Charlie Lee, the creator of Litecoin, recently announced the Litecoin #DevelopmentTeam ’s plan for increasing the fungibility and privacy of Litecoin during 2019.
Fungibility is the only property of sound money that is missing from Bitcoin & Litecoin. Now that the scaling debate is behind us, the next battleground will be on fungibility and privacy.
I am now focused on making Litecoin more fungible by adding Confidential Transactions. 🚀
— Charlie Lee [LTC⚡] (@SatoshiLite) January 28, 2019
Lee recognizes that neither Litecoin nor Bitcoin yet fulfill all the properties of sound money. The main deficiency right now is a lack of fungibility, meaning that all coins are not yet interchangeable. The lack of fungibility and lack of privacy are one and the same, you cannot have one without the other. Here’s why.
Right now, due to the transparency of Litecoin, you can track coins along the blockchain. This lack of privacy means that if your coins were previously held by someone involved in illegal activity, then exchanges and merchants could treat your coins as inferior to cleaner ones, such as coinbase coins, which are those that are freshly created from the mining process. The very fact that your coins and their history are not kept private means they can be separated and are not interchangeable.
To solve this, Lee has suggested a variety of improvements that should at least somewhat solve this issue. Currently, suggestions range from Confidential Transactions (CTs) and Bulletproofs to MimbleWimble and Extension Blocks. It is likely that the final proposal will include a mixture of these features.
We are going to take a look at these different upgrades and their implications. Litecoin has a history of introducing upgrades before Bitcoin, as they did with SegWit in 2017. If the team can succeed in these efforts, then it could pave the way for similar improvements to Bitcoin.
Confidential TransactionsConfidential Transactions (CTs) were initially a proposal for Bitcoin led by Adam Back, Gregory Maxwell, Pieter Wuille, and Andrew Poelstra. CTs are a form of range proof, a cryptographic method to prevent double-spending. They are able to hide both the amount and type of asset. Consequentially, one party cannot see how many coins the other has and onlookers cannot decipher the size of transactions.
In normal Litecoin transactions, all output and input values are publicly visible. As a result, it is simple to verify transactions by ensuring that the total value of inputs and outputs are equal to zero. CTs, however, hide all these values while ensuring that all other nodes can verify that the balance of outputs and inputs equals zero.
The Limitations of CTsUnfortunately, transaction sizes in confidential transactions are significantly larger than normal ones. On their own, they stand at 3.8-5.4 KB. This is in comparison to just 300-400 bytes in a normal Litecoin transaction. As a result, both Litecoin and Bitcoin would experience a significant reduction in their throughput capacity and likely witness a large rise in fees.
What’s more, while transaction amounts are hidden, sender and receiver addresses are still visible. Ultimately, CTs demand a very large trade-off in scalability with only limited improvements to fungibility and privacy.
Bulletproofs to the RescueFortunately, though, these issues can be accommodated by other changes.
Bulletproofs are a proposal to perform much more efficient range proofs. They can compress the size of CTs and thus limit the scalability limitations that CTs alone impose. Bulletproofs reduce the initial CT size of 3.8-5.4 KB down to approximately 700 bytes. Monero recently upgraded to Bulletproofs. In this regard, Litecoin would benefit from using a tested technology.
MimbleWimbleMimbleWimble is a design proposal that has been bouncing around for several years. When initially released by its anonymous creator, it challenged many of the existing assumptions around blockchain design. MimbleWimble is not just an upgrade you can stick onto Litecoin, however. It is actually an alternative to the Litecoin design itself and requires additional structures.
The Cryptographic Building BlocksInterestingly, MimbleWimble uses a similar design to that of CTs. Both MimbleWimble and CTs derive their privacy abilities from the use of Pedersen Schemes and blinding factors.
A Pedersen Commitment Scheme is a cryptographic algorithm. Such schemes allow you to guarantee some information, such as transaction amounts, while hiding it from all other parties. The commitment ensures that you cannot change the information at a later date. The only way the information can be revealed is through disclosure of a blinding factor, which is a random sequence of numbers.
With normal CTs, the sender creates this blinding factor. In MimbleWimble, the receiver creates the factor. This factor actually serves as proof of coins.
