This is the second part of our December cover story. Click here for part 1.
Where 2017â€™s dizzying price highs embedded â€œhodlâ€� into the public consciousness, 2018 was the year that â€œbuidl” became a trend in the crypto-industry â€” and Bitcoin was no exception.
Anticipated in Bitcoin Magazineâ€™s first cover story of the year, Bitcoinâ€™s technological progress only accelerated in 2018. Improving Bitcoin from around the world, developers and entrepreneurs furthered Segregated Witness adoption, rolled out the Lightning Network, released privacy solutions, realized sidechains and made progress on a Schnorr signature solution â€” all of which were still around the corner only a year ago.
Following up on Januaryâ€™s cover story, 2018â€™s closing two-parter cover story explores how these five technologies progressed.
In part two: privacy, sidechains and Schnorr signatures.
Two of the most promising privacy solutions that were proposed over the past few years â€” TumbleBit and ZeroLink â€” were both on the verge of release at the start of this year.
The first is TumbleBit, a coin-mixing protocol first proposed in 2016 by an academic research team led by Boston Universityâ€™s Ethan Heilman. TumbleBit uses a (centralized) mixer to create off-chain payment channels between several participants in a mixing session. Everyone ends up with each othersâ€™ coins, breaking the transaction trail for all. Importantly, clever cryptographic tricks ensure that even the tumbler canâ€™t establish a link between the users and their transactions.
Excited by this potential, Bitcoin developer Nicolas Dorier and privacy-focused Bitcoin developer Ã�dÃ¡m FicsÃ³r (as well as several others) went a long way toward implementing the solution in the two years after it was first proposed. In early 2017, Stratis, the company behind the Stratis platform and token, even hired FicsÃ³r to implement the technology in its Breeze wallet, which also supports bitcoin.
However, back in July 2017, FicsÃ³r had come to doubt the real-world potential of TumbleBit. The solution needs a relatively large number of on-chain transactions for each mixing session, potentially making it cumbersome and expensive to use.
â€œI did not and I do not think anyone else ever thought through TumbleBitâ€™s Classic Tumblerâ€™s economics as I did now, in a high Bitcoin fee environment where we are inevitably going towards,â€� FicsÃ³r wrote in a Medium blog post at the time. â€œTo be completely honest, after I wrote all these down I became pretty disillusioned.â€�
FicsÃ³r and Stratis did complete the project. After years of high anticipation, TumbleBit was finally released in the Breeze Wallet in August of this year. But by then most of the enthusiasm around the project seemed to have waned. Breezeâ€™s TumbleBit stayed off the radar of many, and because of that, usage statistics are presumably low.
Instead, much of the effort to realize a more private Bitcoin shifted to the other major privacy solution: ZeroLink. Based on â€œChaumian CoinJoin,â€� first proposed by Bitcoin Core contributor Gregory Maxwell in 2013, ZeroLink is a privacy framework first announced in August 2017 by the same Ã�dÃ¡m FicsÃ³r.
ZeroLink allows several users to mix their coins in a big transactions that sends coins from all participants in a mixing session to all other participants. It has similar requirements (a central server) and benefits (breaks the trail of transaction) as TumbleBit, but FicsÃ³r believes the trade-offs are preferable, most notably because ZeroLink requires fewer on-chain transactions.
A rebrand of his initial â€œHidden Walletâ€� project, zkSNACKsâ€™ flagship product is the Wasabi Wallet, a desktop wallet with additional privacy features based on the ZeroLink framework. Besides Chaumian CoinJoin, this, for example, includes compact-client side block filtering: a privacy enhancing solution for light clients that donâ€™t download the entire Bitcoin blockchain.
The Wasabi Wallet was officially released on October 31 of this year, on the Bitcoin white paperâ€™s 10th birthday. While still far from mainstream, Wasabi Wallet has already become the go-to privacy option for many of those that care about privacy the most. According to GitHub statistics, the wallet was downloaded thousands of times in the first few months since its release. And, according to the Wasabi Walletâ€™s website, it has mixed almost two thousand coins already.
â€œHonestly, I’ve been astonished by the user growth and social media activity. If this keeps up we will finally be able to think about liquidity dependent privacy solutions, for example to allow direct sends through mixing,â€� FicsÃ³r told Bitcoin Magazine. â€œExciting times.â€�
The ZeroLink framework is being adopted as a standard by other wallets as well. The new (and so far relatively unknown) Bob Wallet announced in March that it is developing a ZeroLink implementation. In August, privacy-focused Samourai Wallet announced a mobile ZeroLink implementation called Whirlpool. And Stratisâ€™ Breeze Wallet initially showed interest as well.
On top of TumbleBit and ZeroLink, more privacy solutions were rolled out this year, and even more are in development. For a full overview of privacy technologies that were released in 2018 or currently in development, see Bitcoin Magazineâ€™s September cover story: Bitcoin as a Privacycoin: This Tech is Making Bitcoin More Private.
Stratis (the company behind the Breeze wallet) did not respond to a request for comment on this story.
