 This is joint work with, like, Tile Lab South Africa, and they did it from Brooklyn. So, today we're going to be examining two different implementations of the Mumbuwa Wall, along the floor. And so, we called it a tail of two columns because the Mumbuwa Wall is like a tunnel to a certain inherent cloud of universe. So, the goal here is to describe why privacy matters, again, as you guys already know. How we should examine and explore privacy in blockchain. We'll do a high level intro to the Mumbuwa Wall, talk about how the blockchain's options work, the privacy guarantees, the privacy guarantees it doesn't provide, then we'll compare grid and beam, or two separate implementations of the Mumbuwa Wall that roughly came alive in January 2018, so they're going to go over a while, and then we'll talk about the importance of the implementation. Even though both the same protocol at its core makes a big difference in privacy guarantees and implementation. So, why does privacy matter? The number one reason for me is really fungible of your coins. Let's say we have, if you look at Bitcoin, new coins, virgin coins, are perceived as more valuable than coins that have traveled around. If you have coins from, let's say, a dark market, you're using that coin, let's say, in exchange of your wallet, difficult. So people are afraid of what you've done with the coin and passed it where you've got it from, through either those gains or conventional gains. Like, therefore, when coins are private, they're all fungible. Each coin is equal to each other, they're indistinguishable. So the longer you have coins either trading at a discount, which are negative, or trading at a premium, if you're positive. A really fun reference in US history, when we do an exploratory of coins during the Free Banking Era. So the Free Banking Era was roughly from the 1830s to the end of the Civil War. And this is when every single state could issue their own US dollars. So let's say we're in New York City and someone sends me a bill from Delaware. Okay, Delaware is kind of conspired. I've heard this bank before. What kind of discount should I apply to this bank? Should I pay it 90 cents a dollar? What if I had a bank in Utah and we're really far away, okay, I've never heard this bank before, but it looks sort of real? Should I give it 50 cents a dollar or 60 cents a dollar? I just don't know. So that's my period, it's really fun. You'd have something very similar to, I guess, like a chain analysis or whatever. You'd have to look at the bank report. This is a book you get every month that's saying, this bank, you should get like 90 cents or a dollar for this bank or 80 cents for the dollar for this bank. And this necessarily wasn't great for business because every single time you want to transact someone who is far away or okay, like how valuable is their credit that they're giving me? And there's all this like idioms and crack risks that you do not want to take on as a merchant. And this also creates a huge cottage industry of analysis campaigns which, on some perspective, like they'd be good. Like, if Bitcoin was private, I probably wouldn't have a chain analysis. So hard to say. Another reason why I'm practicing this a lot is because you can judge with it free. Like, if you can do whatever you want to do with your money, it allows for experimentation. But if everyone is just tracking every single transaction you make, you're a lot more careful than you do with how you spend your money. So let's say if you want to donate to some political cause, you do so. If people could track this, this may have ramifications in your, your life, your work life. And so it really prevents experimentation. And second, your wealth, or perhaps lack of wealth, is determined by everyone else. So they could just go to a wall chain, like, hey, you have this number amount of coins, your wallet, like maybe it's a target, or maybe this person should avoid. Like, being able to determine some of the wealth is like not great, and it creates a lot of personal safety issues for an individual. And then perhaps even better, and really well-adventured today, is that you no longer have, like, data mining and personal data. And with it, like, then, the, like, hey, we each have a ATM. Like, all these platforms log every single, like, transaction that you make in, like, the explicit business model is to understand, like, how you spend your money to give you better ads. And maybe if you want better ads using these platforms are ideal. But if you want to have privacy in what you're doing, we should, this is what we have, like, a lot of different types of coins. And somebody with more nuance is truly censorship-resistant transactions. So even people call Bitcoin censorship-resistant, and they call, like, any type of currency censorship-resistant, both all miners include against you. They're like, okay, you know, this transaction is coming from address A, so we're not going to cost any transaction. We know that, you know, this person is sending money to, like, a person B, and then this person B is on this watch list, and they're just going to ignore this transaction. And the process isn't really matters. It's really easy for people to be minors in the network, especially if the assets are really low, but given that, like, the responsibility of having assets, it's very conceivable from the average individual to become a miner to get to ensure that the