Sending Cryptocurrencies Confidentially: Ring Signature, Homomorphic Commitment, and Zero-Knowledge Range Proofs ▸
Future Work: Smart Contracts, Confidential Assets, Confidential IP, and more ▾
Incognito is a work in progress. Further research and development will be carried out by the Core Development Team and the Incognito community.
Incognito Mode for Smart Contracts
Right now, thousands of developers all over the world are programming smart contracts to build decentralized applications (commonly known as “dapps”). Arguably, privacy concerns play a part in discouraging adoption beyond the crypto niche, as traditional investors hesitate to expose how much they trade on a trading dapp like Uniswap, or how often they invest & borrow on a lending dapp like Compound.
What is needed is the incognito mode for smart contracts. There are some teams actively working on privacy for smart contracts, such as Oasis and RenVM [Cheng et al., 2019; Ren, 2019]. We believe there is a different approach.
We’re exploring a way to simply unshield the input when making a smart contract function call, then shield the output (or “returned value”) from it. The smart contract runs as-is on Ethereum.
This avoids the need to build a new EVM from scratch. We reuse the existing Ethereum EVM and thousands of existing Ethereum dapps and focus on solving the privacy problem for dapp users. Developers can build dapps as usual on Ethereum, and also offer their users the choice of accessing these dapps in incognito mode.
Figure 1. Incognito mode for smart contracts
Highway: Scale Incognito to 16,384 Validators
Despite its many benefits, pBFT consensus algorithms suffer from expensive communication costs. As the number of validators grows, Incognito needs a better way to broadcast messages.
We’re working on a new network topology – Highway – to scale Incognito to 16,384 validators (64 shards x 256 validators per shard). Highway nodes are specialized nodes responsible for receiving and forwarding messages inside the Incognito network. Highway is designed to solve two problems:
- Highway nodes act as an efficient channel for messages to be sent with minimal latency.
- For Incognito validators with home setups, NAT and firewalls could prevent them from connecting to the Incognito network. Highway nodes are configured with public IP addresses and stable network connections to help forward messages among validators behind NAT and firewalls.
Note that Highway nodes cannot forge or corrupt the message content in any way, because every message on the network is cryptographically signed. Highway’s only job is to make sure messages reach their destination as soon as possible.
Figure 2. Highway network topology
Confidential Assets: Unknown Asset Types
Incognito already implements ring signatures, stealth addresses, and confidential transactions to shield senders, receivers, and transacted amounts. Unlike Zcash and Monero, Incognito faces a unique problem as a platform for privacy coins: there are multiple privacy coins on Incognito. We’re working on adding Confidential Assets to Incognito by also shielding asset types.
Figure 3. Shielded asset types
All senders and receivers are shielded, as are the transacted amounts. Soon, asset types will also be shielded. Currently, however, IP addresses are exposed when transactions are initiated. While IP addresses are not stored on Incognito public ledger, it does leave a user open to network monitoring and analysis. This is a hard attack vector to pull off, but work is in progress to hide IP addresses and further improve the privacy of the Incognito network [Bojja Venkatakrishnan et al., 2017; Kovri, 2018].