This week, we take a look at one of the hottest topics circulating around the cryptocurrency world at the moment: the MimbleWimble protocol, and its first open source implementation, Grin. We explain the appeal of these technologies and why they might very well be the next big thing in digital currency.

the Grin logo

 

Introduction

The notion that changes need to be made to the Bitcoin Network and protocol in order for it to achieve scalability on a global level is nothing new. Bitcoin is slow, clunky, resource-consuming and at times, expensive to transact. As we frequently discuss here at CoinClarity, the introduction of both SegWit and Lightning Network have done a great deal to help this cause — but what if there was a better solution out there that could not only reduce the information necessary to continue operation of the blockchain, but actually decrease the size of the blockchain as time went on? Better yet: what if it could do this while simultaneously anonymizing each and every transaction it recorded?

That’s what Grin and MimbleWimble are attempting to accomplish, and so far, they’re off to a pretty good start. In this article we discuss both topics one at a time in order to help crypto users get a better idea of what’s going on and help them understand why they’re such a big deal, trying to break them down in the simplest, most basic terms possible. It wasn’t an easy task, and to truly understand how these concepts operate one requires an advanced understanding of cryptography as applied to cryptocurrencies and the blockchain. First, let’s talk a little bit about MimbleWimble.

What is MimbleWimble?

At its essence, MimbleWimble is a design for a blockchain that is quite different from the bitcoin blockchain, and all others for that matter. What does the word “MimbleWimble” mean, and where did it come from? Taken from the Harry Potter series, “Mimblewimble” is a spell that when cast binds an individual’s tongue to keep them from talking about a specific subject; more specifically, to prevent them from casting another spell. This alludes to the fact that by design, all sender, recipient, and transaction information is anonymized and cannot be deduced from looking at the blockchain. These features render MimbleWimble extremely unique in terms of blockchain architectures and makes it is probably the most privacy-centric ledger for a cryptocurrency ever developed.

One of the other interesting things about MimbleWimble is that it can be implemented as a side chain or “soft forked” (a backwards compatible fork) into bitcoin itself, meaning it does not necessarily have to be a competitor to bitcoin, but rather a solution to bitcoin’s scaling problems.

MimbleWimble blockchains are quite smaller than traditional blockchains as well, which is accomplished by reorganizing and streamlining data considered essential to the function of the blockchain. For instance, instead of including public signature data for every input and output into a transaction, this data is all represented as a single value known as an “elliptic curve point.” This value cannot be generated in any other way other than by the direct combination of all public keys involved in a transaction.

In addition, all spent outputs are removed from the blockchain, thus allowing it to remain lean and manageable. This idea was first expanded upon by Bitcoin Core developer Gregory Maxwell, known as CoinJoin. Though it was never really implemented in bitcoin, the basic idea was this:

Say sender A sends 1 BTC to recipient B, then B sends 1 BTC to recipient C before the initial transaction is confirmed. Does the blockchain really need to know that B ever held 1 BTC at all in order to continue functioning?

The answer is “no.” This idea can be spread to a who series of senders and recipients that have related inputs and outputs that have yet to be confirmed by the blockchain. As explained by Maxwell in a Bitcointalk forum post:

“This transformation is lossless with respect to the final coin ownership, but the intermediate transactions were cut-through. This works even if the original coin ending up in the final outputs came from multiple parties, as they can coinjoin to preserve the final outcome.

Because the replacements are atomic and consume the original inputs this transformation is safe, assuming people in the middle can handle any accounting complications that arise. (E.g. figuring out that their payment really was completed). So you’d want to have a way of signaling ‘I permit you to conflict this transaction with one that pays its children, if you can figure out how’.” – Gregory Maxwell

Thus, as applied to MimbleWimble, this means that data pertaining to spent outputs can be erased from the blockchain entirely, not only keeping the bloat of the blockchain down but allowing it to actually decrease in size if several spent outputs are removed at once. Only one small piece of data (known as a kernel, which is about 100 bytes in size) from each transaction needs to be retained in order for a MimbleWimble blockchain to function and keep accurate records of who owns what.

In order to MimbleWimble to work successfully as a ledger, the exact sequence of transactions does not need to be publicly verified because the total sum of inputs and outputs must always equal zero, plus the number of new coins mined in each block. Like with bitcoin, coins cannot be artificially created by manipulation of blocks and transactions — unless the network is “51% attacked” and the majority of nodes replace the correct blockchain with an altered version.

