Paper 2022/265

Non-interactive Mimblewimble transactions, revisited

Georg Fuchsbauer, TU Wien
Michele Orrù, University of California, Berkeley
Abstract

Mimblewimble is a cryptocurrency protocol that promises to overcome notorious blockchain scalability issues and provides user privacy. For a long time its wider adoption has been hindered by the lack of non-interactive transactions, that is, payments for which only the sender needs to be online. Yu proposed a way of adding non-interactive transactions to stealth addresses to Mimblewimble, but we show that it is flawed. Building on Yu and integrating ideas from Burkett, we give a fixed scheme and provide a rigorous security analysis in a strenghtening of the previous security model from Eurocrypt'19. Our protocol is considered for implementation by MimbleWimbleCoin and a variant is now deployed as MimbleWimble Extension Blocks (MWEB) in Litecoin.

Note: Full version for AC'22 proceedings (minor changes and typos).

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in ASIACRYPT 2022
Keywords
cryptographic protocols e-cash mimblewimble
Contact author(s)
georg fuchsbauer @ tuwien ac at
michele orru @ berkeley edu
History
2022-11-26: last of 4 revisions
2022-03-02: received
See all versions
Short URL
https://ia.cr/2022/265
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/265,
      author = {Georg Fuchsbauer and Michele Orrù},
      title = {Non-interactive Mimblewimble transactions, revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2022/265},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/265}},
      url = {https://eprint.iacr.org/2022/265}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.