Privacy Coins – The Story Of MimbleWimble Protocol


Mystical MimbleWimble World

Lets dive into the origins of MimbleWimble protocol and explore what MimbleWimble actually is. Harry Potter fans should recognize this tongue-tying spell called MimbleWimble. It was used to prevent Snape from revealing safe house location to Lord Voldemort in the seventh book called “Harry Potter and the Deathly Hallows”. You may be wondering why are we even mentioning this and how does Harry Potter have anything to do with crypto? Firstly, it is very clever reference to the privacy features of MimbleWimble protocol. Secondly, the creator of MimbleWimble protocol anonymously posted its whitepaper under disguise of Tom Elvis Jedusor – the French translation of Voldemort’s real name. It was August 2016 when he popped out of nowhere on Bitcoin research IRC channel. He posted an onion link (Tor) to the document outlining the idea of an improved and fully private version of Bitcoin transactions.

While the document was revealing and explained the idea fairly enough, it had its shortcomings. The idea was expanded two months later, in more details by Andrew Poelstra, the Blockstream mathematician in this paper. Are you already missing pseudonyms related to Harry Potter series from the past paragraph? Fear not, they are not over. Another two months passed and one more mysterious character materialized and started first MimbleWimble implementation called Grin. The name is alluding to the Gringotts Wizarding Bank. The creator called himself Ignotus Peverell – also a character from Harry Potter series. Ignotus was the owner of the Cloak of Invisibility. Yet another clever privacy reference.

Mimblewimble Technicals

The main goal of MimbleWimble is to design cryptocurrency similar to Bitcoin but with vastly improved privacy and scalability. Key privacy features it includes are based on variations originally proposed by Gregory Maxwell:

  • Confidential transactions with blinding factors;
  • CoinJoin (the process of mixing coins by several parties).

Only the parties participating in the transaction are aware of amounts being transacted. Everyone else only sees that unknown amount has been transacted. This is achieved by encrypting transaction inputs and outputs by the use of blinding factor – a private key. All that is left to hide is the origin of the transactions. This is accomplished by “privately relaying transaction among peers before it is announced publicly, which is also called transaction’s random walk”. MimbleWimble protocol doesn’t use public keys or addresses. It just keeps inputs and outputs. Basically, wallets communicate between each other to exchange data. This is important concept to grasp when understanding MimbleWimble transactions. Read up on Bitcoin’s UTXO model if you are having a hard time here. Key takeaway is that all privacy features are enabled by default. They are not opt-in like is the case with Zcash for example.

Techniques it uses for improving scalability are not of centralizing nature like is the case with sharding, state channels (Lightning Network) or masternodes. Rather, it focuses on stripping down the protocol itself by removing the data it deems unnecessary. Most of the past transaction data is removed. This makes it much less storage intensive than other privacy coins and Bitcoin. When compared to Bitcoin and it’s blockchain size of 198 GB as of today, Grin’s blockchain would consume only 20 GB. Cut and prune is the main principle of how MimbleWimble protocol achieves its scalability goals. Do note that when it comes to transaction throughput, MimbleWimble is only slightly faster than Bitcoin. It still requires second layer scaling solution like Lightning Network for any meaningful real world, VISA-like use case.

MimbleWimble relies exclusively on Elliptic Curve Cryptography. ECC is considered as strong and proven cryptography which has been tested for many years. However it also has one downside – it is not quantum resistant. Quantum computers capable of attacking ECC with Shor’s algorithm are still years away though. Cryptographers should have plenty of time to come up with viable solution to this future problem.


Grin LogoGrin is the original implementation of MimbleWimble protocol. First testnet was launched back in November 2017. Current and final testnet called floonet will be live until mainnet. Initial goals for mainnet launch were somewhere in 2018 but have since been postponed and the new target is set for January 15 2019. Fingers crossed that everything goes smoothly.

As noted earlier, Grin has anonymous founder and was mostly developed by community members in Rust programming language which has an emphasis on safety. Why Rust? Well, the main developer likes it better than C++ and many argue that it’s a better fit for a project like Grin. So far, it seems to be the right choice. Grin’s github is brimming with activity, it was one of the most active repositories out of all the crypto projects in the 2018.

Programmable Money

Bitcoin is more than a simple money designed to transfer value from one person to another. It is programmable money. Bitcoin offers non-Turing-complete scripting language which is more limited when compared to full blown programmable blockchains like Ethereum. But it still offers many useful features out of which multisig transactions are arguably the most interesting. Bitcoin scripting design is intentional. It is more simple; hence, more secure. It offers less room for errors and malicious use. Less is more – no need to include features which are not needed for its designed use cases.

Grin has been criticized for not having Script or any programming language. This stands true but many of Bitcoin features which require Script are still possible to do with Grin. Atomic swaps, multisig wallets, lightning network will all work on Grin.

Dandelion Relay Protocol

Dandelion was originally proposed in Bitcoin improvement proposal 156 (BIP 156). It prevents network triangulation attacks. These are performed by sprinkling Bitcoin nodes around the network and placing them on key junction points to intercept the origin of transactions. Dandelion basically delays the appearance of transactions on the network by performing few random, private hops around the nodes. Then it bursts through the network like when you blow at the real Dandelion (flower). Kudos for cleverly choosing evocative name that is self-explanatory.

Both Grin and Beam have implemented slightly modified versions of Dandelion protocol and use it to further boost their privacy mechanisms.

Monetary Policy

Grin’s monetary policy encourages spending and tailors itself as a medium of exchange rather than store of value. They argue that there needs to be constant incentive for miners to continue securing the network and that transactions fees alone are not enough. Coin metrics will be as follows:

  • 60 second block times;
  • 60 coins per block;
  • Linear emission rate;
  • Uncapped supply.

All of that translates to a very high initial inflation which won’t drop below 10% until the first decade is behind us. Dropping below 2% will take another four decades. Do take note of this if you are anything but a hardcore, long term hodler. But who knows, hype is strong and it just might prove to be more than enough to outpace strong inflation. This is crypto after all, uncommon things happen all the time.

Grin relies solely on the support of community when it comes to funding and governance. There will be no ICO, premine, instamine, founder’s block reward or anything similar. Big thumbs up! Detailed progress of community funding can be tracked here and the newest (weekly) developer updates are posted here. Very detailed and informative, another thumbs up. Funds go to main programmer Michael Cordner aka Yeastplume so that he can focus full time on developing Grin. Funding campaign for Mar-Aug 2019 is currently live. Make sure to chip in if you can.


In the spirit of Grin’s philosophy, lean and simple mining algorithm was chosen – Cuckoo Cycle. More accurately, they will be using a variation of said algorithm called Cuckatoo Cycle algorithm. We already mentioned Cuckoo cycle in our short BitCash review. Cuckatoo Cycle is further split into dual PoW system consisting of two mining algorithms. Cuckaroo29 which is designed for GPU’s and the ASIC oriented Cuckatoo31+. The first requires 6 GB of memory while the second requires 11 GB of memory. Pick one according to your hardware capabilities. More details can be found here. Grin’s team believes that ASIC’s are inevitable and wants to try and make both groups of miners somewhat happy by switching between algorithms and balance the mining rewards between the two.

Everything seems to be ready for mainnet launch. Linux only wallet is working. Miners for both Windows and Linux are present. There are already several mining pools in their final preparations. Block explorers are also live. All links are listed below:

There is also more advanced Grin wallet available called vault713. It provides useful features like transacting through relays. These remove the need for both parties to be online when transacting with each other. Offline transactions can be done with official wallet as well but it requires sending files between parties.


Beam is the second implementation of MimbleWimble protocol created by the team of engineers and entrepreneurs led by Alexander Zaidelson. This coin has different goals in comparison to Grin. It follows Bitcoin’s model more closely and wants to serve as private store of value. And Its monetary policy is designed around that philosophy.

Beam mainnet has been postponed a bit but has been successfully launched on January 3rd 2019. Mainnet launch went smoothly without significant issues but on January 9th critical vulnerability has been discovered in Beam wallet. Luckily, it was discovered by Beam dev team and fix has been issued quickly. The problem is that it has pretty big list of don’ts for a software that deals with money.

Beam announcement

Hype has been very strong and as we wrote in our Crypto Week In Review #9 article, the hasrate has been nuts since day one. Big miners playground. At the moment, week after launch, the network has the power of over 250k 1080ti GPU’s. That is almost 50% more hashrate than ETC has at the moment.

Beam is currently trading on HOTBIT but deposits are currently a real train wreck and withdrawals are disabled so we’d advise against trading there and waiting a bit longer for another exchange listing.

Hotbit exchange - Beam

Key Differences

Beam does a few key things differently than Grin.

Firstly, it has different monetary policy which is similar to Bitcoin. Max supply is capped at 262,800,000 coins. Block reward drops will work as follows:

  • 80 coins per block for the first year;
  • 40 coins per block for the following 2-5 years;
  • 25 coins in years 6-9;
  • Year 10 will be the start of regular halvings every four years until year 2152, when the last coins will be mined.

Beam won’t rely on community support for funding like Grin, it will be funded from block rewards similarly to Zcash model. Block reward cuts will last for 5 years and are planned as follows:

  • 20 coins per block in the first year;
  • 10 coins per block for the remaining years.

Secondly, it uses different programming language and mining algorithm. C++ and Equihash respectively. Beam will aim to remain ASIC resistant in the first or so years by modifying mining algorithm through hard forks – 6 months after the launch and then a year later.

Thirdly, Beam features opt-in auditability, which is an extension to MimbleWimble protocol. According to Beam’s FAQ it allows “..businesses or private individuals to report their financial history to their auditors or any other party of their choosing in a secure and provable way.”

Another thing to note is that unlike Grin, Beam has fully public team and advisors which are shown here. It’s a rare case amongst privacy coins.

Side By Side Comparison

Grin vs Beam Comparison


What is WOKE? WOKE aims to be 3rd MimbleWimble implementation and the first blockchain with multiple Confidential Assets. It is based on an idea proposed by Andrew Poelstra who we already mentioned at the beginning of this article. Their first asset will supposedly be called WINK and will feature extremely scarce supply. Only 42 coins will ever be created, block times will be 42 minutes and the emission will be spread over 42 years. Numbers game at its best. At the moment this is just philosophical experimentation with a funny tone, there is no source code you can look at or testnet you can run. We will see what happens, which path and assets will they choose. Who knows, maybe it will turn into something interesting.

Time to wrap things up and finish with saying that MimbleWimble makes us Grin. 😀

MyAltcoins team,
Petar & Ana

Share on twitter
Share on reddit
Share on telegram
Share on whatsapp
Scroll to Top
Laptop displaying MyAltcoins cheat sheet PDF on screen
Subscribe To Our Newsletter Below And Get Our Free Report Which Will Transform Your Cryptoasset Investing Strategy:
  • ​Learn how crypto experts analyse altcoins quickly and efficiently,
  • Find out how to merge the power of Fundamental and Technical Analysis,
  • Receive monthly MyAltcoins Recaps!

We value your privacy and will NOT share your information with anyone!