You are looking at a specific version 20200903:082857 of this paper. See the latest version.

Paper 2020/1064

Mimblewimble Non-Interactive Transaction Scheme

Gary Yu

Abstract

I describe a non-interactive transaction scheme for Mimblewimble protocol, so as to overcome the usability issue of the Mimblewimble wallet. With the Diffie–Hellman, we can use an Ephemeral Key shared between the sender and the receiver, a public nonce R is added to the output for that, removing the interactive cooperation procedure. And an additional one-time public key P' is used to lock the output to make it only spendable for the receiver, i.e. the owner of P'. The new data R and P' can be committed into the bulletproof to avoid the miner’s modification. Furtherly, to keep Mimblewimble privacy character, the Stealth Address is used in this new transaction scheme. All the cost of these new features is 66-bytes additional data (the public nonce R and the one-time public key P') in each output, and 64-bytes additional signature data in each input. That is about 12% payload size increasing in a typical single input double outputs Mimblewimble transaction.

Note: Initial version of mimblewimble non-interactive transaction scheme design.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
MimblewimbleStealth addressBitcoinGrinConfidential transactionPrivacy
Contact author(s)
gary yu @ gotts tech
History
2020-12-21: last of 2 revisions
2020-09-03: received
See all versions
Short URL
https://ia.cr/2020/1064
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.