The author of the original MimbleWimble whitepaper referred to himself as “Tom Elvis Jedusor,” which is the name of Harry Potter character Voldemort in the French edition of the novel series. The anonymous author posted the white paper using a Tor (“.onion”) website which was taken down long ago, making it impossible to find out where the site was located or who created it. However, the idea was so compelling that it immediately sparked interest among several Bitcoin Core developers that began testing its validity and feasibility as blockchain for a cryptocurrency.

What is Grin?

Grin is a cryptocurrency that uses an implementation of the MimbleWimble protocol. A few months after the single appearance of Tom Elvis Jedusor, another Harry Potter-related pseudonym appeared on the same IRC channel to announce that they had developed the first open source implementation of MimbleWimble, which was Grin. A repository published on GitHub by “Ignotus Peverell” contained the software necessary to begin testing a beta net version of Grin, and thus Grin was born.

A little more than 2 years and 2 months later, after a very thorough period of beta testing and developing, the Grin main net was launched, on January 15th, with the original MimbleWimble white paper as written by Jedusor expanded upon by Andrew Polestra of WPS Software. Though Jedusor and Peverell are accredited with the invention of MimbleWimble and Grin, it was Polestra’s guidance and perseverance in realization of the idea that helped bring Grin to fruition. In his updated version of the white paper, Polestra introduces MimbleWimble and Grin as the following:

“Mimblewimble is a design for a cryptocurrency whose history can be compacted and quickly verified with trivial computing hardware even after many years of chain operation. As a secondary goal, it should support strong user privacy by means of confidential transactions and an obfuscated trans30 action graph.

This precludes such functionality as zero-knowledge contingent payments, cross-chain atomic swaps and micropayment channels. Further research is needed to emulate these functionalities on top of Mimblewimble…” – Andrew Polestra

Though it is possible to mine the coin using Windows, most mining and wallets that have already been developed are for iOS and Linux, with a C++ wallet still in the works. Grin can already be traded on a few different exchanges, but investors should be reminded that the project is still highly experimental, and due to the coin’s initially high rate of emission (60 coins generated every 60 seconds), the coin will be highly inflationary at first, with a strong potential of decreasing in price before a reasonable estimate of its actual value can be determined.

It is best to remember that Grin is unlike anything else that the crypto market has seen before, and along with potential rewards for early adoption of this innovative piece of technology come risks of its failure via some undiscovered bug or flaw in its software. Let’s quickly go over a comparison of Grin to BTC, as it is important to understand the differences between the two coins.

Ways in Which Grin is Like Bitcoin:

  • Is a cryptocurrency that uses a blockchain-based ledger system
  • Is secured by Proof of Work (PoW)
  • Miners are incentivized by coin rewards
  • Has regular block times with auto-adjusting mining difficulty levels

Ways in Which Grin is Unlike Bitcoin:

  • Uses a massively prune-able blockchain in which spent outputs are deleted, and neither sender/receiver or transaction amount information is stored
  • Uses a different hashing algorithm (cuckARoo29 instead of SHA256D)
  • Miner rewards remain consistent (no reward halving, unlimited supply)
  • Block time lengths are 1 minute instead of 10
  • All sender/receiver and transaction amount information is encrypted
  • Does not use addresses in the classical sense, but rather an IP addresses or end-to-end cryptographically secured service (such as a Keybase or Grinbox address)

It is the first and last of these differences that really sets Grin apart from bitcoin and most other coins, and what makes it an exciting development in the world of cryptocurrency.

Now, let’s quickly summarize the pros and cons of Grin; it’s important to remember that there are indeed cons, and why this new piece of software needs to be approached with caution before going “all in” as an investor.

Grin Pros and Cons

Pros: Highly anonymous (no addresses or amounts recorded to the blockchain), fast (60 second block times), scalable (size of blockchain is dependent on amount of active users rather than amount of addresses).

Cons: sacrifices some functionality (scripting), highly experimental and may contain some bugs or coding flaws, not necessarily a proven store of value.

