Grin Coin, the Private and Lightweight Mimblewimble Implementation

A community focused project based on the Mimblewimble protocol

Grin Coin is a privacy-focused, secure (PoW) and scalable cryptocurrency that supports electronic transactions without censorship and restrictions. Grin proposes a private and lightweight blockchain, based on the Mimblewimble protocol.

First, a little story about how Mimblewimble was introduced and what the software protocol is all about.

Mimblewimble

Mimblewimble was born in 2016, when an anonymous individual, going by the pseudonym Tom Elvis Jedusor (a character from the Harry Potter books), signed into a Bitcoin IRS research channel, dropped a document and signed out. The document contained information about a new blockchain proposition titled: Mimblewimble (also a reference to a Harry Potter). An updated whitepaper of Mimblewimble was published by Andrew Spoelstra on the 6th of October 2016.

The original Mimblewimble document contained a new approach to the blockchain-based ledger. It proposes a change in transaction construction from Bitcoin’s, making transactions more private and scalable. Mimblewimble utilizes some of the originally intended tricks for Bitcoin to empower the privacy of transactions (Greg Maxwell’s CoinJoin and Confidential Transactions).

Mimblewimble’s protocol summarizes the blockchain so that only a final state summary is kept. Privacy and scale are both optimized at the same time in the protocol.

Grin Coin

Grin Coin is foremost a community project run by a technocratic counsel, contributing developers, forum frequenters, mailing list subscribers, and a mining/ hardware community, focused on decentralized development and mining.

Grin is a cryptocurrency that aims to solve the privacy and scalability issues that are currently lacking in big brother, Bitcoin. Grin proposes an improved version of Bitcoin, that is accessible and usable for everyone, everywhere. Grin Coin is intended to be used as a means to exchange.

Grin’s implementation of Mimblewimble is open-source and the blockchain has been built from scratch using Rust as their primary programming language. As a privacy-focused cryptocurrency, Grin competes with ZCash, Monero and fellow Mimblewimble implementation, BEAM.

Bitcoin transactions

To understand how to transact Grin Coin, we first need to talk about Bitcoin and its UTXO transaction model. As a transaction-based system, Bitcoin does not store wallets or balances on its blockchain.

There are three key ingredients in a valid Bitcoin transaction:

1. Proof of ownership (signature)

2. Availability of funds

3. No other transactions are using the same funds

To enforce these three features, Bitcoin uses the UTXO model or Unspent Transaction Output model.

Alice wants to send Bitcoin to Bob. Alice unlocks her Bitcoin wallet and starts importing key data that is necessary to send the transaction (the amount she wants to send and Bob’s public key). The transaction is not made up of the balance from the address from where Alice sends the Bitcoin, but it is made up of inputs (UTXOs) that were generated from previous Bitcoin transactions that were credited to her private key (2).

Every single input in each transaction, and there can be multiple inputs, need to be individually signed in order to be cryptographically secure. Alice signs the transaction, proving BTC ownership (1) using her public key. Elliptic Curve Cryptology (ECC) derives Alice’s public key from her private key, without the ability to trace the public key back to the private key.

Bitcoin full nodes are required to track all the UTXOs in existence in order to prevent people from double spending (3), taking up a lot of computing space.

Grin Coin transactions

What Grin does, it creates one multi-signature for all inputs and outputs, in oppose to Bitcoin’s transaction model that requires a multitude of signatures, one for each input in the transaction. Instead of addresses, the two parties share a ‘blinding factor’ so that no-one other than the parties involved can see or retrace the transaction amount and the people involved in the transaction, hence create a private transaction.

A blinding factor makes up the zero-knowledge proof system in confidential transactions (CT). Blinding factors cryptographically encrypt all the inputs and outputs in a transaction. They are the ‘missing part’ or the private key for each input. If you know the blinding factor for a given output, you can spend it. By adding together all the blinding factors for every input in the transaction, you can prove you own all the inputs used in the transaction, but you are not sharing your private keys. A downside to this way of transacting is that both parties need to be online at the same time to execute the transaction.

A Grin transaction is validated using two properties:

1. Verification of zero sums (total inputs — outputs must be 0), no new coins have been created out of thin air

2. Possession of private key

While Mimblewimble, in essence, doesn’t support scripting, like in Bitcoin, solutions for Mimblewimble/ Grin are in the making for specific script-less scripts that, for instance, support cross-chain atomic swaps. The software has been written and initial tests have been done.

As a community project, Grin is completely dependent on donations. If you would like to contribute, you can check out their dedicated donation page, here.

