When the world was first introduced to cryptocurrencies, one of the features that stood out the most was the privacy these digital coins offered. However, as more people got on board the blockchain train, it became apparent that bitcoin and other pioneer cryptocurrencies weren’t exactly as private as we thought.
Thus, the need for privacy-oriented cryptocurrencies arose. These cryptocurrencies have several built-in security features that enhance privacy and anonymity. Therefore, it’s no surprise that they are a hot deal among crypto enthusiasts who prefer to keep their affairs to themselves.
Monero, Zcash, and Beam are three of the most popular privacy-centric cryptocurrencies. Crypto investors who are focused on the privacy features of a digital currency will probably contemplate buying into any or all of these three. So, which one should you go for in terms of scalability and confidentiality?
In this article, we’ll have an in-depth look at how the three altcoins compare. But first, how about a little background on them?
The cryptocurrency, launched in 2014 under the name BitMonero, relies on a technology called Cryptonote. It is a Proof of Work algorithm different than that of Bitcoin. In order to make the operations on its blockchain anonymous, the method adopted is that of the “Ring Signatures.”
It is a digital signature that can be created by anyone and in which each user has the key. A person can then put the electronic signature anonymously in a message or document on behalf of a “circle” of users. The members of the “circle” are chosen by the author of the signature and are not necessarily informed about the operation.
The strength of Monero (XMR) is therefore based not only on decentralization but also on its secrecy, which allows carrying out transactions that are theoretically untraceable by an external agent. If, for example, bitcoin operations are publicly recorded on the blockchain, in the case of Monero’s ledger, the information is not accessible to everyone
Zcash (ZEC) defines itself as “If Bitcoin is like HTTP for money, Zcash is HTTPS,” underlining its enhanced security and privacy features. Zcash has implemented a cryptographic tool called Zero-Knowledge Proof and grants participants an option to shield transactions. It allows participants to transact without any of them revealing their addresses to the other(s). Zero-Knowledge Proof also obfuscates the transaction amount. Zcash ranks at number 42 in the list of cryptocurrencies with a market cap of $654 million and trading at $60.50 per ZEC as of December 24, 2020.
Beam is a security-focused token with core features that include complete control over your privacy. All transactions are private by default and no addresses or other private information are stored on the blockchain. It claims superior scalability due to its compact blockchain size, opt-in auditability, support for online and offline transactions, atomic swaps, and hardware wallet integration. As of December 24, 2020, Beam tokens were trading at $0.28, with a total market value of $21.9 million, making it the 294th most valuable cryptocurrency.
Monero enables confidentiality by using Ring Confidential Transactions (a combination of Confidential Transactions and Ring Signatures) and Stealth Addresses. In addition, Kovri (currently in pre-alpha) is used to obfuscate peer-to-peer communication. Confidential Transactions hide the transferred amounts. With Ring Signatures, at least six “decoy” coins are added to each transaction, each looking equally likely to be the actual one spent in the transaction, thus making the actual source and destination next to impossible to trace. That said, there are certain claims (see this study, for example) stating that there are ways to trace transactions on the Monero network. We do not aim to confirm or contradict those claims.
Zcash uses zk-SNARKs — a novel and very advanced form of zero-knowledge cryptography. Some people call zk-SNARKs “Moon Math” — that’s how arcane and presumably beautiful they are. With zk-SNARKs, all transaction amounts, inputs, and outputs on the blockchain are entirely hidden. However, transactions on Zcash are not private by default. Since zk-SNARKs are computationally heavy to create (it takes 1–3 minutes on a regular PC to create a private transaction on Zcash), most users do not enable them, hurting the overall privacy of the network. At the time of writing, the percentage of fully shielded (i.e., entirely private) transactions on Zcash is below 1% (see here).
The upcoming Sapling network upgrade should make the performance of shielded transactions much more efficient, and hopefully, increase the amount of private transactions on the Zcash network.
In addition, zk-SNARKs require a special secret key to set up the entire system. If this key leaks, the perpetrator can print money and thus destroy the coin. Zcash carries out intricate multi-person ceremonies to create this key, and we have no reason to doubt the integrity of the people involved. However, this is still a valid concern.
BEAM is built on Mimblewimble, a very elegant protocol that allows for both confidentiality and scalability. Transaction amount, sender, and receiver are hidden using Confidential Transactions, and there are no “addresses” in the system — each user just holds private keys to the UTXOs she owns.
Privacy in BEAM is enabled by default. Actually, there are no “open” transactions at all. Reading the blockchain would not yield any information to the observer.
In addition to Mimblewimble’s default privacy, BEAM also implements Dandelion, a networking policy that significantly improves anonymity. Dandelion prevents someone from observing the network traffic to infer any valuable information.
Due to the use of Ring Signatures, additional data is attached to each transaction, significantly increasing the size of the blockchain. At the time of this writing, Monero blockchain size is around 48GB and will continue to grow with wider adoption, hurting usability. We estimate that in Monero, the size of an average transaction is about 14Kb which is almost 25 times greater than in Bitcoin. Simply put, when Monero reaches Bitcoin’s current scale concerning the total number of transactions, its blockchain will be about 5 terabytes — hardly sustainable for a regular PC, let alone on smaller devices. It should be noted that Monero team is currently implementing bulletproofs that should improve scalability by up to 80% (which is still about 5 times more than Bitcoin)
At the time of writing, Zcash blockchain size is around 19GB, while the total number of transactions is approximately 3.5 million, giving an average of 5.3KB per transaction — almost 9 times higher than Bitcoin. While it is better than Monero, it is still much heavier than Bitcoin, which is also not scalable enough in that respect
In BEAM, the Mimblewimble cut-through mechanism is used to keep the blockchain small. The cut-through removes all the intermediate states of UTXOs, essentially leaving only unspent outputs on the blockchain. Thus, the blockchain size does not grow with the number of transactions, but with the number of UTXOs, which is overall much slower.
We estimate that BEAM Blockchain size will be around 30% of Bitcoin’s, so the blockchain size should be below 70GB when BEAM reaches Bitcoin’s scale, making it possible to run a full node on smaller devices. We are actively researching additional improvements to Mimblewimble to make the blockchain even smaller (see Eliminating Transaction Kernels).