Privacy Coins Deep Dive - Grin, Beam, Zcash and Monero
Updated: Apr 17, 2019
There is a common misunderstanding about the privacy features of cryptocurrencies such as Bitcoin and Ethereum. It is thought that these cryptocurrencies provide anonymity but in reality, every transaction happening on Bitcon and Ethereum Blockchain can easily be tracked and graphed by using block explorers.Privacy feature is one of the most important aspects of moneyness and it is expected that those cryptocurrencies which provides greater anonymity will be preferred over the others.
In this report, we will compare and contrast several privacy-heavy cryptocurrencies. Two of them are already operating for the couple of years (Zcash and Monero) and the others are launching their mainnets on January 2019. We will start with explaning the main features of Zcash and Monero and take a closer look at Beam and GRIN projects which are both employing a new technology called Mimble Wimble.
Monero vs Zcash Overview
In a private transaction, all three elements must be anonymous: The sender’s address, the amount being sentand the receiver’s address. Monero and Zcash approach this situation in very different ways. The goal is to create coins that are fungible, where units are interchangeable and worth exactly the same amount, in contrast to Bitcoin which is not fungible since each coin can be tracked.
Monero provides privacy by default, there is no opt-in or opt-out situation. This ensures that the entire network of transactions has its privacy aspects from the start. Monero leverages three technologies to ensure privacy; Ring Signatures, Stealth Addresses and Ring Confidential Transactions.
Zcash offers two different transaction types which result in four different potential transacting situations. The first are t-address transactions which are just as public as Bitcoin transactions, the other are z-address transactions where everything is hidden.
This dynamic offers much more flexibility, since parties can engage in fully encrypted transactions (z-address to z-address) or reveal one side of a transaction using a t-address such as to prove to an auditor or the government for tax reasons that one party controls some funds.
This discussion reveals a key difference between Monero and Zcash. Monero features privacy by default; as such, its entire network pack the privacy features inherent in its network. Zcash on the other hand only has 13% of its network currently using Z-addresses, so the sample pool is smaller and could be easier to trace.We note that Z-address use is on the rise. Over the past year, Z-address use has risen from 4.3% to 13.4%. Coinbase, a major retail wallet provider, just announced support for Zcash and the use of Z-addresses (t-addresses to withdraw funds) which will help increase this percentage. We believe Coinbase chose Zcash over Monero since Zcash offers the ability to reveal balances which can be used to verify funds for taxes and more.
To round out the comparison between Monero and Zcash, below we share our detailed metric comparison on Monero vs Zcash. The most interesting takeaways are:
Monero’s market cap is over 2x Zcash’s and it has been alive longer (4.6 vs 2.1 years).
Zcash’s hash rate is nearly 6x higher than Monero; a stronger mining network.
This is due to Zcash allowing ASIC mining, whereas Monero does not. This does result in mining centralization
Zcash’s total supply issued is only26% vs Monero at 74%, Zcash will feature very high initial inflation –discussed in a later paragraph,
Zcash’s average transaction fee over the past month is $0.00029, well below Monero’s at $0.014
Both have comparable developer activity despite Monero having a much larger market capitalization.
GRIN and Beam Projects
The main goal and characteristics of the Grin and the Beam projects are:
Privacy by default. This enables complete fungibility without precluding the ability to selectively disclose information as needed.Scales mostly with the number of users and minimally with the number of transactions (<100 byte `kernel), resulting in a large space saving compared to other blockchains.Strong and proven cryptography. MimbleWimble only relies on Elliptic Curve Cryptography which has been tried and tested for decades. Design simplicity that makes it easy to audit and maintain over time
Recently, two new projects (Grin and Beam) have surfaced which leverage a newer privacy protocol known as MimbleWimble (MW). MimbleWimble is a bitcoin-like, stripped down privacy protocol that contains inputs, outputs and excess value in its transactions instead of like in Bitcoin where old outputs sign new inputs.
In essence, two MW wallets would communicate with each other to exchange value instead of using addresses like in Bitcoin and MW blocks would contain all transactions so no one can tell which is which. Also, MW uses blinding factors (a user’s private key) which is a form of confidential transactions to hide the values of a transaction.
MimbleWimble also leverages cut throughs; if a transaction is spending the output from another transaction in the same block, the outputs from the spent transaction and the inputs from the sending transaction can be removed from the block. This significantly cuts down on blockchain bloat by continually trimming excess data in the blockchain, while also increasing privacy by effectively deleting old transaction data. Two newer privacy projects are leveraging MW; Grin an open-source project and Beam being championed by a company. This is similar to Monero vs Zcash where the former is an open source project and the latter is being built mostly be a centralized foundation.
Grin is preparing to launch their mainnet in January 2019 and Beam has already launched their mainnet. A key difference again comes down to inflation; Grin features a block reward forever that will eventually result in sub 1% inflation, while Beam has extremely high inflation initially and then lower permanent inflation thereafter; similar to Zcash. Beam also features the same founder’s reward that is inherit in Zcash. Grin does face a unique problem; if the lead developers are unable to continue to raise funds from the community, it could have problems coming to fruition, but this has not been an issue yet.
MimbleWimble isn’t a panacea, there are issues with the protocol. MW is so stripped down that it will be likely impossible to program or build on (like Bitcoin, in a way), and multi-party transactions will be difficult. Further, initially when MW transactions are published, there is a way for miners to farm this data and build a transaction graph from this unconfirmed transaction pool.
