Posted on

Where's Greg? Maxwell Eyes New Bitcoin Projects After Blockstream

One of bitcoin’s most respected developers, Gregory Maxwell, is returning to his cypherpunk roots with a series of new projects.

After nearly four years as CTO of high-profile bitcoin technology startup Blockstream, he’s departed that position to focus exclusively on code. Mainly because, as Maxwell explained in his departure letter, he accomplished what he set out to do at the startup, addressing the “significant under-investment” in bitcoin’s technology at the time he joined.

But with a “much larger and more active” developer community around bitcoin today, Maxwell is going into 2018 an untethered man set on improving bitcoin smart contracts.

In this pursuit, Maxwell published a paper on something called “Taproot” in mid-January, an idea that improves upon the privacy of MAST, an idea, long in the making, that could beef up bitcoin’s smart contract abilities. Days later, Maxwell released another proposal called “Graftroot,” improving on MAST further.

So, why is this focus so attractive for Maxwell?

Maxwell told CoinDesk:

“I expect every transaction to eventually use these tools, at least in limited ways. They are an incremental improvement, making things that were already more or less possible more private and efficient. They replace or make much better things like MAST.”

And so far, many developers have praised Maxwell’s new work.

“Taproot is annoyingly clever,” Lightning Network creator Tadge Dryja quipped on Twitter, adding that while the idea sounds simple in hindsight, no one had thought about it before Maxwell.

Like a dandelion?

Maxwell’s interest seems to be aligning with greater attention to MAST now that SegWit (a code change MAST depends on) has been activated on bitcoin.

To understand MAST, it’s helpful to start by looking one of the common use cases of bitcoin today – M-and-N multi-signatures, which require that coins can only be spent if a certain number of users (such as two-of-two, three-of-five) approve the transaction. One problem that can arise in these types of transactions is that one party loses their private key to sign with or just decides altogether not to comply, and at that point the money is unspendable.

MAST allows users to add additional conditions for when a transaction can be spent in a more efficient way, helping to solve the above issue.

For example, a transaction can be set to lose the need for multiple signatures, if the multi-signature funds aren’t spent after, say, 10 years. The magic of MAST is that it can cram all of this logic into one transaction efficiently.

In short, with Taproot and Graftroot, Maxwell has found a way to further improve privacy for these advanced transactions.

In Maxwell’s eyes, the problem with MAST as it stands is that each MAST transaction looks different than a normal transaction, which can be harmful for privacy, since people viewing bitcoin’s public ledger could theoretically glean which transactions are using MAST and in turn, more about financial transactions they have no business knowing anything about.

Taproot improves privacy in MAST instances where multi-signatures is used, by making those transactions, once settled on the blockchain, look the same as other transactions.

While Maxwell admits the use case is narrow, he told CoinDesk:

“There has been a lot of hype about smart contracts, but real and meaningful useage of them hasn’t caught up with that hype yet.”

But taking baby steps backed by real uses cases could help expand bitcoin’s value proposition as programmable money.

Both proposals, according to Maxwell, make smart contracts “easier to implement, more fee efficient and more private,” he said. “Taproot and Graftroot improve the backend technology for these advanced applications and by doing so will contribute to making them more accessible to people.”

And this ability to accomplish complex transactions without exposing that complexity is where Taproot specifically got its name.

“Taproot is most efficient to use for smart contract usage that resembles the root system of plants like a dandelion – a thick central path and small alternatives,” Maxwell said.

Simple but useful

While Maxwell is sold on the ideas, Taproot has attracted minor debate.

One of Maxwell’s former co-workers at Blockstream, Mark Friendenbach, argued that Taproot shows that MAST, if implemented a certain way, could cause problems in the future. His contention isn’t that Taproot itself is a bad proposal (in fact he argues the exact opposite), but that many of the MAST implementations on the table today aren’t built with future iterations in mind.

While Chaincode developer Matt Corallo said Taproot’s additional privacy is “absolutely massive to the ecosystem” and “should not be handwaved away for vague possibly-advantages.”

As long as Taproot and Graftroot get approval from developers and the community, though, Maxwell said it is possible to roll out the technologies alongside “future signature system upgrades,” such as aggregate signatures, another project Maxwell has contributed to.

But there could be some barriers still. According to Maxwell, bitcoin smart contracts are still a long way off.

“For real smart contracts like these to gain wide use a lot of additional work is required especially in the area of providing good user interfaces to use them,” he said.

But still, if disagreements are overcome, implementing and rolling out MAST with Taproot and Graftroot will be relatively painless.

Maxwell concluded:

“Taproot is one of these ideas which are very simple to implement but very useful.”

Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which has an ownership stake in Blockstream. 

Image via GregIsMissing.com

The leader in blockchain news, CoinDesk is an independent media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. Interested in offering your expertise or insights to our reporting? Contact us at news@coindesk.com.

Posted on

Bitcoin Bulletproofed: Wuille, Maxwell and More Propose Scalable Privacy Tech

Bitcoin may be one step closer to offering users improved confidentiality.

Proposed in a new paper authored by heavyweight cryptographers including Dan Boneh, Pieter Wuille and Greg Maxwell, “Bulletproofs” outlines a new technique that would reduce the size of so-called “confidential transaction” code – long floated as a possible way to shield the transaction amounts currently public on the blockchain, the cryptocurrency’s globally distributed ledger.

A rough sketch of the confidential transactions idea was first proposed informally on a popular bitcoin forum in 2013 by Adam Back, CEO of bitcoin startup Blockstream, and while the technology has been iterated on over the years, it still comes with a high cost. Transactions that use the technology take up about 16 times more space in the blockchain than normal bitcoin transactions.

Because of this, the idea has been dismissed as too bulky for the live bitcoin network, which is already facing much-discussed scaling problems.

But the new paper, co-authored also by Benedikt Bunz, Jonathan Bootle and Andrew Poelstra, contends Bulletproofs will slash the size of confidential transactions to under even that of a normal transaction.

In the announcement email, Maxwell said:

“This cuts the bloat factor down to about 3x for today’s traffic patterns.”

However, Maxwell went on to note that even though the confidential transactions idea is making progress, there are still issues to iron out. For one, the time it takes to verify a confidential transaction is still a “bottleneck” developers are continuing to chip away at.

And while the researchers can’t yet hint when the code might go live, the strength of the team hints at the growing awareness that some public blockchains are lacking in privacy.

For example, privacy emerged as a hot topic during ethereum’s annual developer conference Devcon3 this year, with the protocol looking to integrate zk-snarks, the tech behind anonymous cryptocurrency zcash. The example also serves to highlight the different approaches to the issue being taken across communities.

Bulletproof vest via Shutterstock

The leader in blockchain news, CoinDesk is an independent media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. Have breaking news or a story tip to send to our journalists? Contact us at news@coindesk.com.