Confidential Transactions & Bulletproofs

June 25, 2019

The pursuit of anonymity in Bitcoin is a task undertaken by many members of the community. Knowing that each transaction must be verified by the network of nodes, the transactions are naturally public, and all can consult them. The pseudo anonymity of addresses slightly helps to improve anonymity in Bitcoin, but it is not enough to have a confidential financial network. The revelation of certain financial information, such as the recipients of a transaction or the amount thereof may jeopardize the concept of fair competition. There are also security risks associated with the fact that the transactions are public and may constitute a danger to users.

Numerous anonymity techniques have appeared in Bitcoin, like CoinJoin. It is a method of obfuscating transactions by mixing inputs and outputs in various ways, always relying on heuristics pre-established by blockchain analysis companies. To learn more about Coinjoin technology and its numerous implementations, you can consult our diagram.

The Coinjoin method is an effective way to mix senders as well as recipients of certain transactions. However, the value of transactions remains public and may be a means to de-anonymize certain users. The idea of anonymous transactions (Confidential Transactions) thus appeared in 2015 to meet this need by masking not only the recipients, but also the value of transactions. Anonymous transactions, however, had certain limitations with respect to their execution, since verifying their validity is too much of a burden for regular computer hardware. This is caused by the nature of the schemes and complex cryptographic computations required to verify them.

Bulletproof transactions are therefore a proposed alternative to anonymize transactions. Several well-known cryptographers and mathematicians such as Dan Boneh, Benedikt Bünz and Adam Back have built a more efficient method of masking the amounts of transactions by significantly reducing the audit burden through batch verification properties.

However, in its current form, there is a significant risk of inflation since the amounts are anonymous. There is no plan for implementing this type of transaction in the bitcoin protocol.