⭐ Merited by ETFbitcoin (2)
Because MimbleWimble doesn't support Bitcoin script, it supports far less functionality than Bitcoin and isn't a viable upgrade path for Bitcoin itself.
Having said this, it certainly makes sense that MW should be a sidechain, given that huge amounts of Bitcoin's use is for simple "move money from party X to party Y" transactions, which MW does support. I've been thinking that I might work on this if I can find some spare time. Aside from finding time and people, here is a short list of things I think need to be solved before this could be done:
This is really exciting stuff, but the paper that was deaddropped by the anonymous author unfortunately leaves a lot of work to get to an actual implementation.
Having said this, it certainly makes sense that MW should be a sidechain, given that huge amounts of Bitcoin's use is for simple "move money from party X to party Y" transactions, which MW does support. I've been thinking that I might work on this if I can find some spare time. Aside from finding time and people, here is a short list of things I think need to be solved before this could be done:
- Further review (though I'm increasingly comfortable with the idea). This means somebody needs to do a proper writeup (I might do this in the coming days); I will try to present this at Scaling Bitcoin in Milan to increase its exposure, assuming the real author doesn't appear and that my submission is accepted.
- Payment channel support. I think I have a way, but it involves unprunable blockchain data whenever a CLTV branch is taken, which is annoying. Should be possible to do better.
- Figuring out a bunch of fiddly stuff. Like, because input refs can be completely pruned, they should count for more blockspace than outputs, which can only be pruned when spent, which in turn should count for more blockspace than these excess "kG" values, which can never be pruned.
- Going through the engineering work to spec out the UX for payments; paying requires both sender and receiver to produce data. So should everything happen through a payment protocol? Can we finally get rid of user-visible "addresses"? How should payment channels/Lightning interact with this? Multisig requires interaction among all parties even to receive money, how should this work?
- I want to spend more time trying to shrink the unprunable data. This can be done interactively, so maybe there is some engineering/UX work that'd make that easy? It can also be done with pairing-based crypto, maybe we should evaluate that option?
This is really exciting stuff, but the paper that was deaddropped by the anonymous author unfortunately leaves a lot of work to get to an actual implementation.