Author: Charlie Lee 2021-08-10 18:39:39
Published on: 2021-08-10T18:39:39+00:00
ZmnSCPxj proposed a softforkable design for Bitcoin to maintain a non-CT block and a separately-committed CT block, allowing for unconditional privacy and computational soundness. When transferring funds from the legacy non-CT block, users put it into a "burn" transaction that magically causes the same amount to be created in the CT block. To move from the CT block back to legacy non-CT, users match one of those "burn" TXOs and spend it with a proof that the amount being removed from the CT block is exactly the same value as the "burn" TXO being spent. The "burn" TXOs would be some trivial anyone-can-spend, and in the legacy non-CT block, the total amount of funds in all CT outputs is known. Meanwhile, individual CT-block TXOs cannot have their values known. This design may be sufficient for practical privacy. Litecoin is doing something similar with MimbleWimble and extension blocks, and interested parties can find more information about it on their Github page.
Updated on: 2023-06-15T00:49:59.664375+00:00