Author: Tony Churyumoff 2016-08-10 07:52:11
Published on: 2016-08-10T07:52:11+00:00
A new proposal has been put forward to hide the entire content of bitcoin transactions. This goes beyond previous privacy measures such as CoinJoin, ring signatures, and Confidential Transactions. The idea is to publish only the hash of inputs and outputs in the blockchain as OP_RETURN, while hiding the entire inputs and outputs. To prevent double-spends, the payer must also publish another hash known as the spend proof, which is the hash of the output being spent. To prove that the outputs being spent are valid, the payer must send the plaintexts of the earlier transaction(s) that produced them. Each private transaction must have exactly one input and one previous output, and every output in a private payment must include a blinding factor, which is just a random string. To issue the new private coin, one can burn regular BTC by sending it to one of several unspendable bitcoin addresses, entitling one to an equal amount of the new private coin called Black Bitcoin or BBC.The bitcoin network protocol can be extended with a new message type to facilitate the exchange of private transaction data. However, this extension currently lacks encryption, so private payments are only truly private when using bitcoin over Tor. After user A sends a private payment to user B, user A will know what the spend proof is going to be when B decides to spend the coin. This means that A will know when the coin was spent by B, but nothing more. The new owner of the coin and its future movements will not be known to A.Over time, larger outputs will likely be split into many smaller outputs whose amounts are not much greater than their denominations. More inputs will have to be combined to send the same amount. When sending a very large amount that is much greater than the highest available denomination, many private transactions will need to be sent. This could cause privacy leakage, but it applies to a small number of users. It is easy to avoid by using multiple addresses and storing a relatively small amount on each address. Exchanges and large merchants will likely accumulate large coin histories, which, although fragmented, far from complete, and likely outdated, should be kept in mind.No hard or soft fork is required for Bitcoin Blockchain Confidential (BBC), which is a separate privacy-preserving currency on top of the bitcoin blockchain. The same private keys and addresses are used for both BBC and the base currency BTC. Every BBC transaction must be enclosed into by a small BTC transaction that stores the OP_RETURNs and pays for the fees. Although originally posted to BCT https://bitcointalk.org/index.php?topic=1574508.0, there has been no feedback so far, as apparently, everyone was consumed with Bitfinex drama and now Mimblewimble.
Updated on: 2023-06-11T19:34:34.443085+00:00