Peter Todd Explains Why MimbleWimble Should Not Be Implemented As A Bitcoin Sidechain

During the Bitcoin developer panel at the recent Unconfidscatable Conference in Las Vegas, the topic of MimbleWimble was discussed. With the recent launches of the MimbleWimble-based Grin and Beam altcoins, the privacy and scalability-focused technology has been a hot topic of conversation throughout the cryptocurrency ecosystem.

Applied cryptography consultant Peter Todd is known to throw water on blockchain-related ideas when they start to gain a bit too much hype around them, and he made the case that MimbleWimble is overrated during the recent panel discussion. Additionally, Todd provided his reasoning for why the technology should not be implemented as a sidechain to Bitcoin.

The Problem with Merged-Mined Sidechains

In terms of a more decentralized version of sidechains through the use of merged mining, Todd does not see those types of systems as fundamentally secure. As a quick summary, the concept of merged mining is the ability for bitcoin miners to mine some other chain for little to no additional costs.

“[With] merged mined sidechains, the problem is they’re insecure,” said Todd. “You can attack them at zero cost, and they go screw up the parent chain. If anything, the fact you can have merged mining is a major security vulnerability in proof-of-work, and unfortunately, I don’t really have a good solution for it.”

Drivechains creator Paul Sztorc has disputed Todd’s assertions regarding the security of merged mining over the years. In addition to introducing the concept of blind merged mining, Sztorc also has a number of game theoretical arguments to support the argument that miner-controlled sidechains have merit.

What About MimbleWimble on a Federated Sidechain?

Moving on to more centralized sidechains, such as Blockstream’s Liquid offering, Todd was more receptive of MimbleWimble implementations. However, he noted that switching to a more powerful privacy option would include better tradeoffs in a more centralized environment.

“Why would you botther with the MimbleWimble protocol?,” asked Todd. “Why wouldn’t you do Zcash with ZK-SNARKs? That’s much better privacy than what MimbleWimble can get. And in an environment where it is okay to chuck away history — because it’s a centralized system you can always create a new one — the technical downsides of ZK-SNARKs don’t really seem to matter that much. And the trusted setup — I mean, so what? It’s a centralized sidechain, so the trusted setup is the least of your worries.”