Similarly to how CTs allow for the sum of all inputs and outputs to be proven to be equal, MimbleWimble does all this through a multisignature. In the current iteration of Litecoin, the keys for each input sign transactions. However, in MimbleWimble something akin to a multisignature key functions as a mass public key for all those involved in a transaction. This is formed by subtracting the total value of all the input keys from the total value of all the output keys.
This means that we can validate a large bunch of transactions collectively via this multisignature, similar to how CoinJoin works.
Scaling this up to a MimbleWimble block, we end up with a block consisting of just a series of inputs, outputs, and multisignatures. These multisignatures are all that you need to verify transactions. This alternative model removes the need for new nodes to download all the transaction data on the current Litecoin blockchain.
Limiting the Costs of PrivacyThe result of all this is that we have massively increased privacy without enduring a large increase in the size of transactions and blocks. We can hide the number of coins in a transaction as well as making it very hard to track the sender and receiver.
What makes MimbleWimble so exciting is that it has solved the usual trade-off that we see between privacy and fungibility versus scalability. For instance, both Monero and ZCash, when used for their privacy purposes, have the trade-off of extremely large transactions and high fees. Until now, no blockchain project has been able to achieve strong privacy and fungibility without causing a major reduction in throughput. MimbleWimble, though, could be the first solution for this dilemma. In reality, this means we can now have fungible and private cryptocurrency that is ready for mass use.
Functionality Limitations
One downside of this alternative design is that Litecoin scripting will not work with MimbleWimble due to the removal of signatures from individual inputs. Poelstra has stated that while this does limit many smart contract capabilities, there are ways around this by using timelock transactions, multisignature, and unidirectional payment channels. Nonetheless, it seems some trade-offs will have to be made.
Bulletproofs Strike AgainIt turns out that Bulletproofs’ benefits extend beyond just those pertaining to CTs.
Bulletproofs can actually help the scripting limitations in MimbleWimble. Poelstra has demonstrated that you can bypass scripting entirely and perform certain smart contracts through a combination of bulletproofs and something called Scriptless Scripts. Scriptless Scripts use Schnorr Signatures, a more compact alternative to the current ECDSA signature scheme. These hide the information of the scripts or smart contracts.
The result of all this is that we can increase the privacy of atomic swaps and any payment channel function. Scriptless Scripts previously relied on incomplete cryptography called sigma protocols, which were not ready for use. Bulletproofs are now unlocking the full potential of these scripts. As a result, we could see some impressive and anonymized smart contract features on MimbleWimble after all thanks to Bulletproofs.
By stacking the different proposals that we have discussed so far, we are starting to gain impressive fungibility, privacy, scalability and smart contract features under one roof with far fewer trade-offs than virtually every other blockchain project seen to date. It is no wonder that the Litecoin team is so excited about the potential.
Not So EasyThe main problem with MimbleWimble is that we cannot just add it to Litecoin.
MimbleWimble is not a replacement to certain parts of the Litecoin blockchain, but rather a different architecture altogether. In fact, the only way to move forward is through either a sidechain or something called extension blocks.
Extension BlocksExtension blocks have been around since 2013 and were an alternative Bitcoin scaling proposal to SegWit and block size increases. They are essentially additional blocks that run alongside the already existing blocks that we will call foundation blocks. Importantly, unlike foundation blocks, which are linked linearly back to each other all the way to the genesis block, foundation blocks are only linked to their parallel foundation block.
This means that you can bolt on features like MimbleWimble parallel to the original Litecoin blockchain.
The main limitation of extension blocks is that they are not backward compatible. Old nodes that do not upgrade to a softfork that introduces extension blocks would not be able to see these extension blocks. As a result, they would be severely limited in interacting with any features that would be supported on the extension blocks. In Litecoin’s case, much of the upgrades would be living on these extension blocks. In theory, there could be a major separation between old and updated nodes.
SOURCE:
https://coincentral.com/litecoins-mission-to-become-the-perfect-form-of-money/
Latest news: 
. 
. 
. 
. 
. 
. 
Shop
Topic: Litecoin’s Mission to Become the Perfect Form of Money (Read 1694 times)