Tag Archives: bitcoin halving

Understanding TumbleBit Part Two: The Endgame

Understanding TumbleBit Part Two: The Endgame — Instant, Anonymous, Scaleable Payment System On Top Of Bitcoin

In Understanding TumbleBit Part 1: Making the Case, I talked about the importance of privacy in general, the state of privacy in Bitcoin and compared TumbleBit with other alternatives. You do absolutely not need to read that in order to make sense to this article. To recap take a look at this tweet:

Today I will speculate on the SSJ God level. And maybe, just maybe you will feel like it all makes sense and become more excited than ever about the future of Bitcoin.

In this article I will outline the idea, the desire, the vision, the end game of TumbleBit: a trustless, instant, free, anonymous, scaleable payment system. On top of Bitcoin.

Ok, but how soon?

At the moment there are numerous implementations: a proof of concept from the creators in C++, a more advanced codebase from them in Python. And there is a NTumbleBit in .NET Core, a production ready TumbleBit: Classic Tumbler Mode, you know the Super Saiyan one. However it is yet untested, undocumented, user unfriendly and undeployed. Others are planning to implement it as well.

Generally Ethan Heilman and the other cryptographers from Boston University are concentrating more on the theoretical, the academic part, while Nicolas and me are on the practical, the implementation part.

In the end all of us are in daily contact, working together and helping each other. For example I just executed a brilliant and well-planned social engineering attack on Ethan:

So I can provide you the chance to contribute if you want: 199G7vQxuSYRNRrcM7qatY2kRH69g7qmpo

Using a payment hub vs on-chain mixing

There is a fundamental problem with on-chain mixing. Consider how mixing works: you send the Mixer some bitcoins and it sends back fully unrelated ones:

Imagine you bought two bitcoins. One to hodl and one to buy alpaca socks from the Silk Road, so you send 1btc to a mixer and buy the socks. But that is not how Bitcoin works. You actually have to spend all your 2btc. You spend 1btc to the mixer and 1btc switch goes back to you.

If you later acquire another 1btc and determine to buy something for 1.5btc that transaction would look like this:

So you are joining coins together. This is not ideal from a privacy point of view. This is one of the main reason why the blockchain surveillance companies are thriving. Therefore any bitcoin mixing that often visits the Bitcoin blockchain is not ideal.

So why not all of us just send all our bitcoins to CoinBase and and keep transacting inwards their system. Wait a moment: we now have instant transactions! Even better, we’ve just reclaimed our privacy, too!

There are two problems, tho’: 1. CB can steal our coins. Two. CB can deanonymize us. We only have an instant, free, scaleable payment system, but we want a trustless, instant, free, anonymous, scaleable payment system. This payment system would be CoinBase: Super Saiyan God mode, or in a lamer name: CoinBase: bi-directional payment hub mode.

So the question is: how do we take a centralized mixer, like CoinBase to Supa Saiya-jin Goddo level? Or rather how do I coax you it is possible?

Trustless

Using bi-directional multiparty payment channels we can make CoinBase trustless. I will not go into the details, you can read up on it at many places, I just would like to point out the fact for this to work CoinBase has to have at least as much bitcoins as much volume goes through it. This is a very real economic bottleneck and will most likely result many CoinBase hubs, or let’s say TumbleBit hubs from now on. On the other forearm this is a positive Bitcoin price pressure, so keep hodling.

Anonymous

But how can we hide who sends who inwards the payment hub from the payment hub? TumbleBit provides a fascinating solution for this. It is based on David Chaum’s blind signatures from 1999.

Here's the basic idea of blind signing in Chaumian e-cash: Let's suppose that a central issuer (Chaumian e-cash is…bitcoin.stackexchange.com

I should mention the SSJ God level is not written in stone yet, or sall I say not written in whitepaper? So its achieveability is uncertain at this point, only the SSJ3 level is certain, what I totally dismiss in this article, because it is about the end-game, not the middle-game of TumbleBit.

