Link :
https://blockstream.com/2018/02/21/bulletproofs-faster-rangeproofs-and-much-more.htmlIs there someone in the house able to explain to me just a little thing.
This afternoon I have read a paper telling Bulletproofs are better than SNARK... And if all Bitcoin transactions used Bulletproofs then the size of the blockchain would be only 17 GB instead of (how much 150-200gb??)
But the main advantage with Bulletproofs is the confidential transactions, what else?
Is there a chance to see it with Bitcoin? Because
…An adversary that can break the binding property of the commitment scheme or the soundness of the proof system can generate coins out of thin air and thus create uncontrolled but undetectable inflation rendering the currency useless…
…While the discrete logarithm assumption is believed to hold for classical computers, it does not hold against a quantum adversary.
So then, its a weakness rather than something else
As far as i know, the main advantage of Bulletproof is their zero-proof knowledge with more efficient transaction size and faster confirmation. So, while it's similar to CT, it's more efficient which is perfect for bitcoin where scaling is the one of the most important things.
But i don't see any discussion mention which says it can reduce blocksize since it's bigger than normal signature size even though it's far smaller than CT signature size.
Also, zero-proof knowledge is widely used and i'm sure developer will take lots of time for debug/testing to make sure scenario you mention never happen.
I would say this is interesting technology since it could give Bitcoin user more privacy/anonymity without bloat the transaction size too much, even Monero plan to research this technology as well.
Please CMIIW.