How does Trias improve the security and privacy of UTXO model?
What is UTXO?
As a discrete piece of bitcoin put forward by Satoshi, a UTXO is an unspent transaction output.
In the transaction based on UTXO model:
- Transaction input must come from transaction output;
- Output transaction can exist without input transaction (eg. mining);
- A Transaction input can come from multiple transaction outputs.
In a UTXO transaction, each transaction input can be traced to a transaction output. It is composed of transaction ID, transaction output index and unlocking script.
Compared with UTXO, people are more familiar with the Account Model, which is usually deployed by banks, securities exchanges and third-party payment tools.
By Comparing UTXO with Account Model, we can understand the mechanism of UTXO better.
In the transaction system based on the Account Model, if there is $100 in A’s account and A needs to pay B $50, the system will check whether the account balance is enough or not. If it is, the system will deduct $50 from A’s account and add $50 to B’s account.
In the transaction system based on the UTXO, every transaction needs to balance input and output. When A inputs $100 and B receives $50 (output), there will be $50 that hasn’t been output and the system will pay the remaining $50 back to A. In this process, there is a clear transaction ID and an index number for every transaction so it is traceable.
In short, UTXO only records the transaction changes, not the final status (balance) of the transaction. Only the transaction itself will be handled by blockchain and the other processes like clearing the balance are handled by the node itself.
Trias “Shadow” Account Design
Trias deployed a way to combine Account Model and UTXO. The Account Model is used to meet the business demand and UTXO is used to support the higher requirement of privacy and scalability.
In Trias technology of protecting the private data on the blockchain, Stealth Addresses are used to hide the address of transaction receivers and Zero-Knowledge Proof is used to hide the transaction amount.
In the specific transaction process, the transaction from account A to account B will be completed through a temporary address generated by the public key and the assets will be transferred to it. In the input process, account B shall go through all effective transactions and collect through the private key and transaction random number.
The process is as follows: account A transfers money to account B, and account B has two pairs of public-private key (m, M), (n,N), which specifies that the common parameter of elliptic curve is G.
Through the above process, the temporary address P has been calculated. Then A transfers the asset to P and publishes R. After that, B calculates the corresponding private key in the input. In this way, the transaction is completed and the private information of account A is protected.
In Trias technology, Zero-Knowledge Proof is realized by zkSNARK. When the transaction is processed, the transaction sender will no longer write the transaction amount in clear text, but generate the proof of transaction and transaction data based on the occurrence public key of zero-knowledge proof, and broadcast the proof to the network as the message body of the transaction. Miners on the network can verify the legitimacy of transaction data without knowing the transaction data. The transaction receiver can also see all the information of the transaction based on the Zero Knowledge Proof mechanism, so as to verify and spend the transaction.
When achieving goals, Trias technology not only makes users benefit from decentralized anonymous applications on the blockchain, but also protects users' privacy to the greatest extent and prevents third parties from gaining knowledge about the transaction.