Topic: Grin Observer - GRN/BTC - Price Movement and Discussion - page 11. (Read 19689 times)

Finally what?

Another year, sorry.

Soon (TM)

Finally what? I said 6 months to see if $1.00 holds strong. That would be a long enough time for miners to tolerate before they begin dumping again hehehe.

Finally!

Grin $1.00 is strong! I will give it 6 months beginning on January, 2020 to dump on $0.50. However, if it remains strong, it might be the time to begin buying hehehe.

remedy to be found soon ?
https://cointelegraph.com/news/litecoin-funded-grin-developer-challenges-mimblewimbles-privacy-issue

“The Achilles heel of mimblewimble privacy though, has always been that transactions are broadcast before they’ve had a chance to be joined with other transactions. That means nodes monitoring the network can see the original input-to-output links of most transactions. Sending a transaction directly to a CoinJoin server before broadcasting is one of many different techniques we can use to combat that.”

@Globb0. That was not the issue. Was something broken in Grin similar to what the Dragonfly researcher was telling everyone? It was clickbait.

Really awesome write-up, but none of this is "news". I'm actually surprised only 96% was traceable. There are a number of ways to help break linkability in Grin, but none are implemented and released yet. As I always say, don't use Grin if you require privacy - it's not there yet

Now is a great time to remind everyone we're looking for cryptographers, academics, or just generally smart people to tackle this problem. Write up a proposal and apply for funding!

I've never personally marketed grin as a privacy coin. It certainly will be someday soon, but I always make it a point to shutdown outlandish privacy claims. Currently it just has private amounts. Unlinkability improvements are definitely in progress though.

The “attack” that the author claims to have made is the well-documented and discussed transaction graph input-output-linkability problem. This is not new to anyone on the Grin team or anyone who has studied the Mimblewimble protocol. Grin acknowledged the ability to link outputs on chain in a Privacy Primer published on its public wiki in November 2018, before mainnet was launched. This problem encompasses Ian Mier’s “Flashlight attack”, which we have listed as one of our Open Research Problems.

    Get Started
    Download
    Friends of Grin
    General Fund
    Research
    GitHub

Open Research Problems

This document summarizes several open research problems related to Grin.
Feel free to join us on Gitter to discuss them. Funding available.
Table of Contents
Number    Name
1    BLS Signatures
2    Accumulator
3    Kernel Aggregation
4    Scriptless Scripts
5    FlyClient
6    Asynchronous Transaction Building
7    Reducing Linkability of Outputs On Chain
8    Erlay Transaction Relaying
9    Payment Channel Hubs
10    Research on ZKPs Recent Advances
1. BLS Signatures
Description

Introduced in 2001 by Boneh, Lynn and Shacham, BLS signatures introduces non-interactive kernel aggregation and potentially simpler multisignature schemes.

While it is not for certain that such signatures are well suited for Grin it is still interesting to explore this design.
Relevant Papers

    D. Boneh, B. Lynn, and H. Shacham. Short signatures from the weil pairing. In Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT '01, pages 514–532, Berlin, Heidelberg, 2001. Springer-Verlag.
    https://www.iacr.org/archive/asiacrypt2001/22480516.pdf

    D. Boneh, M. Drijvers, and G. Neven. Compact multi-signatures for smaller blockchains. Cryptology ePrint Archive, Report 2018/483, 2018.
    https://eprint.iacr.org/2018/483

Other resources

    BLS Signatures for Busy People

Github Issue

    https://github.com/mimblewimble/grin/issues/2504

2. Accumulator
Description

In Grin, kernels, outputs and range proofs are stored in a type of accumulator called a Merkle Mountain Range. While efficient, there have been several improvements to this kind of data structure, for example RSA Accumulators.
The goal of this research problem is to identify whether or not Grin can leverage more advanced or faster cryptographic accumulators.
Relevant Papers

    D. Boneh, B. Bünz, and B. Fisch. Batching techniques for accumulators with applications to IOPs and stateless blockchains. Cryptology ePrint Archive. 2018 https://eprint.iacr.org/2018/1188.pdf

3. Kernel Aggregation
Description

Grin blockchain implements the mimblewimble protocol. This design allows the blockchain to be massively prunable. However, while inputs/outputs can be thrown away once spent, there is another piece of data called the kernel that must stay. For each transaction a kernel is created, this piece of information cannot currently be aggregated or discarded as it is needed to verify the current chain state.