So what do you think? Will the creators go from a days long running, Bitcoin full-node requiring, untested, undocumented, user unfriendly, undeployed CLI software to a trustless, instant, free, anonymous, scaleable payment system? Find out in the next Tumble Bit Z episode…

Understanding TumbleBit Part Two: The Endgame

Understanding TumbleBit Part Two: The Endgame — Instant, Anonymous, Scaleable Payment System On Top Of Bitcoin

In Understanding TumbleBit Part 1: Making the Case, I talked about the importance of privacy in general, the state of privacy in Bitcoin and compared TumbleBit with other alternatives. You do absolutely not need to read that in order to make sense to this article. To recap take a look at this tweet:

Today I will speculate on the SSJ God level. And maybe, just maybe you will feel like it all makes sense and become more excited than ever about the future of Bitcoin.

In this article I will outline the idea, the wish, the vision, the end game of TumbleBit: a trustless, instant, free, anonymous, scaleable payment system. On top of Bitcoin.

Ok, but how soon?

At the moment there are numerous implementations: a proof of concept from the creators in C++, a more advanced codebase from them in Python. And there is a NTumbleBit in .NET Core, a production ready TumbleBit: Classic Tumbler Mode, you know the Super Saiyan one. However it is yet untested, undocumented, user unfriendly and undeployed. Others are planning to implement it as well.

Generally Ethan Heilman and the other cryptographers from Boston University are concentrating more on the theoretical, the academic part, while Nicolas and me are on the practical, the implementation part.

In the end all of us are in daily contact, working together and helping each other. For example I just executed a brilliant and well-planned social engineering attack on Ethan:

So I can provide you the chance to contribute if you want: 199G7vQxuSYRNRrcM7qatY2kRH69g7qmpo

Using a payment hub vs on-chain mixing

There is a fundamental problem with on-chain mixing. Consider how mixing works: you send the Mixer some bitcoins and it sends back fully unrelated ones:

Imagine you bought two bitcoins. One to hodl and one to buy alpaca socks from the Silk Road, so you send 1btc to a mixer and buy the socks. But that is not how Bitcoin works. You actually have to spend all your 2btc. You spend 1btc to the mixer and 1btc switch goes back to you.

If you later acquire another 1btc and determine to buy something for 1.5btc that transaction would look like this:

So you are joining coins together. This is not ideal from a privacy point of view. This is one of the main reason why the blockchain surveillance companies are thriving. Therefore any bitcoin mixing that often visits the Bitcoin blockchain is not ideal.

So why not all of us just send all our bitcoins to CoinBase and and keep transacting inwards their system. Wait a moment: we now have instant transactions! Even better, we’ve just reclaimed our privacy, too!

There are two problems, tho’: 1. CB can steal our coins. Two. CB can deanonymize us. We only have an instant, free, scaleable payment system, but we want a trustless, instant, free, anonymous, scaleable payment system. This payment system would be CoinBase: Super Saiyan God mode, or in a lamer name: CoinBase: bi-directional payment hub mode.

So the question is: how do we take a centralized mixer, like CoinBase to Supa Saiya-jin Goddo level? Or rather how do I woo you it is possible?

Trustless

Using bi-directional multiparty payment channels we can make CoinBase trustless. I will not go into the details, you can read up on it at many places, I just would like to point out the fact for this to work CoinBase has to have at least as much bitcoins as much volume goes through it. This is a very real economic bottleneck and will most likely result many CoinBase hubs, or let’s say TumbleBit hubs from now on. On the other mitt this is a positive Bitcoin price pressure, so keep hodling.

Anonymous

But how can we hide who sends who inwards the payment hub from the payment hub? TumbleBit provides a fascinating solution for this. It is based on David Chaum’s blind signatures from 1999.

Here's the basic idea of blind signing in Chaumian e-cash: Let's suppose that a central issuer (Chaumian e-cash is…bitcoin.stackexchange.com

I should mention the SSJ God level is not written in stone yet, or sall I say not written in whitepaper? So its achieveability is uncertain at this point, only the SSJ3 level is certain, what I totally dismiss in this article, because it is about the end-game, not the middle-game of TumbleBit.

So what do you think? Will the creators go from a days long running, Bitcoin full-node requiring, untested, undocumented, user unfriendly, undeployed CLI software to a trustless, instant, free, anonymous, scaleable payment system? Find out in the next Tumble Bit Z episode…

Related video: