Ghost Protocol

An introduction to our unique privacy protocol

1. NIX Ghost Protocol Overview

The NIX Ghost Protocol will consist initially of several privacy elements that will continue to be evolved and built on top of. At launch, the NIX platform will enable Zerocoin with one-time-addressing outputs, i.e., stealth outputs coupled with Tor networking. Zerocoin helps scramble user data by creating a system that makes it impossible to guess the correct original location of assets. The stealth outputs create a blockchain element that conceals the destination output resulting in a non-traceable address location. These two mechanisms provide receiver and sender privacy. Integrated with a layering of Tor networking, users will have both blockchain privacy as well as networking privacy. The use of Bulletproof integrations will keep being researched and developed into the NIX Ghost Protocol, yet will not be available on main-net release.

2. Zerocoin Protocol

To solve the dilemma of anonymous transactions, Bitcoin and preceding alternative cryptocurrencies have attempted to use transaction mixers or ring signatures. However, there are a number of drawbacks to these proposed solutions. For one, a malicious or compromised member of a mixer or ring signature can break privacy. Furthermore, the anonymity set is a key metric to understanding how private a currency is. Privacy in formerly proposed solutions is limited by the size of the mixing cycle or ring signature. Each mixing cycle or ring signature is controlled by the number of transactions per cycle, which is transitively limited by the block size of the currency. Thus, the anonymity set in previous attempts at privacy tends to only be a few hundred transactions.

The Zerocoin Protocol is a strong encryption system in which large prime numbers are multiplied and the factorization of the resulting number makes it impossible to find out which numbers were used¹.

With Zerocoin, the anonymity set is on a dramatically higher magnitude. Instead of having it limited to the few dozens, NIX, with the use of Zerocoin has an anonymity set that encompasses all minted coins in a particular RSA accumulator that can scale to many thousands, and -unlike other solutions- is not subject to transaction graph analysis.

3. Bulletproofs Integration²

In general, privacy for payments are separated into two properties: (1) anonymity, hiding the identities of sender and receiver in a transaction and (2) confidentiality, hiding the amount transferred. While some digital currencies provide some weak anonymity, most of them lack any confidentiality. This is a serious limitation and could be prohibitive for many use cases.

Bulletproofs is a new ZK proof integration of creating confidentiality, as so, they do not require a trusted setup. The outlying solution which Bulletproofs bring is designing a trustless setup that creates transaction output privacy for users. Along with the integration of the Zerocoin Protocol, a user will now have access to not only location privacy of their coins, but also value privacy.

Bulletproofs is based on the notion of confidential transactions introduced by Maxwell in order to address the confidentiality of the amounts; the input and output amounts in a transaction are hidden in Pedersen commitments, meaning that every trade quantity involved is hidden from public view using a commitment to the amount. To enable public validation, the transaction contains a zero-knowledge proof that the sum of the committed inputs is greater than the sum of the committed outputs, and that all the outputs are positive, namely they lie in the interval [0,2n], where 2n is much smaller than the group size.

Whilst Bulletproofs have many applications, they are crucial for NIX to provide users with totally private transactions, aiming to achieve a truly distributed and secure environment to trade digital currencies.

4. Zerocoin Stealth Outputs

Zerocoin stealth outputs provide a way of concealing the destination address on chain by creating a hashing mechanism between the sender and receiver on the blockchain. This covers the actual NIX address that will be receiving the data on the network and reflects a stealth output to the public chain. Because the sender for the Zerocoin information is not one entity, the only compromise of data regarding the security of the stealth address is the receiver – i.e., the user. This ensures complete privacy of receiving Zerocoin payments.

5. Tor Anonymity Network

Tor is a software that enables the ability to conceal user location and usage from outside monitoring entities. When using Tor, a user’s networking is routed through thousands of different network relays to scramble initial internet traffic resulting in a secure system for networking. Tor will be a default networking tool enabled in the NIX Platform.

¹ Zerocoin: Anonymous Distributed E-Cash from Bitcoin. Ian Miers, Christina Garman, Matthew Green, Aviel D. Rubin. The Johns Hopkins University Department of Computer Science, Baltimore, USA.

² Bulletproofs: Short Proofs for Confidential Transactions and More. Benedikt Bünz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, and Greg Maxwell. Stanford University. University College London.