Ivan Bogatyy of Dragonfly Research says he was able to use as little as $60 per week on Amazon Web Services (AWS) to expose a critical vulnerability on the Mimblewimble (MW) privacy architecture. This flaw in the MW protocol may dent the network’s aspiration of being a viable alternative to other privacy-focused blockchains like ZCash and Monero.
Massive Mimblewimble Flaw Uncovered
In a Medium post published on Monday (November 18, 2019), Bogatty revealed that he was able to expose the participating addresses in 96% of Grin transactions on MW. According to Bogatyy, this exploit of the MW protocol only cost $60 per week on AWS — Amazon’s cloud computing platform.
I just published a new attack that breaks Mimblewimble's privacy model. This attack traces 96% of all sender and recipient addresses in real time. Here's a summary and what it means for the future of privacy coins:https://t.co/tsIDLyfpzp
— Ivan Bogatyy (@IvanBogatyy) November 18, 2019
An excerpt from Bogatyy’s post showing the severity of the problem and the ease with which attackers can exploit vulnerability reads:
In my attack, I was able to link 96% of all transactions while only connecting to 200 peers out of the total 3000 peers in Grin’s network. But if I wanted to spend a bit more money, I could easily connect to 3000 nodes to disaggregate almost all transactions.
By “disaggregate,” Bogatyy is referring to the process of preventing transactions from coupling together in MW’s CoinJoin which ensures anonymity.
While other privacy-focused cryptos use decoy UTXOs or shielded transactions, MW achieves anonymity by means of massive CoinJoins. Each CoinJoin is an amalgamation of multiple transactions in a single block to create the ‘anonymity set.’
Still A Viable Alternative to ZEC and XMR?
Bogatyy did remark that the vulnerability was known to the MW developers. However, his findings prove that it requires little capital outlay to exploit the weakness in MW’s privacy architecture.
For Bogatyy, the presence of and ease with which attackers can take advantage of the vulnerability also makes MW a poor alternative to the likes of Zcash (ZEC) and Monero (XMR). According to Bogatyy:
The problem is inherent to Mimblewimble, and I don’t believe there’s a way to fix it. This means Mimblewimble should no longer be considered a viable alternative to Zcash or Monero when it comes to privacy.
The presence of this vulnerability may also affect Litecoin’s proposed MW integration. Back in early 2019, the Litecoin Foundation announced that it was looking to incorporate extension blocks on Litecoin to ensure privacy and anonymity.
What do you think about the vulnerability exposed in the Mimblewimble privacy architecture? Let us know in the comments below.
Images via Twitter @IvanBogatyy.