A highly anticipated technology for several years now, sidechains are alternative blockchains with coins pegged to bitcoins. This allows users to effectively â€œmoveâ€� bitcoins across blockchains, allowing them to operate under different protocol rules, for example to enable faster confirmation times or to provide more privacy. In essence, sidechains would offer the technical benefits of altcoins while maintaining Bitcoinâ€™s 21 million coin limit.
While the blockchain development company has since expanded its mission, Blockstream was originally founded in 2014 around the concept of sidechains. Since 2016, it has maintained â€œElements,â€� an open-source sidechain project that showcases whatâ€™s possible with the technology. But Blockstreamâ€™s first, commercial sidechain project is Liquid, which was announced in 2015.
Liquid is designed to offer a payment rail between exchanges and other service providers, to let traders quickly and privately move funds around and take advantage of arbitrage opportunities. This minimizes spreads across exchanges and increases liquidity across the industry. Called a â€œfederated sidechain,â€� coins and transactions on the sidechain are secured by a selection of the exchanges and service providers: They are the gatekeepers that move funds from Bitcoinâ€™s blockchain to the sidechain and back.
In October of this year, Blockstream launched Liquid, with its bitcoin-pegged token L-BTC. One month later, it introduced nodes, wallets and a block explorer to the public. Liquid is secured by some of the best-known companies in the industry, including Bitfinex, BitMEX, Xapo, Unocoin, Bitso and dozens others. Italian bitcoin exchange The Rock Trading offered Liquid on- and off-ramps almost immediately after the sidechain launched, and in late November, Bitfinex CSO Paolo Ardoino also indicated Liquid support will be rolled out soon.
Judging by publicly available statistics, Liquid usage is still modest: Some 25 bitcoin are locked up at the time of writing this article, which required 75 transactions to do so. The sidechain processed about 3,400 transactions in total, which amounts to less than a dozen transactions per hour. But the long-awaited technology is live â€” and growing.
â€œItâ€™s a good start,â€� said Blockstream CSO Samson Mow. â€œWe only recently released the client, so itâ€™s about what I would expect. As we have more exchanges exposing integration to their end users, we should see a lot more traffic.â€�
Another federated Bitcoin sidechain is RSK, with the bitcoin-pegged token R-BTC. RSK is specifically designed to support Ethereum-style, Turing-complete smart contracts. Like Liquid, coins on RSK are secured by a group of established Bitcoin companies. But unlike Liquid, RSK is also merged-mined with Bitcoin, which means that bitcoin miners use their hash power to create blocks and confirm transactions.
â€œThis â€˜two chambersâ€™ idea results in strong security because no single group has too much power and each group has specific responsibility,â€� said Sergio Lerner, co-founder and chief scientist of RSK Labs, the company building and supporting RSKâ€™s reference implementation. â€œAnd like in Bitcoin itself, users of the platform ultimately control the destiny of the protocol.â€�
In January, the Genesis block was mined and RSK was officially launched. An early announcement suggests that companies in the federation include Bitstamp, Bitfinex, Bitpay, Xapo and BitGo â€” though RSK has not yet revealed which companies are part of todayâ€™s federation, exactly. (A joint public announcement will follow soon.) RSK has also attracted several of Bitcoinâ€™s biggest mining pools: BTC.com, AntPool, Slush Pool and F2pool are merge-mining the sidechain already, accounting for over 50 percent of Bitcoinâ€™s hash power. The R-BTC token is available on exchanges including Bitfinex and Huobi, and the RSK platform itself has been improved a lot as well, said Lerner: RSK performed nine releases throughout 2018 from version 0.4.0 to the current version 0.5.3.
Perhaps even more importantly, according to RSK Labs some 50 projects are by now working on the RSK sidechain that RSK Labs is keeping track of â€” though most of the projects are, of course, still in very early stages or still in development.
Some of the more notable RSK projects are developed by RSK Labs itself, as well as by RIF Labs, the company that acquired RSK Labs in November. These include a Lightning-like payment channel network called Lumino (which, while incompatible in design, could be bridged to Bitcoinâ€™s main Lightning Network). RIF Labs recently launched the RIF OS project, which is a range of open-source protocols and libraries that will initially run over RSK, which includes a payment network, peer-to-peer storage, name resolution and more.
â€œThe RSK community is expanding, mostly in Latin America and Asia,â€� Lerner told Bitcoin Magazine, â€œand weâ€™ve seen an acceleration in the past few months of companies launching solutions built on top of RSK. Further, in 2018 there were over a 100 RSK meetups and conferences around the world. RSK Labs also has an ambassador program to track the ecosystem growth: There are currently 200+ certified ambassadors and over a 1,000 in certification process.â€�
Finally, a test-version of a drivechain â€” a product by Tierion researcher Paul Sztorc (previously Bloq) â€” was released in September. The drivechain sidechain model is not federated but is entirely secured by Bitcoin miners. Leveraging their existing hash power (and combined with technical safeguards to limit risks), miners both act as gatekeepers of the sidechain and confirm transactions on it.
