Papyrus: Papyrus Technical Roundup #13: Status of privacy research in Papyrus.martech ethereum digital-marketing digital-advertising adtech
Papyrus’ privacy consists of two main components — state channel privacy and privacy of transactions. State channel privacy involves encryption of state channel parameters and block data. Encryption is implemented as a combination of asymmetric and symmetric algorithms. We use the symmetric AES-256 to encrypt channel data. The asymmetric algorithm is used only to encrypt a symmetric key for AES. State channel encryption is currently being tested and will be released soon. It will protect state channel data from being viewed by unauthorized parties.
More information about state channel privacy can be found in our previous blog post:
Protecting payment transactions generated during channel settlements is a more challenging task and cannot be achieved by applying standard encryption. Private (or shielded) payment transactions require advanced cryptography like ring signatures or zero-knowledge proofs. Our first option was to copy the existing scheme from Monero or ZCash. Effectively, this means that each node would need to run two blockchains in parallel — one for the main chain and one for shielded transactions. On one hand, there are clear benefits to taking existing thoroughly tested code, like avoiding the implementation of complex cryptography by ourselves. But on other hand, the overall architecture would become overly complicated and less maintainable so our second option, which is currently under research is to add shielded transactions directly to the blockchain layer.
Currently, there are several different approaches being researched — RingCT (Monero), zkSNARKS (zCash) and Bulletproofs. We are comparing them using the following parameters: level of privacy, transaction size, transaction generation time, transaction verification time.
Monero RingCT’s privacy and also transaction size depends on the number of inputs (mixins) and outputs. Even for typical 2-input 2-output transactions, the size is quite large — around 13Kb. For mixin transactions with lots of inputs and outputs, the size could become larger than 100Kb. The Monero team is planning to switch to Bulletproofs which will reduce transaction size by ~84% (source: https://monero.org/xmr-community-invites-auditors) so we will not consider using RingCT in Papyrus.
The key benefits of zkSNARKS are: real zero-knowledge privacy and very short proof sizes, the latter of which is critical since blockchain storage is very expensive. The ZK proof occupies 188 bytes in every Zcash transaction. Verification time is around 8–9ms. Proof generation currently takes around 40 sec and 3Gb of RAM which is far from ideal. The ZCash team is planning to improve those numbers to 7 sec and 40Mb with its next major chain upgrade called ‘Sapling’ which will be activated in September 2018 (to read more https://blog.z.cash/cultivating-sapling-faster-zksnarks). A major drawback of zkSNARKS is their dependence on the initialization phase called trusted setup. If the trusted setup phase was compromised, then the security of the entire system becomes compromised and false proofs may be generated.
Bulletproofs are a relatively new approach to generate ZK proofs. They do not require a trusted setup. According to the Bulletproofs paper (https://eprint.iacr.org/2017/1066.pdf), a single 64-bit range proof is 675 bytes and takes 65 ms to generate and 3.9 ms to verify. Bulletproofs also support very efficient batching when several proofs are verified together or combined in one single proof. Batching allows for a 30–80% reduction in proof size and proving/verifying time.
Bulletproofs look very attractive but are a relatively new technology which means that it will require some time to be property audited before being included in real production blockchains. They require no trusted setup and may be considerably more efficient than zkSNARKS but have slightly larger proof sizes. We will continue our research to ensure that the proper choice of technology for shielded transactions is made.
Papyrus Technical Roundup #13: Status of privacy research in Papyrus. was originally published in Papyrus on Medium, where people are continuing the conversation by highlighting and responding to this story.
Original article was created by: Papyrus at blog.papyrus.globalDisclaimer: This article should not be taken as, and is not intended to provide, investment advice. Please conduct your own thorough research before investing in any cryptocurrency or ICO.
One more thing you may be interested in:
Interested in Cryptocurrencies and ICO's?
Follow our telegram channel for daily cryptomarket reports!Join @cointrends
|3 hours ago||ethereum|
|8 hours ago||ethereum|
|1 day ago||adtech|
|2 days ago||adtech|
|1 day ago||digital-marketing|
|4 days ago||digital-marketing|
|4 days ago||martech|
|2 weeks ago||digital-advertising|
Stay on top of Altcoins and ICO trends.
Subscribe to our free Weekly Cryptomarket report
Delivered once a week, strongly to your inbox.Subscribe to our mailing list
June 22, 2018
Year after year, more and more world-class statistics and publications appear, trying to alarm us of the deteriorating and obsolete state of the established ecosystem in the digital advertising market. Such problems as fraud, grey sector, brand safety violations, non-transparent middlemen cuts...From: Papyrus
June 19, 2018
An early morning start on a Monday is always a painful thing but when you are headed to NYC there is excitement in the air. On arrival at JFK everything runs smoothly through traffic to get to the hotel is minimal for a change — I might take this flight more often!After a short morning...From: Papyrus
June 13, 2018
June 05, 2018
Q1 2018 has clearly shown how Blockchain-based solutions continue their shift from “the distant future” to “everyday life.” Blockchain is evidently becoming more present both in digital and real spaces, threatening to reform the traditional mutual accounting and validation systems. And,...From: Papyrus
May 30, 2018
Our Founder and СEO held the comprehensive Papyrus’ presentation for the investors during special private dinner in Seoul.Preparation and organizational moments…Networking all the time…Apply to White List to reserve your PPR tokens today. Due to limited token amount and high demand we...From: Papyrus
May 29, 2018
We are continuous our roadshow to tell the world about Papyrus. Our Founder and CEO are planning a series of events in different parts of the globe in the near future. This story in pictures…Apply to White List to reserve your PPR tokens today. Due to limited token amount we screen and approve...From: Papyrus