Grin vs Beam: MimbleWimble heats up as crypto competitors launch
The genesis blocks of the MimbleWimble-based cryptocurrencies are landing.
- MimbleWimble is a technical foundation for privacy cryptocurrencies. Privacy coins are numerous, but new protocols like MimbleWimble to support them are much rarer.
- Grin and Beam are two MimbleWimble-based cryptocurrencies. Both found their genesis blocks in 2019.
- MimbleWimble-based cryptocurrencies may be a significant addition to the cryptocurrency ecosystem.
Grin and Beam are both new privacy-focused cryptocurrencies, launched around the same time in more or less direct competition to each other. Beam kicked its first block out of the gates on 4 January 2019, while Grin's first block arrived on 15 January, so both are almost brand new contestants in the cryptosphere.
The most immediate similarity between the two is that they're both privacy-centric cryptocurrencies based on MimbleWimble.
As active MimbleWimble implementations, Grin and Beam are significant additions to the world of crypto. This is because although there are dozens of privacy cryptocurrencies of varying degrees of reliability, there are far fewer technical foundations on which a privacy coin can be built.
The most prominent are the Zerocoin protocol (used by Zcash, PIVX and many more) and CryptoNote (first used in Bytecoin and best known in Monero). Now MimbleWimble, as used by Beam and Grin, is joining the pack. It delivers theoretical benefits over the incumbents in the form of tighter overall privacy and more scalability.
10 points to MimbleWimble
MimbleWimble was first proposed by the pseudonymous Tom Elvis Jedusor in 2016 as a way of implementing some of the privacy developments proposed in bitcoin's early days.
In short, people quickly realised that bitcoin wasn't very private and that it could be improved on. Unfortunately, because of the way bitcoin works, a lot of the proposed solutions would be untenable. MimbleWimble is essentially those proposed solutions built onto a more suitable framework.
These silly names sound like something out of Harry Potter
MimbleWimble, and much of the development of these cryptocurrencies, is full of Harry Potter references. MimbleWimble is the name of a tongue-tying spell in the Harry Potterverse, making it an apt name for a privacy-centric solution.
"I call my creation MimbleWimble because it is used to prevent the blockchain from talking about all user's information," the pseudonymous creator Tom Elvis Jedusor explained.
Tom Elvis Jedusor is Voldemort's real name in the French translation of Harry Potter.
The references have kept going since then, with many MimbleWimble developers since the first proposal also adopting thematically appropriate monikers. The first minimal version of Grin as a MimbleWimble implementation was created by the pseudonymous Ignotus Peverell – the original owner of Harry Potter's invisibility cloak.
It's not impossible to introduce privacy elements to bitcoin, but it can be challenging where other cryptocurrencies aren't as problematic.
The first problem
The crux of the issue as Jedusor explained it is that the bitcoin blockchain is designed to store everything and to cultivate that unbroken transaction record.
This is necessary to its functionality, but at the same time "is subjected to analysis by many companies whose business model is to monitor and control the lower classes," Jedusor notes. "This makes it very non-private and even dangerous for people to use."
So bitcoin's highly trackable transactions were no good, but they were also needed for it to function.
Some of the key earlier efforts to solve this problem included discoveries that could hide the amount of a transaction while still allowing its correctness to be validated as well as a system called CoinJoin, which let separate users trustlessly combine their transactions to confuse blockchain analysts. Then, in 2013, Nicolas van Saberhagen (a presumed pseudonym) formulated CryptoNote (PDF), which would go on to form the foundation of Monero, as a system that further stripped information away from prying eyes without compromising the functionality of the ledger.
"These solutions are very good and would make bitcoin very safe to use," Jedusor noted, and once safely combined can offer a decent amount of privacy.
The goal, then, became how to safely implement these privacy measures into bitcoin or another cryptocurrency.
The problem with the solution
The first issue was that these could not be effectively combined and implemented into bitcoin. This is because all these security measures require computations in their own right, which can drastically contribute to bitcoin blockchain bloat.
For example, CoinJoin-style merging of transactions would be one of the cornerstones, but you certainly couldn't depend on a system where users just had to trust that the other "joiner" wasn't recording the details of their interaction. It had to be made trustless. Unfortunately, doing so the easy way would involve too much blockchain bloat to be viable.
Whatever the solution was to be, it would mean taking bitcoin back to the drawing board and re-building it from the ground up.
What MimbleWimble does
A successful MimbleWimble implementation aims to deliver a workable system that incorporates these proposed features.
The CoinJoin-like system of trustlessly merged transactions, where transactions are grouped together but still able to get where they need to go, is at the centre of MimbleWimble's privacy. The key to making it work is "one way aggregate signatures" (OWAS), first publicly proposed to the bitcoin community in 2013.
This is basically a way of bundling up a lot of different transactions secretly and without breaking anything. Functionally, this system then allowed builders to start envisioning each block on the MimbleWimble-based blockchain as a single transaction, rather than a box filled with lots of other transactions.
The end result is a theoretically private, theoretically secure blockchain that is demonstrably lighter-weight and more scalable than bitcoin and many others. The main difference for users is that there are no amounts and no addresses on MimbleWimble blockchains. A lot of people are seeing it as the most suitable next frontier of anonymous cryptocurrencies.
After Jedusor's paper emerged, the bitcoin community started talking about whether it would be feasible to implement MimbleWimble into the core bitcoin protocol. The general consensus in the end was no.
Grin and Beam
With MimbleWimble off the table to retroactive implementation in existing projects, people started looking at building entirely new things.
Grin was the first to emerge, with Peverell posting a technical introduction to Grin in March 2017. The first Grin testnet was launched in November 2017.
Beam came later. It started in March 2018 and was presented in the coming months with a functional mining node and wallet client.
There are some technical and design differences between Grin and Beam, but the main difference might be their respective ethos and underlying ideals.
Grin taps the old crypto-anarchistic vibes that underpinned bitcoin and its early developments, and much like bitcoin is a volunteer-driven project helmed largely by pseudonymous individuals. By contrast, Beam came out with a concrete management structure, public discussion of how funds will be allocated and generally a much more organised and clear roadmap.
Whether one will eclipse the other, or if the cryptographic town is big enough for the two of them, remains to be seen.
Disclosure: At the time of writing, the author holds ETH.