What's Really Private in Crypto? Research on Grin Raises Questions

Grin, launched in January 2019, is one such privacy initiative facing tough questions as the excitement around its Mimblewimble adaptation has not lived up to recent empirical scrutiny.

Ivan Bogatyy, researcher at investment fund Dragonfly Capital, dropped a Medium bombshell last Monday, disclosing an "Attack" capable of identifying 96 percent of the active senders and receivers on the grin network through the employment of "Sniffer nodes."

The first two cryptocurrencies based on Mimblewimble launched in January 2019: grin and beam.

The Grin Foundation's Open Research Problems page on GitHub publicly cited the problem as a point for future research along with analysis from Token Daily's Mohamed Fouda over a year ago.

Grin's version of Mimblewimble is joined by others, namely beam, which Bogatyy also addressed in his research.

To grin developers, Bogatyy's views are far off the mark.

Writing in a Medium post, grin developer Daniel Lehnberg said Bogatyy confused basic points such as transaction outputs versus addresses in the Mimblewimble system, misstated grin's original privacy claims and did not contact grin developers while saying he did.

As Miers points out, you can still trace grin transactions regardless if they have addresses or not.

Reviewing Bogatyy's research, Lehnberg said he is skeptical of how he was able to "Uncover who paid who in the Grin network," as Bogatyy claimed on GitHub.

While the two sides may disagree over the technicals, Miers remains positive about Mimblewimble but characterizes grin as only a footnote in privacy coins' history.