Mimblewimble Effectively Falls Out of the Race for the Biggest Privacy Coin

Last Updated on

This week, Mimblewimble, a blockchain network that touts itself for prioritizing privacy, was exposed for being inherently flawed. Ivan Bogatyy, a researcher at venture capital firm Dragonfly Capital Partners, wrote in a blog post published on November 18 that he was able to gain access to the security protocols of GRIN, the cryptocurrency hosted on the Mimblewimble network. 

By spending just about $60 weekly on Amazon Web Services, the researcher claimed that he was able to access the wallet addresses of both senders and recipients on about 6 percent of the transactions conducted with the asset. 

Ensuring privacy in crypto 

In his blog post, Bogatty explained that this flaw was peculiar to Mimblewimble, and not other privacy-focused cryptocurrency networks like Monero and Zcash. He added that there is currently no solution for the privacy gaffe, thus effectively putting GRIN and Mimblewimble one rung lower on the ladder of privacy cryptocurrencies.  

The piece also saw Bogatty speak on how privacy in crypto is usually ensured, with most of them being based on anonymity tests. Essentially, patterns that aggregate several transactions into a set, such that they remain indistinguishable. Based on this, he pointed out three major approaches used by privacy coins. Of all privacy coins, his analysis showed that Zcash is the most effective in doing its job, since its anonymity set also includes shielded transactions. 

As for Monero, users can pick their anonymity set between sizes 10 and 25 for existing on-chain unspent output from Bitcoin transactions (UTXO), while all transactions on Mimblewimble are aggregated into a single CoinJoin, leaving anonymity set as all the transactions being on one block. 

This flaw was what made it possible for him to gain access to such a high percentage of transaction records. As he put it, the remaining 4 percent that he couldn’t get consisted of a few transactions which had already merged before most nodes could see them. 

Privacy enthusiasts still love Monero

Although this research gives a lot of insight into how to go about building a privacy coin, its effects on the nature of the market probably won’t be so pronounced. GRIN ranks as 112 among crypto assets by market cap (value at $1.27), while both Monero (rank #13, worth $59.69) and Zcash (rank #31, worth $34.67) rank way higher (according to data from CoinMarketCap).

As for users who love privacy, it would seem like Monero is getting the job done as well. Given how regulatory authorities continue to find it easy to track transactions conducted on the Bitcoin network and with the currency, many have heralded Monero as the new king of privacy coins. 

Sadly, a lot of these people have been criminals, as well. Several malware has been discovered this year, with most of them opting to either use brute force hacking or the popular cryptojacking method to mine Monero tokens and send them to the attackers.

Remember, all trading carries risk. Views expressed are those of the writers only. Past performance is no guarantee of future results. The opinions expressed in this Site do not constitute investment advice and independent financial advice should be sought where appropriate. This website is free for you to use but we may receive commission from the companies we feature on this site.

About Jimmy Aki

Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system.

Leave a Reply

Your email address will not be published. Required fields are marked *