### On the Confidentiality of Amounts in Grin

##### Abstract

Pedersen commitments have been adopted by several cryptocurrencies for hiding transaction amounts. While Pedersen commitments are perfectly hiding in isolation, the cryptocurrency transaction rules can reveal relationships between the amounts hidden in the commitments involved in the transaction. Such relationships can be combined with the public coin creation schedule to provide upper bounds on the number of coins in a commitment. In this paper, we consider the Grin cryptocurrency and derive upper bounds on the number of coins which can be present in regular transaction outputs. In a March 2020 snapshot of the Grin blockchain, we find that out of the 110,149 unspent regular transaction outputs 983 of them have less than 1800 grin (number of coins typically minted in half an hour) stored in them. On the other hand, 95% of the unspent regular transaction outputs in the snapshot have an upper bound which is at least 90% of the total Grin supply at their respective block heights. We conclude that while our method does not violate the confidentiality of the amounts in most of the outputs on the Grin blockchain, the amounts in some outputs can be estimated to be in a narrow range.

Note: Changes to Introduction section to state that Beam allows download of historical blocks

Available format(s)
Category
Applications
Publication info
Published elsewhere. MINOR revision.Crypto Valley Conference on Blockchain Technology 2020
Keywords
CryptocurrencyMimblewimblePedersen commitments
Contact author(s)
sarva @ ee iitb ac in
History
2020-06-18: revised
See all versions
Short URL
https://ia.cr/2020/723

CC BY

BibTeX

@misc{cryptoeprint:2020/723,
author = {Suyash Bagad and Saravanan Vijayakumaran},
title = {On the Confidentiality of Amounts in Grin},
howpublished = {Cryptology ePrint Archive, Paper 2020/723},
year = {2020},
note = {\url{https://eprint.iacr.org/2020/723}},
url = {https://eprint.iacr.org/2020/723}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.