Development update Sep 23 2016

quantum
ct

#1

Research on confidential transactions (CTs) is being continued. As we think the theory behind it is solid enough for implementation, we start to think about the detailed plan.

Confidential transactions have been implemented in the Elements Alpha project [1], which is intended to work as a sidechain of Bitcoin eventually. While I personally feel sidechains are very useful, CT is much more convenient to use when it is integrated into the Litecoin main chain. And because we now have reference code done by the Elements Alpha project, implementing CT on Litecoin probably becomes much easier.

According to [2], we will need SegWit to implement CT as a softfork. This should not be too far away because we are planing to release a new Litecoin Core with SegWit soon.

Confidential transactions will increase the size of the Litecoin blockchain, but there is no need to worry much about it. Although each confidential transaction has a nearly 1.8 KB proof (the total transaction size is a little bigger than that), which is quite a few times bigger than a normal transaction, since it can be put into the witness part by modifying the current SegWit slightly [2], the actual number of transactions of each block will not decrease much. Of course, more disk space will be needed to hold the whole blockchain, but that should not be a big problem given the cheap hard drives. Also, more transaction fee may be charged for a CT.

When we were researching CT and checking its cryptography method, we saw elliptic curve is being used, which is not quantum resistant. This may not be a problem in the near future, but given the fast pace in the quantum computing field [3], we may have to plan ahead. Upgrading CT to a quantum resistant version, i.e., quantum resistant confidential transaction or QRCT named by @coblee, is possible by replacing the elliptic curve based method with quantum resistant ones like lattice based methods.

Further on, we realised that Litecoin itself is also not quantum resistant, because spending coins requires putting the public key in the transaction, and a quantum node can discover the private key based on the public key and modify the transaction’s destination address. But this can be fixed without much effort [4].

The ideas about quantum resistance above are obviously still in a very early stage. However, given that all the upgrades can be implemented as soft forks, we see no reason that they are something unrealistic. Actually, we see very good hope that Litecoin could take the initiative and lead the whole blockchain community into considering this for the reason that Litecoin has a unified development team and a huge user base.

We need more developers. Please contact us if you are interested.

[1] https://elementsproject.org/

[2] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-January/012194.html

[3] http://news.mit.edu/2016/quantum-computer-end-encryption-schemes-0303

[4] https://bitcoinmagazine.com/articles/bitcoin-is-not-quantum-safe-and-how-we-can-fix-1375242150