An Introduction to Confidential Transactions

The importance of anonymity

Bitcoin’s current problems are usually cited as privacy, anonymity and finiteness. Although many hail this cryptocurrency as being a more decentralized and anonymous form of payment than electronic fiat or traditional cash, there are some limitations to this anonymity.

The blockchain of Bitcoin is known to be transparent, and transactions can be observed and tracked. This poses the greatest problem for those who wish to remain anonymous while retaining their cryptocurrency’s fungibility.

You will eventually need to give your Bitcoin address to someone else (either to exchange value with them or receive BTC yourself) if you want to participate in the Blockchain. You will lose your anonymity on the blockchain as soon as you share this address.

This person can look at your history on the blockchain. Worse, they could share your address publicly and link it to your name, further compromising your privacy. Most people refer to Bitcoin protocol as pseudonymous instead of fully anonymous.

The issue of fungibility must also be addressed before Bitcoin or any other cryptocurrency can become actual currency.

The fungibility of commodities is defined by economists as the ability of each unit to be interchangeable with any other. This is the same idea in cryptocurrency: No coin from a blockchain can be distinguished from another coin from that blockchain.

Not all Bitcoins are created equal. Some coins are “tainted” by their links to criminal activities. Recently, the American SEC linked two Bitcoin addresses with Iranian criminals. The Iranians ransomware schemes that affected over 200 people while stealing millions USD in BTC.

The agency has “blacklisted” these addresses and warned anyone found to be transacting on them that they will face legal action. Most merchants or individuals won’t transact at these addresses and will demand much higher payments from those who do.

This example shows how certain BTCs can sometimes be worth less (and not fungible) than other BTC. Bitcoin’s quest to be a widely used, censorship-resistant medium of exchange can suffer from a lack of fungibility. Bitcoin developer Greg Maxwell summarized the possible effects of insufficient financial anonymity on how we transact.

Insufficient privacy and security can affect both personal and commercial transactions. With inadequate protection, scammers and thieves can concentrate their efforts on high-value targets. Competitors can also learn about business information, while negotiating positions are undermined. Lack of privacy may chill freedom of speech, since publishing is often a costly endeavor. A lack of privacy could also lead to a reduction in the fungibility, where some coins would be more accepted than others. This can further reduce Bitcoin’s usefulness as money .”

Over the years there have been numerous attempts to resolve these problems. Although everyone knew that there was a problem, it was not possible to come up with a convenient solution that was also economical.

Anonymity/fungibility-enabling projects were around but suffered from issues with blockchain scalability; an anonymous transaction contains much more data than a traditional transparent one and the process of adding it to the blockchain is therefore much more resource-demanding.

While many attempts to introduce privacy into Bitcoin have failed, the people behind Confidential Transactions may be on to something.

Confidential transactions

Confidential transactions

Adam Back, Gregory Maxwell and other Bitcoin developers have developed the Confidential Transaction (CT). Back suggested that Bitcoin, and other systems like it, could use homomorphic additive commitments in lieu of explicit values to improve privacy.

Homomorphic Encryption allows users to hide amounts in a transaction, so only sender/receiver knows how much money was sent. This technology prevents outsiders from knowing sensitive information.

The Sender uses Pedersen commitments to encrypt the amount of bitcoins that he wishes to send. These elements are created by the combination of the private and public keys between the parties. Blinding factors are shared by the parties involved in the transaction and nobody else has access.

This blinding factor may be used to later prove the ownership of values sent. This factor can be used to encrypt inputs/outputs as well as the public/private key of transactors.

This technology allows full nodes to subtract encrypted amounts from both the sender and receiver of a transaction. This allows said nodes/network verifiers to confirm that a homomorphically-encrypted transaction is real and no Bitcoin was created out of thin air.

For more information on CT, you can also read This summary by Medium user ecurrencyholder. If you want to do a thorough investigation of the subject, Adam Gibson has written a GitHub Post.


Confidential transactions initially had some serious drawbacks. A single transaction was initially 16x-60x of the normal Bitcoin transaction size.

It is a problem, because larger transactions force the sender of the transaction to pay higher blockchain fees. They also require network nodes to waste resources in order to store these large transactions. Bitcoin’s blockchain was not able to utilize this technology effectively. Pedersen commitments are seen as another potential vulnerability at the dawn of quantum computing. It is believed that quantum computers will be able to break them and allow the person operating the quantum computer to print coins with no restrictions.

Since then, significant technological advances have been achieved both due to the work done by Gregory Maxwell/Adam Back as well as bulletproofs. The improvements made to the CT transaction size have reduced it to approximately three times that of traditional transactions. The strain on the blockchain as a result of this shrinkage has significantly decreased.

Many cryptocurrency projects have taken note and are actively considering adding private transactions to their blockchains. Charlie Lee, Litecoin’s CEO will implement CT by 2019, while a privacy-focused startup Particl has been running the technology for over a year.

Mimblewimble, another privacy-focused tech is available. 

Bitcoin developers are more conservative with this technology. If the quantum computing issue is not resolved now, it could be a problem in future. The integration of Bulletproofs and technologies such as CoinJoin, CoinShuffle ZeroLink as well as other technology is also being investigated.

If and when the technology is finally implemented, it will be through a soft fork supported by consensus. It is clear that the potential exists, since confidential transactions may one day become a very powerful tool for increasing privacy on the public Bitcoin Blockchain. Bitcoin would be a big step closer to its goal of being the decentralized currency of the future if this were to happen.

We will be happy to hear your thoughts

Leave a reply