Confidential Transactions:  How To Hide Value On-Chain?

    One of the main characteristics of the blockchain is its all-over transparency. With a couple of clicks, you can see who is paying who and with how much money. Of course, the blockchain offers the “pseudo-anonymity” perk – the use of public addresses instead of in-real-life names. So you can only know the addresses but not the actual individuals behind those addresses. However, this isn’t as “private” as it may seem. With rising technology and enough effort, you can figure out who the person behind the address is. This is why Bitcoin developer, Gregory Maxwell, suggested confidential transactions to reinforce on-chain security.

    What Is A Blockchain Transaction?

    A blockchain transaction refers to the transfer of data, often cryptocurrency, from one party to another. The blockchain itself is a decentralized ledger distributed among a network of peer-to-peer computers or nodes. 

    These nodes must validate the legitimacy of transactions for the latter to go through. For example, if Alice were to send Bob 2 BTC, Bob won’t be able to use them unless miners approve the transaction. 

    They have to make sure that Alice has enough to send Bob 2 BTC, and that Alice isn’t not double spending the same cryptocurrency. 

    Public Verifiability

    Miners, however, are not the only ones who can access the details about the transaction Alice sent. The blockchain is public which means everything is accessible to… the public. This is the blockchain’s public verifiability characteristic. 

    Not only can Bob check what Alice sent him, but he can also check what Alice sent everyone else. As well as what everyone sent to anyone. And, it’s super easy. If you wanted to check what someone has sent and received, all you have to do is simply go on Etherscan, paste the person’s wallet address and you will get all the details. 

    Moreover, You can also view the latest transactions. And for each transaction, you can see all the details like: 

    • Transaction hash
    • Status
    • Block number
    • Timestamp 
    • Both the sender’s and the receiver’s addresses
    • Amount transferred
    • Transaction fee
    • Gas price 

    Etherscan transaction

    This is the case for standard transactions.

    What Are Confidential Transactions?

    However, in confidential transactions, some information, mainly the transaction’s value, is kept hidden. You can see the sender’s and the receiver’s addresses but you cannot access the amount transferred. 

    For example, if Alice were to send Bob 2 BTC, no one besides Alice and Bob can know the transaction value. All they can know is that Alice sent Bob a certain amount of crypto without knowing the amount itself. 

    Standard vs Confidential Transactions

    How Are Transactions Made Confidential?

    So how can Alice keep the transaction’s value undisclosed? It is done through cryptographic commitments and homomorphic encryption. Homomorphic encryption allows you to process the data without decrypting it. 

    And, in cryptographic commitments, the value itself is replaced by a “commitment” which has the role to conceal the initial value. Let’s say the transaction value is 2 BTC. In order to hide the value, the commitment is calculated using the following formula:

    Confidential Transactions' Commitments

    This is known as the Pedersen commitment. g is the result of the multiplication of 2 very large prime numbers, h is calculated from g, and r is a random value. The concept here is that we’re taking the value and we’re concealing it by using another random value. 

    However, once Alice commits to the new value, she can no longer change the initial value (v). For example, if she commits to the commitment of 2 BTC, she can’t change the transaction from 2 BTC to 3 BTC

    How Can Miners Validate Confidential Transactions?

    Validating the transaction refers to the process of verifying the amount of money that came in equals the amount of money that came out. 

    ZK Protocol

    But if only Alice and Bob can know the transaction value, how can miners validate the transaction and add it to the blockchain?

    They do this using the zero-knowledge (ZK) proof protocol. ZK protocol allows miners to verify confidential transactions without revealing any details. In the case of confidential transactions, to validate the transaction, miners have to:

    1. Ensure the input value = output value. So, the sum of the commitments’ input equals the sum of the commitments’ outputs.
    2. Verify that all commitments are positive. 

    Zero Knowledge Protocol

    The zero-knowledge protocol has three main characteristics:

    1. Completeness: If the input is valid, the protocol will return with “true”.
    2. Soundness: If the input is invalid, it’s theoretically impossible for the rpotocol to return with “true”. 
    3. Zero-knowledge: The value is not disclosed at any time. 

    In order to achieve those, the ZK protocol is composed of three elements:

    1. Witness: The secret or undisclosed information. 
    2. Challenge: The verifier (person who sent the information) randomly picks another question from the set and asks the prover to answer it. 
    3. Response: The prover accepts the question, calculates the answer, and returns it to the verifier. 

    The prover’s response can only be correct if he knows the witness. And to make sure the prover isn’t just guessing, the certifier asks him more questions. The prover has to get the correct answer every time until the verifier is satisfied. 

    Are Confidential Transactions Actually A Thing?

    Confidential transactions seem to be the perfect answer to those wishing for heightened on-chain security. But are they in practice or just theoretically possible? There are blockchains like Monero and Zcash that allow confidential transactions. In fact, these not only hide the value of the transaction but also the payee and payer. 

    The downside of these transactions are much larger than standard ones and take up more space within the block. This poses a big question mark on the possibility of widely adopting this confidentiality, especially on an already struggling blockchain. 


    Please enter your comment!
    Please enter your name here

    Stay in the Loop

    Stay in the loop with blockchain Witcher and get the lastest updates!


    Latest stories

    You might also like...