Performance Trade-offs in Design of MimbleWimble Proofs of Reserves

Abstract

Revelio (CVCBT 2019) is a proof of reserves protocol for MimbleWimble-based cryptocurrencies which provides privacy to a cryptocurrency exchange by hiding the exchange-owned outputs in a larger anonymity set of unspent outputs. A drawback of Revelio is that the proof size scales linearly in the size of the anonymity set. To alleviate this, we design RevelioBP, a Bulletproofs-based proof of reserves protocol with proof sizes which scale logarithmically in the size of the anonymity set. This improvement allows us to use the set of all UTXOs as the anonymity set, resulting in better privacy for the exchange. On the downside, the higher proof generation and verification time of RevelioBP than that of Revelio might affect practical deployment of RevelioBP. Through implementation of RevelioBP, we quantitatively analyse trade-offs in design of MimbleWimble proofs of reserves in terms of scalability and performance. We conclude that unless proof size is a concern for exchanges, Revelio is a marginally better choice for proof of reserves. On the other hand, if an exchange is willing to pay in terms of proof generation time, RevelioBP offers proof sizes significantly smaller than Revelio.

Note: Added a section on faster verification of the RevelioBP proof of reserves using a single multi-exponentiation check.

Available format(s)
Category
Applications
Publication info
Published elsewhere. MINOR revision.IEEE Security & Privacy on the Blockchain 2020
Keywords
CryptocurrencyMimbleWimbleGrinProof of ReservesZero-knowledge Argument
Contact author(s)
sarva @ ee iitb ac in
History
2020-09-04: revised
See all versions
Short URL
https://ia.cr/2020/938

CC BY

BibTeX

@misc{cryptoeprint:2020/938,
author = {Suyash Bagad and Saravanan Vijayakumaran},
title = {Performance Trade-offs in Design of MimbleWimble Proofs of Reserves},
howpublished = {Cryptology ePrint Archive, Paper 2020/938},
year = {2020},
note = {\url{https://eprint.iacr.org/2020/938}},
url = {https://eprint.iacr.org/2020/938}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.