Grin payments require a three-way process that also renders it a bit different from bitcoin and any other cryptocurrency transaction. These can be done automatically through an IP address or keybase, or can be conducted manually:

  1. Sender runs grin wallet send -m file -d FILE.txt GRIN_AMOUNT, which creates the file FILE.txt.
  2. Sender gives FILE.txt to the recipient.
  3. Recipient runs grin wallet receive -i FILE.txt, which creates another file FILE.txt.response.
  4. Recipient gives FILE.txt.response to the sender.
  5. Sender runs grin wallet finalize -i FILE.txt.response, and the transaction is finalized.

As we mentioned earlier, there are no addresses in Grin. Instead, two wallets communicate with each other to exchange data, during which the recipient creates and sends an address to the sender. Obviously, this is also different from what cryptocurrency users are used to. Grin requires that recipients be aware of incoming transactions. This is a process that can be automated but if it is not, Grin cannot be sent to another user until the recipient verifies incoming receipt from the sender.

What’s Under the Hood

The information stored in a Grin block is also pretty different; mainly because it is a much smaller set of data than stored in a bitcoin block. Here’s what the information in a Grin block looks like:

Hash 000000bc78a31dcf539b4301ba00b97c035e0bdbdede04d1139ffaf50736bcdd
Version 1
Previous Block 000019c9280f08f9042160fb793be220513e3db770137c9e19b32f4f2fc5e6a3
Age 2019-01-17, 23:33:46 UTC
PoW Algorithm cuckARoo29
Secondary Scale 838
Solution Difficulty 19,096,720,613
Target Difficulty 524,375,557
Total Difficulty 1,823,162,085,803
Total Kernel Offset 143f49480626e10d126d12a5b33d4732455c6b11343344ddcec63c22fa2f0170
Nonce 13825334914248028919
Block Reward 60 grin
Fees 23 mg

 

What transaction inputs look like:

08e2ded13f0ef6e889fc2cab209767c560e7f5d04b3389d2ab9296d1e0a2122bff

09153d674bab50a786fb74b2975433657f87b4c6d5da5e66aec8373276d0d17070

08f06d3f1266704056b2885d1d9e6eb42e3b0286646de0f02bcecd94011bb2bc09

088f181518a8aff1684cde292240ddd96e4f38cb1a521b0d068bfea4fc0cf8be88

 

What transaction outputs look like:

Output Type Commit Spent
Transaction 092b247c9763607054196ca1da22d1388e34b41372b8587fa46cacaeb716136791 False
Transaction 08d2a6856f29233a5b8013409bfc85f9064f2c6a08eeca59a227cecb14390981e5 False
Transaction 0853339dcd40734953c90462591e17eaae232215f5a1da083496f3570c515c02b2 False
Coinbase 086473bda9875102ffa749a61b5d205b7cacf317f66928ab2b03055145e3d71a9b False
Transaction 09b062bb462351f2b2dcb2dcc37538a595a02c441648921d1ade0a2c6750210d26 False
Transaction 0930dd9cd89cec3c045b245ac51c8d380cc274591f7fa371e8fff26c367756ef02 False
Transaction 097c547b3dd86874d87f21a5f281ea61cc4926e8717a8b0ac91c8fa7a619116bf5 False

 

Once an input/output has been entirely spent, it is retroactively removed from the Grin blockchain, thus reducing the overall size of the blockchain. The final component, and always necessary to include in the blockchain, kernels, look like this:

Features Fee Lock Height
Coinbase 0 grin 0
HeightLocked 8 mg 3094
HeightLocked 8 mg 3094
HeightLocked 7 mg 3088

 

Conclusion

In short, Grin and MimbleWimble are revolutionary new developments in the field of cryptocurrency which make the most out of the cryptographic principles initially employed by bitcoin. Grin is a drastic departure from pre-existing Proof of Work coins and solves a few major issues from which bitcoin suffers: scalability, speed, and privacy. That being said, it is still in its very early stages and has a long way to go before it can prove itself to be a technically sound, trustworthy and widely-adopted model for a cryptocurrency, and investors should be aware of these factors before plunging head-first into it.

Further resources for understanding Grin and MimbleWimble:

A Short History of MimbleWimble on Medium

MimbleWimble for Bitcoiners on Medium

Introduction to MimbleWimble and Grin on GitHub

Andrew Polestra’s PowerPoint Presentation of MimbleWimble and Grin on YouTube