Title: Rangeproof in Mimblewimble? Post by: Amitabh S on October 05, 2016, 03:18:02 PM First of all, I must say its a very interesting idea. Somehow I couldn't find efficient NIZK range proofs and the mimblewimble paper kind of assumes it as "obvious".
Maybe I missed something but please point me to some efficient implementation of range proofs. BTW the whitepaper is here https://download.wpsoftware.net/bitcoin/wizardry/mimblewimble.txt Title: Re: Rangeproof in Mimblewimble? Post by: gmaxwell on October 05, 2016, 08:03:05 PM First of all, I must say its a very interesting idea. Somehow I couldn't find efficient NIZK range proofs and the mimblewimble paper kind of assumes it as "obvious". Maybe I missed something but please point me to some efficient implementation of range proofs. BTW the whitepaper is here https://download.wpsoftware.net/bitcoin/wizardry/mimblewimble.txt https://bitcointalk.org/index.php?topic=1085273.0 Title: Re: Rangeproof in Mimblewimble? Post by: kushti on October 06, 2016, 10:02:02 AM Any security proofs behind both CT/MW schemes? both are looking pretty controversial in current form
Title: Re: Rangeproof in Mimblewimble? Post by: gmaxwell on October 18, 2016, 08:39:47 AM looking pretty controversial in current form You are calling a binary decomposition range proof controversial? Really?Title: Re: Rangeproof in Mimblewimble? Post by: kushti on October 18, 2016, 08:46:24 AM looking pretty controversial in current form You are calling a binary decomposition range proof controversial? Really?What are you talking about? Don't see any security proofs there: https://people.xiph.org/~greg/confidential_values.txt. Please provide a link. |