wangxinxi



Offline



Activity: 826

Merit: 1000





Founder & CEO of Coinut.com, Litecoin Core Dev







Hero MemberActivity: 826Merit: 1000Founder & CEO of Coinut.com, Litecoin Core Dev Confidential Transaction for Litecoin September 23, 2016, 03:10:26 PM #1



The basic idea of confidential transaction is to obfuscate the amount of Litecoins in all inputs and outputs and at the same time guarantee all outputs equal to the inputs in a cryptographically verifiable way using a technique named Pedersen commitment. More details can be found in [1, 2, 3].



According to [1], confidential transaction requires only a soft fork, so the deployment requires only a consensus from the miners, and the resulting new Litecoin Core will be backward compatible. Therefore, confidential transactions is also the most practical way of upgrading the anonymity of Litecoin at this moment.



Ring signatures [3, 4] can further improve anonymity but requires a hard fork to our best knowledge, which thus requires an almost unanimous decision from the whole Litecoin community in order to avoid a split of the Litecoin blockchain.



Regarding the plan, @coblee has clearly shown his interest in supporting the confidential transaction feature, and I have been working on it since two weeks ago. Now that the survey has been done, we will come up with a concrete implementation plan as soon as possible. If anyone outside the Core team wants to participate, kindly contact us.



[1]

[2]

[3]

[4] Litecoin, being a very successful digital currency, has many superior aspects than its predecessor Bitcoin such as faster confirmation time, nearly zero blockchain congestion, and no pre-mining. However, as we know, each Litecoin transaction consists of at least one input and output, and for now, the amount of each input and output is clearly shown to the public, causing privacy issues and potential loss of fungibility. To make Litecoin even more attractive as a digital currency, we are planning to add the confidential transactions feature into it.The basic idea of confidential transaction is to obfuscate the amount of Litecoins in all inputs and outputs and at the same time guarantee all outputs equal to the inputs in a cryptographically verifiable way using a technique named Pedersen commitment. More details can be found in [1, 2, 3].According to [1], confidential transaction requires only a soft fork, so the deployment requires only a consensus from the miners, and the resulting new Litecoin Core will be backward compatible. Therefore, confidential transactions is also the most practical way of upgrading the anonymity of Litecoin at this moment.Ring signatures [3, 4] can further improve anonymity but requires a hard fork to our best knowledge, which thus requires an almost unanimous decision from the whole Litecoin community in order to avoid a split of the Litecoin blockchain.Regarding the plan, @coblee has clearly shown his interest in supporting the confidential transaction feature, and I have been working on it since two weeks ago. Now that the survey has been done, we will come up with a concrete implementation plan as soon as possible. If anyone outside the Core team wants to participate, kindly contact us.[1] https://bitcoinmagazine.com/articles/confidential-transactions-how-hiding-transaction-amounts-increases-bitcoin-privacy-1464892525 [2] https://people.xiph.org/~greg/confidential_values.txt [3] https://eprint.iacr.org/2015/1098.pdf [4] http://research.microsoft.com/en-us/um/people/yael/publications/2001-Leak_Secret.pdf