In the mimblewimble whitepaper it states…
Here are some questions I can not answer at the time of this writing.
What script support is possible? We would need to translate script operations into
some sort of discrete logarithm information.
We require user to check all kG values, when in fact all that is needed is that their
sum is of the form kG. Instead of using signatures is there another proof of discrete
logarithm that could be combined?
There is a denial-of-service option when a user downloads the chain, the peer can give
gigabytes of data and list the wrong unspent outputs. The user will see that the result
do not add up to 0, but cannot tell where the problem is.
For now maybe the user should just download the blockchain from a Torrent or something
where the data is shared between many users and is reasonably likely to be correct.
What are our thoughts on these points, I’m particularly interested in hearing how point 3 is being addressed. I noticed that it takes a considerable amount of time to download the blockchain, maybe it is because im in debug mode, maybe it is due to precautions taken. I’d like to see the speed of the initial download increased without opening up the system to DOS should there be time available in future to address this.