transaction is included. So if you have a price of coin, you're not able to, like, apply who's a senator or who's a recipient. You cannot have the ball of miners being censorship-transactions. So actually, like, in EOS, you have this, like, black list that all the states just follow, and so, like, they will have accounts for a lot of people who always have money and lots of random, like, block producers are accidentally included, so, guess, like, which has happened, and then that block producer here, like, lost all their state because the assets included actually weren't supposed to be included. Like, this is something you can't have in the network. We can all consider a commission to have some nice nation-resistant. So this is kind of a rough, like, EOS to be, like, pulled together or something. It's like, how do we think about privacy, which is important for when we analyze a little level of different movement, a little bit of limitations, so you want to look at, like, transaction data. Like, is it changing, is that immutable? What about, like, provable, like, state? So if our adversary is spying and watching, and our history are always spying and watching, like, T, having a provable state is what we're fine. Is transaction construction private? What's supposed to be more immutable? Is it being very unique to transaction format? What are transaction accounts? Like, are you able to infer how many transactions occur in front of a wall? This is important for some kind of use cases. And then, like, transaction existence. Then something that's, like, you know, a great deal is privacy on the network level, such as, like, transaction propagation, but perhaps even more importantly, block propagation, can mine areas or stakers be private? Like, so does a network maintainer, like, what is your privacy? And then, what about the wallet? Like, just because your privacy is anonymous, if your wallet's anonymous, kind of takes a purpose. And then, like, what if one thing's immutable, like, is privacy optional, or is it default for every lock, or if it's off? And so here's the kind of, like, what is immutable, what is the unique, novel, drop-down IRC in the back of 2016? So unlike traditional blockchains, there's no concept of addresses, so we'll expose more detail. It's private and it's not the recipient, the standard amount of private, but not the fee, so we'll go to that a little later. And it's a compact blockchain. You use some called cut-through, which is very similar to conceptually coin joiner that occur over time, and helps reduce the blockchain state. Which is helpful for privacy-intercepting conditions. So here's the fun fact. So back in August 2016, there was, like, an anonymous French wall of work. His name was, like, Tom, just a donor. He dropped an original paper. It's a research IRC channel, and the papers were so important in services. Kind of just, like, put that out there. Normally, there's what it is. Kind of reminds us of, like, the Bitcoin data, the Bitcoin data, which is spying out on this person, which is kind of nice. That's not who your readers are. And October, and the cholesterol, is a blockchain, like, into the paper. You get some, like, security updates, typography out, but also, like, a small bug fix. And then, like, in November, it's in the air. It's kind of called, I know it's ignocious. We've actually, like, in Harry Potter, the original owner of the visible cloak, he starts to grin. So the first location, and then we'll, you put this on and get it out. So let's explore, like, here we're going to, instead of talking about the cryptography or the cryptographic interactions, so if we think about a normal, like, Bitcoin or narrow, nearly every other cryptocurrency transaction out there, we know some of the address. We, like, sign a local message and submit it now. Like, we do not need to interact with, like, Bob, like, some other good part. However, an enumerable is very different. So Alice first constructs a transaction and sends it to Bob. So Bob receives this transaction, like counters it and sends it back. Then Alice has to finalize this transaction, so the third step before submitting it to him. So there are some issues here if you can try to get it to work slower. So the first one is, like, it's a free option for the senator. So Alice can issue a set of transactions of Bob, get him as a fact and be like, actually, maybe you don't need to send him this money and just, like, toss it out. Bob's just waiting there for the money to come out of the con. So the senator doesn't have to be counter-sanitary, but you get the free option. Something more fine, maybe you can consider, each or the senator can actually create some of the messages for all of the individuals and whoever, like, signs fast with the money. So there's some, like, recent issue, but I can see this to be very fine if you want to do, like, an airdrop. Here's a transaction. It's first for the panel, wins it. And it's something you can really be able to get the other part of all. So, like, that could be a really interesting feature. They're having an interoperative department. So here, for Alice and Bob to be online as some period of time and time to communicate, this actually gets worse with multi-party competitions. Sorry, multi-party transactions. We're doing, like, Alice, Alice, Bob, and Carol. Then, like, all three participants need to be online. The receiver also lets counter-sanitize