Recently, the Litecoin team announced that the Litecoin Foundation will collaborate with the BEAM team to add MimbleWimble to Litecoin to solve the privacy issue. Does Litecoin really need MimbleWimble? This article will try to answer the question.
What is MimbleWimble?
In July 2016, MimbleWimble was released mysteriously on the IRC channel #bitcoin-wizards by an anonymous Bitcoin user named Tom Elvis Jedusor. Instantly, it caused wide discussions in the community because it brought an elegant solution to the gradually heated debate on Bitcoin’s privacy issue.
In a typical Bitcoin transaction, the inputs and outputs of every transaction are transparent, and the consensus protocol ensures inputs = outputs so no coin is destroyed or created. MimbleWimble uses Confidential Transaction to solve the privacy issue by encrypting the amounts of the inputs and outputs and still ensure it is publicly verifiable that no coin is destroyed or created.
Besides Confidential Transaction, MimbleWimble combines the inputs and outputs of many transactions and obfuscates them through CoinJoin, which is essentially a trustless and decentralised coin mixer.
What is the situation of MimbleWimble now?
Two and a half years passed, MimbleWimble is now not just a set of ideas on paper but has already been implemented and released as two different coins, which are gaining a considerable amount of buzzes in the crypto community; they are BEAM and Grin.
Why does Litecoin need MimbleWimble?
Given the status of the current situation about MimbleWimble, why do the Litecoin team need to add MimbleWimble? The answer is fungibility and scalability.
What exactly is fungibility and why Litecoin need it?
Fungibility of Litecoin has two parts:
- The value of one Litecoin should be exactly the same as another Litecoin so that the two Litecoins are always interchangeable;
- If you split one Litecoin into parts, the value before and after the split should be exactly the same.
It is easy to see that Litecoin has to be fungible to become a convenient payment tool so that you only need to care about the amount of Litecoins you are sending or receiving but not which specific Litecoins involved.
Is Litecoin now perfectly fungible?
Neither Bitcoin or Litecoin is perfectly fungible at this moment. Every Litecoin is linked to a sequence of history transactions, which are unique to that Litecoin and could potentially make the value of the Litecoin different from other Litecoins. For example, a Litecoin involved in a transaction in the dark market could be considered tainted and thus less valuable than other “fresh” Litecoins.
Potential regulations could make this situation even worse, and because of it an industry is arising. Quite a few startups including Chainalysis and Elliptic.co are betting on the hope that governments could require exchanges/wallets to screen cryptos. Chainalysis has the following slogan on its website:
prevent, detect and investigate cryptocurrency money laundering, fraud and compliance violations.
One the one hand, this could potentially detect or prevent crime activities; one the other it destroys Litecoin’s fungibility and lays burdens to exchanges and slows down adoptions of crypto in general.
Why is it good for Litecoin to have fungibility?
The Litecoin team do care about ethics. In fact, they are motivated to contribute mostly voluntarily to the Litecoin project because of the big vision that Litecoin is going to become a cheap and efficient payment tool that can greatly enhance our economic growth and change the society for good.
However, the team believe that without fungibility, Litecoin cannot reach that great end. The privacy features provided by MimbleWimble make Litecoin fungible, and no other means can beat MimbleWimble at this moment.
Is MimbleWimble better than other privacy solutions?
There are two other privacy solutions: Monero and ZCash’s zk-SNARKs. Why didn’t Litecoin choose these methods?
Why not use Monero’s technology?
Monero uses Confidential Transactions, Ring Signature, and Stealth address. In Monero, nodes do not know which transaction outputs are spent and which are not. Therefore, they have to keep track of the ever-growing transaction outputs, i.e., the TXO set, making Monero not scalable.
MimbleWimble’s CoinJoin and Confidential Transaction based privacy transactions differentiate spent/unspent outputs and thus do not have Monero’s scalability issue. Besides that, MimbleWimble uses the cut-through technique. E.g. if in one block, A sends to B 1 Litecoin, and B to C 1 Litecoin, the two transactions will be collapsed into one, i.e., A sends to C 1 Litecoin, and the intermediary records are cut-through, saving some space. On average, a MimbleWimble transaction size is only 1/15 of a Monero transaction even after using Bulletproof.
Why not use ZCash’s zk-SNARKs?
ZCash’s recent Sapling upgrade from Sprout significantly shortened its zk-SNARKs based private transactions creation time from forty seconds to seven seconds and also reduced the memory requirement from > 3GB to 40MB. While this is a great achievement, zk-SNARKs was nevertheless invented in 2012 and is considerably more complicated than Confidential Transactions, making it much more vulnerable to bugs.
While the privacy of ZCash’s zk-SNARKs is arguably stronger than MimbleWimble, given MimbleWimble’s simplicity and reliability, which is very crucial for Litecoin as a more established coin, MimbleWimble could be a much better choice.
Could MimbleWimble make Litecoin divergent from Bitcoin?
The Litecoin team have been following the Bitcoin codebase since inception. And because of that, they managed to keep up with the newest updates of Bitcoin. Many people asked whether adding MimbleWimble will make Litecoin’s codebase diverge from Bitcoin’s codebase.
Without any doubt, Litecoin’s codebase will be different from Bitcoin’s in the future. However, MimbleWimble will be like a modularised and separated add-on for Litecoin through an interface, which will be kept as small as possible, and thus the remaining majority of the code repository will still be the same and could be upgraded easily together with Bitcoin.