More of a concept than a specific sidechain design, Sztorc hopes that Bitcoinâ€™s future holds a diverse range of drivechains in order to copy many of the features now deployed on altcoins. A potential first drivechain would be a â€œbig blockâ€� sidechain for fast and cheap transactions, while Sztorcâ€™s personal interest has always been to deploy a prediction market sidechain.
Development-wise, the drivechain project made steady progress this year, Sztorc said.
â€œWe are on release 12, and 13 is almost finished and has many improvements. Many bugs are being fixed. We are working on making the software perfect for now.â€�
However, drivechains do require a soft-fork upgrade to Bitcoinâ€™s base protocol in order to be compatible. Such an upgrade was discussed on the Bitcoin development mailing list about a year ago, and an official Bitcoin Improvement Proposal (BIP301) was submitted by Sztorc in early 2018.
Sztorc, however, is doubtful that such a soft fork will be deployed by Bitcoin Core, historically the Bitcoin software application through which most soft forks have been activated.
“I’m pessimistic that I can persuade Core maintainers to merge it in,â€� he said, â€œand I am doubtful even that miners would activate it if it were merged, as miner-activated soft forks havenâ€™t happened in a few years, and not at all since SegWit â€” it used to happen every few months.”
While Sztorc would still prefer that the drivechain BIP be implemented by Bitcoin Core, he is keeping all options open for now. This includes soft-fork activation without help from Bitcoin Core or deployment of drivechains on Bitcoin Cash instead.
Ultimately, Sztorc may even launch a whole new forkcoin with drivechain functionality enabled.
â€œIt would then have the same general feel as a Monero or Bitcoin Cash,â€� he said. â€œSome different project.â€�
Schnorr Signature Proposal
The Schnorr signature scheme is considered by many cryptographers to be the best in the field. Its mathematical properties offer a strong level of correctness, it doesnâ€™t suffer from malleability, it is relatively fast to verify and, in the context of Bitcoin, it would enable nifty new features. Schnorr signatures have, therefore, been high on the wishlist of many within Bitcoinâ€™s technical community for some time now.
While Segregated Witness made Schnorr integration in Bitcoin easier, itâ€™s still a major undertaking â€” at the start of 2018, this was not realistically expected to be completed by the end of this year.
But good progress has been made.
In July, Blockstream and Bitcoin Core developer Pieter Wuille proposed an initial BIP on the Bitcoin Development mailing list, with input from other Bitcoin Core contributors including Johnson Lau, Greg Maxwell, Jonas Nick, Andrew Poelstra, Tim Ruffing, Rusty Russell and Anthony Towns.
But the Schnorr signature proposal itself was only the start, Wuille told Bitcoin Magazine. There will be several more BIPs to come as part of the â€œSchnorr project.â€�
â€œThe Schnorr BIP defines the signature algorithm itself,â€� Wuille explained. â€œThere will be another BIP for integrating it into Bitcoin. The next step is to work out all of the details; more BIPs arenâ€™t far off.â€�
Bitcoin Core developer for Xapo and contributor to Wuilleâ€™s Schnorr proposal Anthony Towns sent an email to the Bitcoin-development mailing list last week, detailing several of the additional changes that will be required to realize Schnorr on Bitcoin. These include new sighash flags, discussion of which had been ongoing on the same mailing list since November.
Of particular interest is that Wuille and the other Bitcoin Core contributors are now working on a proposal to implement Schnorr in combination with another big technical upgrade: Taproot.
Taproot was first proposed by Bitcoin Core contributor Gregor Maxwell in January of this year. Leveraging several Schnorr-based tricks, Taproot can realize a solution much like MAST: it would let users create a sort of data-efficient smart contract. But interestingly, under normal circumstances, these smart contracts would be indistinguishable from regular payments.
Practically speaking, Taproot would, for example, allow users to open and close Lightning Network channels, or make payments that require cooperation between multiple users, or make certain types of protocol-enforced bets without anyone besides the parties involved being able to notice that is whatâ€™s happening â€” a boon for privacy.
Still, the initial Schnorr implementation will probably be straightforward relative to what the signature algorithm could ultimately enable. While Schnorr is best known for its potential to benefit scalability by aggregating signatures, for example, Wuille said such features will only be added later.
â€œSignatures interact with many other parts of the protocol that need to be worked out, so it seems more reasonable to first integrate Schnorr and Taproot. That will offer a number of benefits already, like verifying most spends with a single signature, and without needing to disclose a script,â€� Wuille said. â€œOnce weâ€™ve implemented Schnorr in Bitcoin there is a good number of things wallets can do, including multisignatures and threshold signatures. The nice thing is that these features donâ€™t require their own consensus rules.â€�
Edit note: Pieter Wuilleâ€™s comments were translated from Dutch.
This article originally appeared on Bitcoin Magazine.
Bitcoinâ€™s Tech Trends of 2018: What This Year Brought Us (Part 2)