the block height. So there's some, like, time involved. So, like, the counter is off-life a little bit of time, but the problem's on their lives. And even worse, there's, like, a man in the middle of time. So, Alice's quick investment says it's a block, but if someone intercepts it, they're able to counter-sanitize and insert the O, like, spend key and claim the money. And Alice has no idea whether Bob has received the money or not. All Alice knows, like, I sent in money and the transaction got, you know, approved by Alice. And Bob's, like, head-on time. So therefore, like, these messages must be encrypted. And this is very first message in the species of all. And then the Wimbledon as a protocol itself does not, like, provide any, like, suggestions or solutions on how to actually encrypt this message. And we'll explore how, like, granted the Wimbledon is granted a beam of cannabis issue or feature depending on how you look at it. Let's talk about some of the private constraints here. First, I have to deal with addresses that makes it hard to, like, transact. Actually, I don't know how to list. So let's have a cut through really quickly. A cut through to reduce outputs from the transaction pool that's already been spent. For example, let's say you have, like, input multiple gathers, like, with less outputs. So the benefit here is that if you have small blocks, it also improves privacy if your adversary is just looking at a blockchain from, like, a certain time. However, because you have, like, archival nodes, like, maybe, like, this is a really high price that much and the cut through is more beneficial so it's just thinking of the blockchain faster because it needs sort of a stake. The downside of a cut through is that the criminal access still exists. So you know how many transactions occur. Just not going to be able to link this together as well. And so let's talk about privacy limitations. You know, nothing is perfect and we try to be as high as possible. But the number of inputs and outputs are revealed on a purple basis. So this generally doesn't matter, so you have, like, 100 transactions because your apps have, like, hundreds or 200 or 300 inputs and outputs you can really link them together. However, let's say there's only one transaction, a block, you're like, okay, you have, like, three inputs and two outputs. Like, of course, you'll link it to one of those transactions which is potential. And so the grid right now has very, very much transaction throughput. So, like, linking, like, there's an output and this is trivial on the grid. Beam has a lot more transactions and also just because we're just, like, faking transactions, because you include that somewhere in the paper, you want to add decoys. But this linkage, like, is an issue. You can also do, like, take a coin, you can send someone a particular output and see what you're using down the line. Number of transactions are revealed via the kernel account. So if the number of transactions were revealed, then the linkage inputs and outputs would be more difficult. However, because, like, transactions cannot be revealed as problematic. The fees in individual transactions are also revealed on a per-transaction basis. So right now, it's not an issue because blocks are not full, people are just using default fee. But, you know, blocks are full, different clients may have different limitations for fee estimation. So you can kind of work out, okay, this person used wallet A or wallet B because they're all going to produce this type of fee. And then you can also tell, like, if transactions are being more urgent than others to someone with, like, a manual, really high fee, you're like, okay, I wonder who this is. So these are some limitations that you need to be aware of and transacted. So if you want a first city blocks are full, you're the first to aren't really too much of an issue, then just make sure you use a wallet that's very standard or that there's a standardizing fee selection process so you don't get isolated. So these are the two different types of movables. We have, like, grin, which is a beautiful face, and your being, which is just like a laser. So these both watch really closely to each other. Grin actually was developing first, then Beam came along and said they were there. Grin is like a anonymous team of roughly four individuals. Beam, sorry, Grin is roughly anonymous in four individuals, and then Beam is a whole team out of Israel. The block types are from the same, the proof of work. Slowly different algorithms, but they're open to be the basic resistance for now. And one could be Susan Ross on the C++, like Grin differences. So actually this is not a big difference. They both implement, we'll go to what they have in common more, like when they implement the DNA plus plus, there's like some slight differences with it, like Grin is transactional aggregation, you have the stem phase, you've got slowly more in it. And then there's dummy transactions, which is actually probably why if you go to Beam's Explorer, they have a lot more transaction counts or transactions because it's a lot of dummy ones. And yeah, it's interesting because Beam will have like a hundred transactions per block, so I wonder how much of that is actually the real transactions, compared to the real transactions. So I have some like the new features of Grin, and like some of my classic, new proof of work. They, actually they've