Bitcoin Forum
November 14, 2018, 04:53:04 PM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Confidential transactions  (Read 385 times)
9kek
Newbie
*
Offline Offline

Activity: 55
Merit: 0


View Profile
December 05, 2017, 08:29:28 PM
 #1

I've read somewhere there are some developments about confidential transaction in bitcoin.
But how exactly it will be implemented? Like in monero (hidden sender, receiver and import) or in other ways?
Confidential transactions would be certainly a useful function, i think it's one of the few altcoin's features that are really useful, but there are also some dangers about it. For example, in case of bugs like that https://en.bitcoin.it/wiki/Value_overflow_incident, it would'nt be noticed, right?
In the case of bitcoin i'd see more useful something like "decentralized mixer" (i've read some altcoin use a similar system), it would allow decent anonimity without dangers like the one shown above.
1542214384
Hero Member
*
Offline Offline

Posts: 1542214384

View Profile Personal Message (Offline)

Ignore
1542214384
Reply with quote  #2

1542214384
Report to moderator
Goat says: "Bitcoin is NOT Illegal in Thailand. There is no law against Bitcoin in Thailand!"
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1542214384
Hero Member
*
Offline Offline

Posts: 1542214384

View Profile Personal Message (Offline)

Ignore
1542214384
Reply with quote  #2

1542214384
Report to moderator
1542214384
Hero Member
*
Offline Offline

Posts: 1542214384

View Profile Personal Message (Offline)

Ignore
1542214384
Reply with quote  #2

1542214384
Report to moderator
1542214384
Hero Member
*
Offline Offline

Posts: 1542214384

View Profile Personal Message (Offline)

Ignore
1542214384
Reply with quote  #2

1542214384
Report to moderator
aleksej996
Sr. Member
****
Offline Offline

Activity: 462
Merit: 311


Do not trust the government


View Profile WWW
December 05, 2017, 11:05:13 PM
 #2

You should check out Greg Maxwell's talk on Youtube about confidential transactions.

I don't believe that would create any such value overflow problems. As a softfork this is allow transactions to be confidential, but you could still use old software with the non-confidential transactions and confidential ones would still be valid, this is done by miners agreeing that even tho according to the old protocol anyone can spend coins locked in this way, they will not accept transaction that don't offer extra proof. The bitcoins locked in these confidential transaction chains would be limited by old nodes as well that wouldn't be able to account for the extra coins, as for them they still see the same coins existing, just locked in a way that anyone can spend them.

The vulnerability you mentioned is very very old (2010) and really has nothing to do with this concept, so it is unlikely that the problem will be possible in any way if confidential transactions are implemented.
hopeAo
Jr. Member
*
Offline Offline

Activity: 42
Merit: 1


View Profile
December 06, 2017, 12:49:19 AM
 #3

I've read somewhere there are some developments about confidential transaction in bitcoin.
But how exactly it will be implemented? Like in monero (hidden sender, receiver and import) or in other ways?
Confidential transactions would be certainly a useful function, i think it's one of the few altcoin's features that are really useful, but there are also some dangers about it. For example, in case of bugs like that https://en.bitcoin.it/wiki/Value_overflow_incident, it would'nt be noticed, right?
In the case of bitcoin i'd see more useful something like "decentralized mixer" (i've read some altcoin use a similar system), it would allow decent anonimity without dangers like the one shown above.

Confidential transaction is one of the most powerful new features being explored in elements which keeps the amounts transferred visible only to participants in the transaction (and those they designate), while still guaranteeing that no more coins can be spent than are available in a cryptographic way.

It also peserves security while simultaneously obscuring transaction values. The payment flow when using the Confidential Transactions elements is nearly identical to Bitcoin Core on the surface.

The benefits of confidential transactions including no new cryptographic assumptions, high performance, or trusted setup required.
 
The implementation of Confidential Transactions as it appears in elements has some important limitation(s) to be aware of, for example, a transaction output larger than the maximum will reveal the order of magnitude of the amount to observers, and will reveal additional digits at the bottom of the amount.

For more information on confidential transaction checkout this link:

https://elementsproject.org/elements/confidential-transactions/
https://people.xiph.org/~greg/confidential_values.txt
https://news.bitcoin.com/confidential-transactions-add-anonymity-bitcoin-litecoin/


spartacusrex
Hero Member
*****
Offline Offline

Activity: 678
Merit: 508



View Profile
December 06, 2017, 09:54:37 AM
 #4

At it's core Confidential Transactions use an ability known as 'Additively Homomorphic'.

this means that given a 'Additively Homomorphic' hash function H.

H(x) + H(y) = H(x+y)

Since you know that the inputs to a txn must equal the outputs (minus the fee - this is handled slightly differently) you know that the sum of the hash of the inputs equals the sum of the hash of the outputs.

It gets a little more complicated when you think about negative numbers but #gmax has come up with a range proof that ensures the answer is not negative (or not so large as to cause an overflow)

So a miner can easily check that the sum of the hashed inputs equals the sum of the hashed outputs without having any idea what the values actually are.

Once you throw in ValueShuffle, the ultimate version of CoinShuffle, the trust-less version of CoinJoin.. bingo.

IMHO .. superior to monero and zcash.. (there's no bloat, no infinitely growing set of data you can't prune, easy maths, no trusted setup.. etc)

Can't wait..  Smiley

Life is Code.
Kalgo1
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
December 07, 2017, 04:38:44 PM
 #5

Nice to see it
cupronickel
Member
**
Offline Offline

Activity: 64
Merit: 10


View Profile
December 08, 2017, 05:58:17 PM
 #6

You should check out Greg Maxwell's talk on Youtube about confidential transactions.

I'd second that. Here's the link https://www.youtube.com/watch?v=LHPYNZ8i1cU

Vires in Numeris
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!