-party ceremony. To learn more about our parameter generation ceremony and see the precautions we’ve taken to prevent the secret randomness essential to Zcash from being exposed (e.g. computers being blowtorched), visit our Paramgen page. To learn more about the math behind the parameter generation protocol, read our blog post or whitepapers (1, 2) on the topic.

How zk-SNARKs are constructed in Zcash


In order to have zero-knowledge privacy in Zcash, the function determining the validity of a transaction according to the network’s consensus rules must return the answer of whether the transaction is valid or not, without revealing any of the information it performed the calculations on. This is done by encoding some of the network’s consensus rules in zk-SNARKs. At a high level, zk-SNARKs work by first turning what you want to prove into an equivalent form about knowing a solution to some algebraic equations. In the following section, we give a brief overview of how the rules for determining a valid transaction get transformed into equations that can then be evaluated on a candidate solution without revealing any sensitive information to the parties verifying the equations.

Computation → Arithmetic Circuit → R1CS → QAP → zk-SNARK

The first step in turning our transaction validity function into a mathematical representation is to break down the logical steps into the smallest possible operations, creating an “arithmetic circuit”. Similar to a boolean circuit where a program is compiled down to discrete, single steps like AND, OR, NOT, when a program is converted to an arithmetic circuit, it’s broken down into single steps consisting of the basic arithmetic operations of addition, subtraction, multiplication, and division (although in our particular case, we will avoid using division).
Here is an example of what an arithmetic circuit looks like for computing the expression (a+b)*(b*c) :





Looking at such a circuit, we can think of the input values a, b, c as “traveling” left-to-right on the wires towards the output wire. Our next step is to build what is called a Rank 1 Constraint System, or R1CS, to check that the values are “traveling correctly”. In this example, the R1CS will confirm, for instance, that the value coming out of the multiplication gate where b and c went in is b*c.
In this R1CS representation, the verifier has to check many constraints — one for almost every wire of the circuit. (For technical reasons, it turns out we only have a constraint for wires coming out of multiplication gates.) In a 2012 paper on the topic, Gennaro, Gentry, Parno and Raykova presented a nice way to “bundle all these constraints into one”. This method uses a representation of the circuit called a Quadratic Arithmetic Program (QAP). The single constraint that needs to be checked is now between polynomials rather than between numbers. The polynomials can be quite large, but this is alright because when an identity does not hold between polynomials, it will fail to hold at most points. Therefore, you only have to check that the two polynomials match at one randomly chosen point in order to correctly verify the proof with high probability.
If the prover knew in advance which point the verifier would choose to check, they might be able to craft polynomials that are invalid, but still satisfy the identity at that point. With zk-SNARKs, sophisticated mathematical techniques such as homomorphic encryption and pairings of elliptic curves are used to evaluate polynomials “blindly” – i.e. without knowing which point is being evaluated. The public parameters described above are used to determine which point will be checked, but in encrypted form so that neither the prover nor the verifier know what it is.
The description so far has mainly addressed how to get the S and N in “SNARKs” — how to get a short, non-interactive, single message proof — but hasn’t addressed the “zk” (zero-knowledge) part which allows the prover to maintain the confidentiality of their secret inputs. It turns out that at this stage, the “zk” part can be easily added by having the prover use “random shifts” of the original polynomials that still satisfy the required identity.
For a step-by-step, in-depth explanation of key concepts behind zk-SNARKs in Zcash, see our SNARKs Explainer series with posts on:
  1. Homomorphic Hiding
  2. Blind Evaluation of Polynomials
  3. The Knowledge of Coefficient Test and Assumption
  4. How to make Blind Evaluation of Polynomials Verifiable
  5. From Computations to Polynomials
  6. The Pinocchio Protocol
  7. Pairings of Elliptic Curves
Zcash uses bellman, a Rust-language library for zk-SNARKs. Before the Sapling upgrade, Zcash used a fork of the C++ library, libsnark. For a deeper dive into the protocols used for Zcash’s zk-SNARKs, refer to the paper on the Pinocchio protocol, which was used until the Sapling upgrade, and Jens Groth’s zk-SNARK which is used currently.