Dandelion++

To mitigate risk and reduce the probability of origin detection (IP) by network nodes, Mimblewimble and its implementations Grin and Beam implement Dandelion ++. Dandelion is a lightweight network layer protocol proposed by Giulia Fanti, in 2017. IP addresses can become compromised by nodes recording all IP transactions. This could lead to the deanonymizing of certain IP addresses. Another blockchain-based project to implement dandelion is Zcoin.

Schnorr signatures

Grin intends to implement Schnorr signatures, which summarize one signature out of a number of signatures. You can still validate that all the transaction have been signed, but you cannot see the individual signatures. The one signature is the same size as all the other signatures, that you used to send in a transaction, saving a lot of space. Schnorr signatures aim to improve the efficiency of validating a transaction as well as offering new forms of multi-signature. Schnorr signatures are still in the research phase and have not been properly tested yet to safely use on a large scale.

Coin distribution

The coin distribution is intended to be fair. The initial supply was 0. Mining started as of the 16th of January 2019, with one new Grin Coin being issued every second. The block reward is 60 grin, with a block target of one minute. Grin instituted a linear emission scheme, meaning the emission will stay the same during the entire emission period. Grin is a lightweight blockchain so it syncs a lot faster than for instance running a full node on the Bitcoin network that can take months to fully sync.

Governance

Because of the community-focused nature of Grin, having an organized governance system in place is essential. Besides having regular development meetings, Grin also has bi-weekly governance meetings on Gitter. Anyone is welcome to attend those meetings and contribute to the conversations. A summary of the topics that were being discussed and decisions that were made can be found on GitHub. This way of implementing governance seems very open and transparent.

Cuckoo Cycle consensus algorithm

To protect the project from the influx of ASIC miners, manufactured by centralized companies and to protect the project against the increased chance of 51% attacks ASIC miners bring to the table, Mimblewimble intended to utilize cuckoo cycle. Cuckoo cycle is a proof of work algorithm that has an ASIC PoW resistant framework.

Because ASIC manufacturers can ‘secretly’ create miners with the ability to mine Grin, without publicly disclosing, giving them an unfair advantage over GPU miners, Grin decided to release two mining algorithms to mine Grin. One being ASIC resistant and one being ASIC friendly. Cuckatoo Cycle 31+ (C-31+) is being ASIC friendly, while Cuckaroo Cycle 29 (C-29) is ASIC resistant. 90% of the block reward will go towards C-29 miners in the beginning, while C-31+ miners will share the other 10%. Over time a greater proportion of the mining rewards will go toward C-31+ miners, as you can see in the graph below.

Distribution scheme of Grin mining rewards

Mining Grin

Currently, Grin can be mined on a desktop using a Linux or Apple OS plugin. You are also required to download additional software to enable running a Grin node.

While I haven’t mined Grin Coin myself yet, there are mining instructions/ manuals available online that will help with your mining setup.

Adopting an ASIC resistant PoW algorithm hasn’t demotivated ASIC miner manufacturers of building Grin mining machines.

ASIC manufacturer Obelisk, already announced the Obelisk GRN1, a mining machine that is suited for Grin’s Cuckatoo31+ proof of work algorithm. The mining machine is projected to be shipped around October 2019 at an initial cost of $ 3,000. After 10,000 vouchers (thus machines) have been sold the price will rise towards $ 6,000 starting with the 2nd batch of sales. If the purchase of a mining unit does not seem attractive anymore to a buyer, one can opt to exchange the voucher for a refund of $ 2,000. One mining unit should be able to perform at least 100 graphs per second while consuming max 800 Watt, as opposed to an NVIDIA RTX 2080 Ti, that performs on average 2 graphs and consumes around 250 Watt.

Graphics card manufacturer Sapphire Tech announced a new line of cards that fit the needs for mining Grin Coin with their RX 570 16GB HDMI Blockchain Graphics Card. According to Sapphire Tech, the graphics card will be available to order in the near future, claiming it will give a big advantage to early-stage Grin Coin miners.

Exchange listings

Grin is listed on various exchanges including Bittrex, Kucoin, OKEx, Gate.io, Hotbit, Bgogo and Bibox.

Concluding remarks

As I alluded to above, Grin is focused around their community. It is a community effort to keep up the project. A good community will reap the rewards of contributing to the project. It is great to witness some online social coherence, which is happening with Grin.

Mimblewimble has me, and a lot of others in the industry, very excited. I am looking forward to following the project and see where it leads. I hope the Grin community can continue to grow and develop. They are off to a great start, gained a lot of traction and I am rooting for them to stay on top.

An interesting interview with Jasper van der Maarel, member of the Grin Counsel can be viewed, here.

Grin website: https://grin-tech.org/

Grin GitHub: https://github.com/mimblewimble/grin

read original article here