First, I love Grin and MimbleWimble, but at risk of sounding cynical, I want to ask a few critical questions:
Specifically, the Grin documentation from source1 gives a concrete example:
Assuming a blockchain of a million blocks, 10 million transactions (2 inputs, 2.5 outputs average) and 100,000 unspent outputs, we get the following approximate sizes with a full chain (no pruning, no cut-through):
- 128GB of transaction data (inputs and outputs).
- 1 GB of transaction proof data.
- 250MB of block headers.
- Total chain size around 130GB.
- Total chain size, after cut-through (but incl. headers) of 1.8GB.
- UTXO size of 520MB.
- Total chain size, without range proofs of 4GB.
- UTXO size, without range proofs of 3.3MB.
This is touted as providing the following advantages, which I’d like to challenge:
- the node doesn’t need to store much data to stay in consensus
- a new node can join the network and only download the reduced set of data to participate
- it makes block sizes smaller by removing self referencing transactions
To point no.1:
this is also practically possible for non-MW blockchains like Bitcoin. Once a node has sync’d the chain and validated the ledger, there is no need for a Bitcoin node to keep the entire chain history. He only needs to keep the UTXO set to process new blocks with new transactions. So point number 1 is not a real advantage.
To point no.2:
A new node cannot trust the cut-through dataset, due to key cancellation attacks. So, for a node to trustlessly join the network, it must download and process the full chain. This too is the same as Bitcoin. See key cancellation example:
To point no.3:
This is the only point that holds water, IMO, but I’m still not sure its significant. How often do blocks have self referencing transactions? Is there some study that shows that at scale blocks will have many self referencing transactions, so that cut-through becomes a significant benefit?
So, what is the real value-add for MimbleWimble cut-through?