How zk-SNARKs are applied to create a shielded transaction


In Bitcoin, transactions are validated by linking the sender address, receiver address, and input and output values on the public blockchain. Zcash uses zk-SNARKs to prove that the conditions for a valid transaction have been satisfied without revealing any crucial information about the addresses or values involved. The sender of a shielded transaction constructs a proof to show that, with high probability:
  • the input values sum to the output values for each shielded transfer.
  • the sender proves that they have the private spending keys of the input notes, giving them the authority to spend.
  • The private spending keys of the input notes are cryptographically linked to a signature over the whole transaction, in such a way that the transaction cannot be modified by a party who did not know these private keys.
In addition, shielded transactions must satisfy some other conditions that are described below.
Bitcoin tracks unspent transaction outputs (UTXOs) to determine what transactions are spendable. In Zcash, the shielded equivalent of a UTXO is called a “commitment”, and spending a commitment involves revealing a “nullifier”. Zcash nodes keep lists of all the commitments that have been created, and all the nullifiers that have been revealed. Commitments and nullifiers are stored as hashes, to avoid disclosing any information about the commitments, or which nullifiers relate to which commitments.
For each new note created by a shielded payment, a commitment is published which consists of a hash of: the address to which the note was sent, the amount being sent, a number “rho” which is unique to this note (later used to derive the nullifier), and a random nonce.
Commitment = HASH(recipient address, amount, rho, r)
When a shielded transaction is spent, the sender uses their spending key to publish a nullifier which is the hash of the secret unique number (“rho”) from an existing commitment that has not been spent, and provides a zero-knowledge proof demonstrating that they are authorized to spend it. This hash must not already be in the set of nullifiers tracking spent transactions kept by every node in the blockchain.
Nullifier = HASH(spending key, rho)
The zero-knowledge proof for a shielded transaction verifies that, in addition to the conditions listed above, the following assertions are also true:
  • For each input note, a revealed commitment exists.
  • The nullifiers and note commitments are computed correctly.
  • It is infeasible for the nullifier of an output note to collide with the nullifier of any other note.
In addition to the spending keys used to control addresses, Zcash uses a set of proving and verifying keys to create and check proofs. These keys are generated in the public parameter ceremony discussed above, and shared among all participants in the Zcash network. For each shielded transaction, the sender uses their proving key to generate a proof that their inputs are valid. Miners check that the shielded transaction follows consensus rules by checking the prover’s computation with the verifying key. The way that Zcash’s proof generation is designed requires the prover to do more work up-front, but it simplifies verifying, so that the major computational work is offloaded to the creator of the transaction (this is why creating a shielded Zcash transaction can take up to 40 seconds, while verifying that a transaction is valid only takes milliseconds).
The privacy of Zcash’s shielded transactions relies upon standard, tried-and-tested cryptography (hash functions and stream ciphers), but it’s the addition of zk-SNARKs, applied with the system of commitments and nullifiers, that allows senders and receivers of shielded transactions to prove that encrypted transactions are valid. Other methods of providing privacy for cryptocurrencies rely upon obscuring the linkage between transactions, but the fact that Zcash transactions can be stored on the blockchain fully encrypted opens up new possibilities for cryptocurrency applications. Encrypted transactions allow parties to enjoy the benefits of public blockchains, while still protecting their privacy. Planned future upgrades will allow users to selectively disclose information about shielded transactions at their discretion. See our Near Future of Zcash blog post on future plans for Zcash.
For a more in-depth explanation of how shielded transactions are constructed in Zcash, see our blog post on How Transactions Between Shielded Addresses Work. For full details on the current Zcash protocol, refer to our protocol specification.

zk-SNARKs Future Applications

Creating shielded transactions in Zcash is only one example out of many possible applications of zk-SNARKs. Theoretically, you can use a zk-SNARK to verify any relation without disclosing inputs or leaking information. Generating proofs for complex functions is still too computationally intensive to be practical for many applications, but the Zcash team is pushing the boundaries for optimizing zk-SNARKs, and is already breaking new ground with more efficient implementations.
As it currently stands, Zcash’s implementation of zk-SNARKs can be added to any existing distributed ledger solution as a Zero-knowledge Security Layer for enterprise use cases. The scientists on the Zcash team are among the most knowledgeable researchers of zk-SNARKs in the world, and are constantly working on coming up with new applications and improving the efficiency of zero-knowledge protocols. If you have a business need that could benefit from the application of zero-knowledge proofs or blockchain solutions with robust privacy, get in touch with our business development team.