been both part of those plans of the ASUS in two years. This is relatively unrelated to like privacy at all. So let's get this. Beam's new features, I find this a bit more interesting, they have concepts of like an audible wallet. So you imagine like an area of transactional view key, so audible wallet is effectively in view, you can see at a view key, for Beam. However, this must be enabled by the end user. So if you don't enable audible wallet, no one will be able to infer that because the transaction is not. Beam also needs a future to reduce the number of kernel transactions, which is a chance thing. And then Beam's approach for setting this securely is maybe called secure bulletin board system, which is exactly what sounds like a secure bulletin board that everyone is doing, which is kind of a lot. So there's like a shared message board, people just put encrypted messages on it, and people will try to decrypt these messages, which in my view seems really efficient, but if it's all over the place, they never can access some more than a message of copy. So it's sort of a work-stish. And then there's like some like, and this latest difference is that we probably should explore because it's a lot of fact, not necessarily privacy, and I think over time you realize that it's more than just the privacy parameters of protocol moments, then it really determines its success, like you need to understand like, what is like monitoring, what is like the governance, what is the community, like what is the mining environment like, what is the technical nuance, is like a little direction that keeps going. Like for example, Grin's really weird, where Grin not raised external funding, they just took the initiative, or it's like he raises like a capital or an internal investors. So Grin's like, okay, we have a middle mining, and investors are like, if you can really get exposure to Grin, we can take the money, so what can we do? We can't get money, we can't get anything from that. So instead of putting the vests in mining pools, specifically for Grin, take a bunch of investors who's like dump the money into SBB mining quick, such as private vehicles for mining, and which is how they got exposure to it, and it's like, okay, it's kind of a really roundabout way to get, you know, like a point of need to use more efficient from raising like a capital, and how does people get a proportion of the funds to a little like Zcash. So these are just like political differences in life. And then with the protocols kind of made, and when I think of Grin or SBB, my kind of getting the narrow to Zcash, raising the narrow, took down some money, it was like Zcash sold a portion of the funds that were, which could be called mine, who knows. And then the supply side, that Grin is a symbol of a narrow, we're like linear, infinitive, infinitive organization, but Grin actually has a very high acquisition at the beginning, so it goes off and approaches zero as time goes on. Being has a fixed supply, whether this matters to the truck and the log, or who knows. But there's just some like high-day washable differences. Like you also have an adding, and some people will leave having a very unstable for prices near a half a period of Grin as a minus, maybe Grin as more stable, like who knows, or who doesn't really know. They also use like different databases for the transactions. Grin actually used RocksDB, but then they realized that MDV was better, it was awesome, we get some binary uses. VV uses like SQLite, but probably doesn't really matter, because this database is very similar, and probably doesn't affect the protocol that much. Like the mempool representation of data, it's like okay, they're both different ways of doing it, but probably doesn't make much of a difference. That's just just a privacy. So question is like, which protocols to see, like the both, the same mempool protocol, they all have very, the baseline of the privacy guarantees, but because they have different volunteer policies, like in practice the mining pools are very different, and maybe it's like technical nuances, like okay, like which one will be more like successful, in which one will win in all terms. Like we don't really know if you can gas, prepare, or take cash in there, and work out what's in there, but who knows. And I like to put a sheet that's five. If you want to learn more about this protocol, that research you did, go to tl.com, this is Tarnel University, it's our research sheet that's all this up. So if you have any questions, like feel free to ask. Yes? One more time. Oh, oh, so how does Allison end up by ball? This is great. So in order to find your protocol part of your transaction, you actually need to add there. So in being, you'll be like okay, this is my private public key care, and you send it to, like okay, this is my public key, encrypt the message, encrypt it. So I can encrypt your message to my public key. Grin doesn't really have the same way of doing it. Maybe this is okay, if we're going to transact it to a real secure messenger, like okay, this is my public key, like just encrypt it to this, like send the information to this channel. Well, let's say how like, you know, all the issues where we can have leakage, or like cement, and we'll talk. So this is problematic, especially given that Grin doesn't have a standard way of doing it. That is not an area of expertise, but I can thank you for your support.