One Mathematician's Mission to Boost Bitcoin's Privacy (And Soon)
Blockstream researcher Andrew Poelstra's efforts to create a more private bitcoin aren't about extremes, but about protecting the everyman.
Have modern internet companies gone too far?
According to mathematician and Blockstream research director, Andrew Poelstra, the answer is unequivocally yes. In his view, companies are simply now vacuuming up troves of customer data, which they then sell to others without the owner's knowledge or benefit. (Think how Instagram owns user images, or Target acquires huge amounts of data on what products people buy).
Not just a bad deal for customers, though, security experts even worry that with all this data, AI systems will be able to predict what a person will do next by following data trails, conjuring up concerns about real-life dystopias like those of sci-fi books and movies.
As such, Poelstra is using his two passions – math and bitcoin – to try to bring added privacy to online money.
To this end, Poelstra has been tinkering away, formulating mathematical equations and writing code, to hide bitcoin's "trails." Trails being the traces of personal information – who you are, what you buy, for how much – that can be gleaned when transacting online when using bitcoin.
Because the world's first cryptocurrency rides on a public ledger, users who aren't especially careful can leave traces for all with an internet connection to see.
"Those trails that no one thinks about, I wish that they weren't there," Poelstra told CoinDesk, adding:
And that statement might just reveal Poelstra's true mission.
Unlike many privacy advocates, who to describe the point of creating a private money system typically point to extremes, Poelstra isn't focused on these edge cases, he's focused on his friends and family.
Speaking during a panel at CoinDesk's Consensus 2018 conference, he summed up his outlook stating, "I think about myself, not people who are really in any extreme turmoil or instability."
Scriptless scripts
Poelstra's recent work revolves around a project called "scriptless scripts," which allow for bitcoin smart contracts that don't use so much data.
More complex smart contracts can sometimes require more storage, so while they offer the ability to perform more complicated transaction types, they've become a key hurdle for smart contracts platforms.
One popular cryptocurrency project, mimblewimble, has struggled with this exact tradeoff. In creating a protocol that improved upon bitcoin's scale and privacy limitations, it was thought mimblewimble might be unable to support more complex transactions through smart contracts. So Poelstra, not convinced it was impossible, put his interest in math to work on this issue, and came out with scriptless scripts.
"Then I realized there's no reason to do this in mimblewimble. You can do it in bitcoin," he told CoinDesk.
On top of the smart contract benefits for mimblewimble, the concept also has scalability and privacy advantages for the longest-running and largest cryptocurrency.
According to Poelstra, scriptless scripts can help improve the privacy of lightning payments, those that take place on bitcoin's layer-two scaling technology that pushes transactions off the blockchain.
"With it, you no longer need to publish to the world all the details of your payment channels," Poelstra said.
And all this work could come to fruition sooner than many might expect.
Scriptless scripts are just a couple steps away. They merely require Schnorr signatures, a technology pioneered (for bitcoin at least) by veteran developer Pieter Wuille – which Poelstra has also contributed to – to be implemented and voted on and approved by bitcoin users.
But Poelstra believes this technology will only really have the biggest effect on privacy by being joined by other technology.
For instance, Poelstra would like to see the recently unveiled and much-applauded Taproot, which was created by long-time bitcoin core contributor Greg Maxwell, also implemented.
In that, the lightning network would get even more private, since it makes all bitcoin transactions look the same – so people wouldn't be able to tell the difference between on-chain and lightning's off-chain transactions.
"That is, the user does not even need to reveal that she is using payment channels at all!" Poelstra said.
Minor changes
But all these various small code changes seem like a slow, patchwork way of making bitcoin private. Instead, why can't developers just do something big and all-encompassing?
According to Jameson Lopp, an engineer at key management startup Casa, "There's no silver bulletproof for fixing cryptocurrency privacy problems."
Poelstra echoed that, saying that no one's so far been able to wave a magic wand and suddenly create a completely private cryptocurrency without any downsides. One particularly stubborn trade-off is scalability.
But Poelstra is also working on this as well in a recently unveiled breakthrough he's been contributing to called bulletproofs. In short, bulletproofs helps to decrease the size of another privacy technology called confidential transactions, which is a cryptographic way of shielding bitcoin user balances.
The size of these transactions is the main thing holding back the long-in-the-making privacy technology, so bulletproof's reduction is important.
But even with this breakthrough, the transactions are still not small enough.
"I can't see it ever getting enough community support because of scalability," Poelstra said.
Not only that but confidential transactions only shield bitcoin balances, and do not hide the other various parts of a transactions – like where a transaction came from and who the sender and receiver are.
That's why Poelstra is only one technologist taking on this thorny problem.
Developers of the core protocol, but also technologists in other areas, such as wallet developers are all working on privacy-enhancing technologies for users.
STORY CONTINUES BELOW
And because that's happening today, Poelstra thinks there's a "whole pile" of other promising ways to shield various pieces of bitcoin.
Andrew Poelstra image via CoinDesk