Skip to content

What are confidential transactions?

May 29, 2020

In the digital world we live in, we are used to cryptography, which enables us to keep secrets. For example, we see it every time we connect to the Internet, where our connections are protected by TLS certificates and encrypted connections to these servers. But we even see it on our smartphones, which are now encrypting the information they store to give us a higher level of privacy and security. With this in mind we can say that encryption is everywhere and is a daily part of our lives.

Bitcoin does not escape this reality, its entire operations have a strong cryptographic base, but Confidential Transactions (CT) have been created to further improve that base. In fact, we can think of confidential transactions as a role in which the parties to a transaction can write the information and read it clearly. But when others take on this role, they only see doodles and meaningless information. The information of the transaction can be checked there by everyone, but only visible to those who participated in the transaction.

Homonymous encryption and its role in confidential transactions

To do this, confidential transactions use a technique known as “homonymous encryption”. This is a type of encryption that allows a person to perform operations on encrypted data to perform certain functions on it. More accurate, The CTs use a Pedersen Commitment type encryption of the same name.

What are confidential transactions?What are confidential transactions?

With this type of encryption, a function consists of a hash to commit or send data that you can disclose later. In this way, you can generate a hash whose entry cannot be identified by anyone except the person who created the hash. In addition to this data entry Random information is added that adds up to data entry. The goal of this additional random data is to strengthen the hash against possible reduction attacks. Finally, what ensures the secret is that the hash functions cannot be inverted and the input is completely deterministic. This means, only those who believed hash and access to random data know the secret.

At this point, the generated hash can be digitally signed so that there is irrefutable evidence that the secret exists and is known to a specific person. This way, you cannot change any of the information that you have revealed through the hash. So í When we use the Pedersen commitment wording, we have the following left:

C (BF1 D1) C (BF2 D2) = C (BF1 BF2, D1 D2)

Where are the parts of the equation:

BF are random data or blinding factors

D is the data of the transaction

C (BF1 D1) is the direction of change

C (BF2 D2) is the destination address

C (BF1 BF2, D1 D2) is the origin address of the funds.

Basically, this wording tells us that we can create secrets and random data associated with those secrets thanks to the fact that every user has a responsibility for their address. So í When we create an address, we generate additional obligations that reflect the advantages and disadvantages of the transaction, including our direction of change.

This way, no one will be able to view the transaction information in flat form, but it could review and validate all information openly. Undoubtedly an elegant and very clever way to improve Bitcoin’s privacy.