A privacy-based technology known as Mimble Wimble has been integrated into various privacy tokens since last January. The trouble is, it may not be as private as people originally thought.

Mimble Wimble Isn’t Doing Enough to Keep Your Identity a Secret

A new study shows that the first privacy coins to implement the technology are ones referred to as Grin and Beam, both of which are very new and are hardly being used at all at press time. This could be why the technology is so easily jeopardized. The study shows that an attack on Mimble Wimble could ultimately leave it in the dust, while other cryptocurrencies that focus on privacy – i.e. Zcash and Monero – are exposing similar vulnerabilities.

When someone uses a privacy coin, it’s because they have an identity to protect. They don’t want their information spread out all over the place for potential hackers or cyberthieves to get their hands on. However, it’s difficult to keep one’s privacy secure when there are so many flaws and entryways for malicious actors to get through.

Florian Tramer of Stanford University explains that these privacy coins came about due to the realization that bitcoin isn’t as secure as many people once thought. Several agencies, from the Federal Bureau of Investigation (FBI) to the Department of Homeland Security, are now spending millions of dollars each year to find out who might be engaged in crypto activity, whether it be legal or illicit. These privacy coins were established to help traders keep people from sticking their noses into their business, but there’s still a long way to go before the technology is perfected.

Mimble Wimble works by grouping up several transactions into a single bundle. This is designed to make it much harder for cryptocurrency hackers to gather data about single transactions. It’s good in the sense that the information is harder to parse and separate, but the attacker – granted he or she is technically capable – can easily set up a super node that allows them to examine the data from all the transactions in the basket. They can then use the node to separate the transactions respectively and view the identities of all the included parties.

The Technology Isn’t Where It Needs to Be

Tramer states:

This type of attack is fairly new, but I think people are starting to pay attention… The big question to address in this space is the expectations of privacy we have from different technologies… That’s the part people have put a lot of effort in, but when you look at the bigger picture, how these systems interact with each other, you realize that keeping things anonymous and private is much, much harder than just getting the cryptographic aspects right.

Tags: , ,

Leave a Reply

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy.