For those of you missed Qtum’s privacy AMA last week, don’t worry, we’ve got you covered. Patrick Dai, Qtum’s co-founder, and Yi Zheng, Qtum’s lead developer in China & co-creator of the Phantom Protocol, answered the community’s questions on privacy and more. The Ask Me Anything session was centered around Phantom: An Efficient Privacy Protocol Using zk-SNARKs Based on Smart Contracts. We’ve taken the best questions and answers from the event and published them here with slight alterations.

While working on the Phantom project, by using an improved Merkle tree, the transaction generation takes less than 6 seconds!!! Did you ever think you could get that low number? or did you expect a higher one?

Yeah, of course, we did. The Zcash, which also use zk-SNARKs for transaction privacy, reduced its transaction generation time to less than 10s in the most recent upgrade “Sapling”. So we can also make it. Even in our case, the computation power that can be utilized is restricted by contract gas cost.

How do you see the advantages of the MimbleWimble protocol in terms of privacy? Grin and Beam use this infrastructure. What features does QTUM’s privacy infrastructure help stand out compared to MimbleWimble?

Phantom is a layer-1 privacy solution. We are also considering a layer-2 solution based on MimbleWimble. You can refer to this paper, https://eprint.iacr.org/2019/1435.pdf, which is also proposed by the Qtum team.

MW technology has like Phantom, has a very good design. Since we are implementing privacy on the smart contract layer, we choose zk-SNARK technology which is more mature. Also, based on Qtum Phantom Protocol, you can release the privacy token by yourself.

How does Phantom ensure that you will survive in a long time with vision and mission and improve its value?

I think the Phantom Protocol is one of the first few protocols that can support privacy for smart contracts. There are some anonymous coins but they do not support smart contracts. Also, there are a few smart contacts platforms where you can release tokens, but they do not have privacy. So Qtum fills the gap.

If someone sends zk-QTUM to another person’s account, this would result wouldn’t be recorded on-chain, right? so.. how do you control irregular situations that may arise?

The result is recorded on the blockchain in an encrypted manner. You can see the transaction, but the transaction has no public amount or address.

Why create 2 types of tokens, one public and one hidden? Is it not possible to carry out all the transactions only with the hidden token?

Yes, we can make all transactions confidential by using Phantom. The reason for two tokens is that there are still many benefits to traceability on the blockchain.

In the white paper, it says “The proposed protocol provides two kinds of assets: transparent and confidential assets.” Both of them use ERC-20 . So, what features make it different between each other?

Only the transparent assets are using the ERC-20 standard, which is convenient for transferring. The confidential assets are using the Zcash-like zk-SNARK-based standard.

What factors should be considered when selecting an appropriate hash function for zk-SNARKs?

The first one is the computation complexity of the hash function, which will affect the gas cost. The second is security. Some hash functions are really new and have not been applied to the blockchain area on a large scale. The security of these functions may need more time to verify.

How can you briefly describe zk-SNARK for somebody who doesn’t know about that?

You want to prove to your friend that you know the phone number of a pretty girl, but you don’t want to expose the number to your friend. So you call that girl, and your friend sees that the girl’s phone is ringing. That successfully proves you know the phone number.

What is the ultimate goal of the Phantom protocol?

Its goal is to support confidential transactions and assets on the blockchain. For this project, finally, we’ll provide a smart contract template that can help users to issue confidential assets on Qtum

What are Phantom’s competitors in this market? What are your competitive advantages over projects with the same idea?

The competitor is AZTEC, but compared with AZTEC, Phantom can hide the sender and receiver address at the same time, also the Gas price is cheaper than AZTEC.

Why do MINT and BURN operations consume fewer resources than TRANSFER? Also, why is the MINT operation performed in less than half a second, why is it so fast, even compared with the other 2 operations in the protocol?

The MINT and BURN operations only need to deal with 1 UTXO. But transfer needs processes 2 UTXOs; a confidential transaction needs contain at least two outputs.

Qtum should consider that privacy features could make problems such as black money laundering. When Qtum is used for that intention, Qtum will be banned from preexisting systems like MONERO if there aren’t any tools to prevent that crime. So what will Qtum do to solve these possible problems related to privacy features?

Yes, we thought about the implications. There needs to be some balance between 100% privacy and 100% transparent. Even for most of the regulators, they need to monitor the gateway of Fiat/Crypto. Privacy has a lot of strong use cases in the real economy, for example, if you want to release a national bond, you definitely want a privacy token, because you do not want everyone’s holdings to be transparent. So, we will give people the option.

In the unfortunate situation of the Covid-19 pandemic, the tourism industry was heavily affected. Is Phantom’s initiative a great solution? What are your plans to turn challenges into opportunities for Phantom’s development?

The Qtum team is pretty decentralized. Covid-19 does not have a big influence on the Qtum project. But we do hope all Qtum team members and all community members Stay Safe!

Other Qtum Technology Questions

Will the new offline staking implementation have the same features as PoS 3?

The new offline staking is very different from POS 3. In the future, we plan to implement smart contract based offline staking, where you can delegate your UTXOs to smart contracts, and the smart contract will distribute the rewards.

How many QTUM do I need to stake? How do block rewards for staking work? Are there master nodes?

There are no master nodes in Qtum, Qtum’s PoS protocol is one of the most decentralized POS networks. There’s no minimum requirement for staking.

The virtual machine of Qtum is called X86 VM, is this a custom version of the EVM? Also, the whitepaper says that QTUM is compatible with others VM, which ones?

The x86 VM is a completely new VM designed specifically to exploit some of the unique features in Qtum, including the UTXO model the underlying blockchain uses, as well as to include native integration of upcoming privacy technologies on Qtum. It is being built on top of a new technology layer referred to as ‘Neutron’. Neutron is a framework onto which other VMs can be integrated in the future to expose a common set of features with significantly less effort. Specifically, there are plans to eventually implement WASM on top of Neutron as well, but WASM tech is still too immature in blockchain context to have a set timeline for that integration.

Miscellaneous Questions

Is there any tendency to burn some tokens of supply in the future to stabilize the price?

Right now, most of the Qtum coins are in circulation. Based on the current regulatory environment, most projects will face a lot of legal risks if they buy back their coins from the market. Because for most regulators, if they see you buy back coins from the market, they will be more likely think the coin as a security. But if the regulation environment changes, we can consider this.