Mimblewimble: all you need to know

Eugene Pavlenko, CEO @ AXIOMA GROUP is speaking.

The Grin project that implements the Mimblewimble protocol seems to provide the highest level of blockchain privacy ever existed before. On January 15th it launched its miannet.

I got interested and decided to dive into the Mimblewimble protocol specification and documentation related to the Grin project. I tried to set up a node, a miner and to use the wallet.

This article will be the most interesting for:

  • those, who have never heard about neither Grin nor Mimblewimble. You will know they exist and why they are interesting
  • those, who heard something but didn’t get into details. I have gathered all key properties and facts in one article so that it will be easier for you to get a holistic perspective

The Project and the Protocol

History of transactions is hidden

All history of transactions is hidden, except the transactions responsible for coins creation and the list of unspent transaction output (UXTO). All intermediate data is discarded (a “cut-through” concept is used).

Transaction sums are hidden

Transaction sums are hidden too due to the fact that inputs and outputs are multiplied by a random number (a binding factor, that is a private key, the Pedersen Commitment). Proof of transaction validity is done by checking zero sums (sum of inputs minus sum of outputs must be zero) and a range proof (the proof that a number belongs to a certain range, without revealing that number), that is added to a transaction.

Inputs and outputs are mixed

All inputs and outputs of different transactions are mixed. A block doesn’t store the structure of transaction explicitly. Thus, it’s impossible to define neither the output, that transmits a coin nor the input, that receives that coin.

No addresses  

There are no addresses. Proof of ownership is done by using a public key of a receiver the moment a sender is creating the transactions outputs.  

Two ways to send tokens

  1. Manually by exchanging the files between a sender and a receiver.  A sender is generating a transaction file, sends it to a receiver, a receiver created a response file, sends it back to a sender, who finalizes a transaction and posts it to the net.
  2. By the direct transaction from wallet to wallet. To receive the transaction a receiver needs to open a port on their computer and a sender will refer to him directly.

It provides:

  • The highest level of privacy
  • Full interchangeability of coins - since it is impossible to establish the history of each coin (as opposed to bitcoin, where newly mined coins may cost more than those that went through the darknet).
  • Great scalability - the blockchain volume is small and won’t grow a lot, as only the coin creation transactions and the UXTO are stored. All intermediate data is discarded.

Other properties 

  • Private transaction posting by sending it to a random list of peers.
  • The Cuckoo Cycle proof of work mining algorithm is not subject to acceleration using a quantum computer (Grover's search algorithm). It is the simplest of all known PoW algorithms — only 42 lines of code — almost two times less than SHA256, Blake2b, or SHA3 (Keccak), used in Bitcoin, Equihash and Ethash. There are implementations of algorithms for ASICs and video cards. It is assumed that initially 90% of the blocks will be mined with on the GPU and 10% on the ASIC, and within two years there will be a smooth transition to a 0% GPU and 100% ASIC.
  • Mining remuneration is fixed and currently amounts to 60 GRIN.
  • The volume of emissions will grow linearly and indefinitely.
  • The average block creation time is 1 minute.
  • Transaction fees are based on the number of exits created/destroyed and the total amount of the transaction.
  • Mimblewimble does not support scripts but supports multi-signatures, atomic swaps, Lightning Network, and time locks. These time locks are implemented thanks to cryptography properties in a protocol that is based on Elliptic Curves.
  • When installing a node, wallet, and miner, I did not have any problems, everything was installed and started as described in the documentation. I installed and launched binaries on MacOS Mojave 10.14.2.
  • The documentation is quite detailed and of high quality, some pages are translated into several languages, including Russian.

Interesting facts

  • In the book “Harry Potter and the Deathly Hallows”, Mimblewimble is a spell of speech that binds the victim's language not allowing a word to be said.
  • The author of the idea, that was published on August 2, 2016, is anonymous under the pseudonym Tom Elvis Jedusor, which is the name Volan de Mort in the French editions of Harry Potter.
  • Andrew Poelstra, the author of White Paper of the Mimblewimble protocol, published on October 6, 2016, is a developer from BlockStream.
  • The author and chief developer of the Grin project is an anonym under the pseudonym ignopeverell (Ignotus Pervell is the owner of the invisibility cloak in the Harry Potter books). At the end of 2016, he began to lead the GitHub account of the Grin project.
  • There is no monetization model in the project and there is no ICO.
  • Development of the project is supported by donations.
  • There is a second project, that implements the Mimblewimble protocol, the Beam. It launched mainnet on January 3, 2019. The project is developed by a team funded by venture capital investments.

Personal opinion

Mimblewimble privacy technology amazes and inspires me since I share the ideas of a cryptopanks that our private information and our money must belong only to us. The fact that the authors of this cryptocurrency are anonymous and the development is funded by donations can very well affect its decentralization and survivability. It may have the same network effect as Bitcoin. Apparently, the authors are actually doing this.

However, at the moment, the target audience of completely private coins is not clear. It doesn't really fit into today's world with its KYC / AML procedures and taxes. Therefore, now, probably, there is an urgent need for the properties of such cryptocurrencies and some black and gray markets have the possibility to use them.

I’m confused by the need to exchange files or direct communication of the nodes to send/receive coins, as this may violate privacy. Although this issue is solved by other technical means.

Useful links 


16 January 2019
Latest posts