The goal of this research problem is to identify potential ways to aggregate transaction kernels and/or possibly discard them if not needed.

One potential construct is BLS signature. Introduced in 2001 by Boneh, Lynn and Shacham, BLS signatures introduce non-interactive kernel aggregation and potentially simpler multisignature schemes. While it is not for certain that such signatures are well suited for Grin it is still interesting to explore this design.
Relevant Papers

    D. Boneh, B. Lynn, and H. Shacham. Short signatures from the weil pairing. In Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT '01, pages 514–532, Berlin, Heidelberg, 2001. Springer-Verlag.
    https://www.iacr.org/archive/asiacrypt2001/22480516.pdf

    D. Boneh, M. Drijvers, and G. Neven. Compact multi-signatures for smaller blockchains. Cryptology ePrint Archive, Report 2018/483, 2018.
    https://eprint.iacr.org/2018/483

Github Issue

    https://github.com/mimblewimble/grin/issues/2504

4. Scriptless Scripts
Description

Mimblewimble does not support any kind of script. In 2017, Andrew Poelstra introduced a way to add smart contracts ability to this type of blockchain: scriptless scripts.

While a significant research effort has been done on the subject there are very few concrete implementations of such cryptographic structure.

The goal of this research problems is to investigate scriptless scripts in Grin and potentially implement basic contracts features on a second layer.
Relevant Presentations

    Scriptless Scripts by Andrew Poelstra (2017)
    Scriptless Scripts with Mimblewimble (Grincon US)

5. FlyClient
Description

"To validate transactions, cryptocurrencies such as Bitcoin and Ethereum require nodes to verify that a blockchain is valid. This entails downloading and verifying all blocks, taking hours and requiring gigabytes of bandwidth and storage. Hence, clients with limited resources cannot verify transactions independently without trusting full nodes.[…] FlyClient is a novel transaction verification light client for chains of variable difficulty. FlyClient is efficient both asymptotically and practically and requires downloading only a logarithmic number of block headers while storing only a single block header between executions."

The goal of this research problems is to investigate/implement the necessaries prerequisites for the introduction of a FlyClient in Grin.
Relevant Papers

    B. Bünz, L. Kiffer, L. Luu, and M. Zamani. Flyclient: Super-light clients for cryptocurrencies. IACR Cryptology ePrint Archive, 2019:226, 2019. https://eprint.iacr.org/2019/226.pdf

Github Issue

    #1555

6. Asynchronous transaction building
Description

One of the trade-offs of the Mimblewimble type blockchain is that it requires a round trip between the payer and payee to construct a valid transaction. Meaning that the sender and receiver must be online to transact.

Several research attempts have been made in that direction. For example, relying on federated relays or Beam shared bulletin board system.

The goal is this research problem is to investigate and develop an asynchronous, robust, and privacy preserving method of building Grin transactions.
Github Resources

    Grin Draft RFC - Asynchronous Transacting via Relays

7. Reducing Linkability of Outputs On Chain
Description

Mimblewimble/Grin leverage confidential transactions to hide the identity of the sender and recipients. As such, there are no public amounts or addresses.

However, it is possible for someone listening on the network to build a transaction graph and possibly clustering entities together.

Techniques like Dandelion++ mitigate this issue but are insufficient for a privacy coin.

The goal of this research is to investigate ways to obfuscate the Grin transaction and implement such design.

It was about 40 pages back we discussed that fact someone can be logging all transactions.

Waiting for $0.50, that might never really happen.  Maybe better take few prices and buy part of it then. Like 1/3 at $1, 1/3 at $0.5 and 1/3 at $0.25.

However, it is fud. Here is a better article to read on why it is fud.

https://medium.com/grin-mimblewimble/factual-inaccuracies-of-breaking-mimblewimbles-privacy-model-8063371839b9

The Dragonfly research fellow might have gotten very excited on his research which was already well known from the beginning.

Here is the rebuttable Dev response.

https://medium.com/p/8063371839b9/responses/show

If  I sold then I'm buying back.