MW implementations are working on this issue; Grin is working on Dandelion implementations that has nodes aggregating transactions while still in the stem phase so when these transactions reach the miners, the miners see aggregated transactions instead of individual ones. If MW implementations don’t or can’t address this issue, it would be a negative for the success of any MW implementations.
Zcash and Monero have edges on MW implementations; Zcash encrypts data in shielded transactions before they ever leave a user’s wallet; addressing the MW issues we just described. Further, Monero has been battle tested the longest, (4+ years) so it has an edge on protocols that haven’t even launched yet.
Grin haven’t even launched, and it’s been a couple of days since Beam has launched, so we can’t pinpoint a winner; but the takeaway is that competition in the privacy coin sphere is accelerating since we now have coins leveraging the same base layer technology competing against each other. If Grin and Beam are able to beat the privacy guarantees of Monero and Zcash, this would be negative for the two major privacy coins, but we won’t know until either is released.
Supply Curves of Privacy Coins
The largest concern with Zcash is the very large initial token supply inflation in the early years of the project. For instance, Zcash is set to have ~43.4% annual inflation in 2019, or16x higher than Monero at ~2.7%.
Zcash features a hard cap of 21M coins, like Bitcoin, unlike Monero which features 1.5% to 3% inflation until May of 2022 when 18.132M coins are issued. After this, Monero’s permanent tail inflation kicks in resulting in around 158k XMR being produced each year, resulting in sub 1% inflation forever.
Zcash features high initial inflation and a founders reward (10% of all mining rewards are distributed to founders, investors, employees and advisors) for the first four years. We believe that due to Zcash’s halving schedule, Zcash will eventually result in lower inflation than Monero in much later years.
We estimate that in 2036, Zcash will have 0.46% annual inflation, vs Monero at 0.78%. Inflation rates will continue to decline over time, but Monero’s supply is not capped and will continue forever to incentivize miners. The largest concern for Zcash’s massive initial inflation is if this influx of supply of tokens will dampen the potential for price appreciation. While it’s hard to quantify the impact, we believe Zcash’s high initial inflation is undoubtedly weighing on its token price. For example in 2019, 2.4M ZEC tokens will be produced (inflation via block rewards) which reflects inflation of 43%. As such the market will have to absorb $165M worth of new tokens at current ZEC prices.
Both GRIN and Beam have interesting emission curves. While the inflation schedule of Beam resebmles to that of Zcash more with high inflation at the initial phases of the network and decreasing token supply as the platform becomes mature, GRIN has a constant supply of 60 GRINs per block. It is highly likely that both of the projects will face sell pressures as a result of the initial high inflation but the annual inflation for both GRIN and the Beam will fall under 10% as the platforms go through their 5th years.
CRC’s Takeaways from GRIN and Beam Projects
One advantage that Zcash have over the other privacy coins is that privacy is optional on the Zcash platform. On the one hand, this gives users the option to use t-addresses or z-addresses based on their privacy preferences and on the other hand, from a regulatory perspective, this gives the exchanges and wallets a reason to add them to their platforms. As we have seen in Japan, some countries might take hostile approaches against the privacy coins and opt-in, opt-out privacy could be a good feature to alleviate the regulator hostility.
Both of the projects improve the privacy features of the Bitcoin Blockchain as a result of using the Mimble Wimble technology. Being the first projects to implement Mimble Wimble gives an upper hand to both of the projects. But also, as Mimble Wimble relies on elliptic curve cryptograghy, which has been battle tested with Bitcoin for more than 10 years as of now, both GRIN and the Beam are expected to be functioning smoothly in the future. Compared to first generation privacy coins such as Zcash and Monero, the privacy of GRIN and Beam are less compelling. GRIN and Beam only hides the transaction information such as sender address, receiver address and transaction amount through implementation of Confidential Transactions but Zcash and Monero eliminates these informations all together at the base level. So, GRIN and Beam are better than Bitcoin in terms of privacy but they are worse than Zcash and Monero.
Even though they are stronger on the privacy side, the same is not true on the scalability aspect. GRIN and Beam only reduces the blockchain size that needs to be stored by the full nodes and as a result, makes it easier to become a node(auditor) of these blockchains. But that feature doesn’t necessarily translate into a scalability feature. TPS for both of the projects aren’t expected to be dramatically higher than Bitcoin Blockchain. This is problematic as the initial high inflation of the both tokens will make them difficult to become a SOV as token prices will be constantly under inflation pressure. On the other hand, both of the blockchains by design don’t offer high TPS and therefore make it difficult to be employed as a MOE tool.
Another important point is that, both of the platforms don’t have any scripting, hence, at least initially, all the exiciting improvements on the Bitcoin Blockchain such as Lightning Network and Multi-Sigs won’t be implemented on both GRIN and the BEAM. This might raise a question for the future competitiveness of these platforms.
A long term danger for all of the privacy coins but especially for GRIN and Beam are that these privacy features can be implemented by Ethereum or Bitcoin Blockchain on the base layer but also through usage of sidechain. That scenario would render these coins useless all together.
Note: This article is a compilation of the following articles which are suggested for interested readers:
Feel free to comment on this article and let's build the consensus on the valuation of cryptoassets together!
CRC is a blockchain investment bank founded by senior executives from top investment institutions in China
We are dedicated to providing professional, international and institutional investment banking services to blockchain entrepreneurs.
CRC has received a strategic investment from Huobi Global, JLAB, Gobi VC, Cloudwise and U-nobleman, etc.
For more information, please visit: crc.capital