Grin builds on the MimbleWimble protocol, and the project’s unique contributions are best appreciated in contrast with MimbleWimble’s base features. MimbleWimble is a blockchain protocol published in July 2016 as a text file posted on the #bitcoin-wizards IRC channel by the pseudonymous ‘Tom Elvis Jedusor.’ The paper combined existing research in novel ways, using many of the Bitcoin blockchain’s features to add privacy features without the corresponding drastic increase in hardware requirements to validate the history of the network. MimbleWimble achieves its privacy benefits by approaching UTXO transactions differently from other privacy-focused cryptoassets, such as Monero and Zcash. Specifically, in lieu of a published address, a cryptographic commitment representing the amount transacted among parties is all that is published to the chain.
MimbleWimble’s approach to UTXOs is a core differentiating feature. Essentially, a new node joining a MimbleWimble based blockchain can verify the current state of the chain by processing the current unspent transaction outputs, rather than running through the history of every single transaction, as is the case in Bitcoin. MimbleWimble's privacy-focused design, which hides transaction values and contains no addresses by which users can be identified, can appear unintuitive to those more accustomed to either Bitcoin’s UTXO model or Ethereum's account-based architectures. Cryptoassets built on the MimbleWimble protocol, such as both Grin and BEAM, enjoy several privacy features, most notably the obfuscation of transaction values. Although it has been suggested that user activity on Grin cannot be identified and while it is true that Grin contains no addresses, it is still possible to deanonymize user activity as demonstrated by Dragonfly Research’s analysis, which despite its errors and shortcomings is ultimately correct in its conclusions about Grin’s lack of anonymity. MimbleWimble’s current privacy features unpacked below, are enabled by several technologies used in tandem with the Bitcoin UTXO model, such as elliptic curve cryptography.
At its core, Grin’s privacy comes from an adaptation of Confidential Transactions technology which itself is derived from Homomorphic Encryption both of which were originally proposed for use in Bitcoin. This allows for transaction values to remain hidden through encryption while the use of range proofs allows for nodes to verify that no new coins have been minted (i.e. protecting against hidden inflation). Grin does this all without a trusted setup as is the case in other privacy-focused cryptocurrencies such as Zcash. Just like Monero, another privacy-focused cryptocurrency, Grin uses Bulletproofs, albeit with a different implementation, to construct its range proofs, offering much greater performance and efficiency over earlier implementations.
In an effort to resist the increasing dominance of mining by large, heavily capitalized firms, Grin chose to implement a Cuckoo Cycle Proof of Work (PoW) algorithm. Cuckoo Cycle is the first graph-theoretic PoW algorithm and is designed to be memory intensive. Proofs of cycles on graphs are easy to verify: verifiers trace the path once to determine if it is indeed a cycle, making path verification much simpler than path discovery. While Cuckoo Cycle is designed to be mined by GPUs, which do not currently have available ASICs, many believe ASICs development is inevitable, given the economic incentives. History would seem to add weight to this belief; Ethereum’s Ethash algorithm was also designed to be memory intensive and ASIC resistant, though ASICs were developed several years after network launch while a similar development occurred in the case of the Scrypt algorithm used in Litecoin and other blockchains.
Grin’s monetary policy sharply contrasts with that of Bitcoin’s. GRIN monetary supply will exhibit linear inflation with an unlimited total supply; the same amount of GRIN will be emitted at a constant rate forever—one new token per second. This makes the supply unbounded, whilst the inflation rate as a percentage of the total Grin in existence will tend to zero. This approach renders Grin ‘closer to digital cash than digital gold’, with an estimated 4% inflation rate in 25 years. Grin details the motivation for their monetary policy in their GitHub documentation, arguing that “sound money has more to do with transparent emission than a capped supply.” Since a disinflationary monetary design, such as a decreasing amount of new tokens introduced over time, may incentivize holding tokens as speculative instruments in anticipation of their increase in value (as supply is gradually outstripped by demand), such tokens (i.e. Bitcoin) might have difficulty finding use as an everyday medium of exchange.
Grin is one of few protocols launched post-2017 to utilize PoW, specifically the Cuckoo Cycle algorithm. This architecture is a novel form of graph-based PoW, in which miners search for the routes of fixed sizes on large, artificial network graphs. This process is memory-intensive: verifiers trace the path once to determine if it is indeed a cycle, making path verification much simpler than path discovery. Grin’s approach to block rewards appears to acknowledge the long-term probability of such ASIC’s development while also attempting to support individual mining. Grin utilizes two variations of the Cuckoo Cycle algorithm; 90% of the initial block rewards accrue to the variation that is most ASIC-resistant, with this proportion dropping linearly until all block rewards accrue to the non-ASIC resistant algorithm in 2021. Grin has also stated its intention to fork the protocol to facilitate updates to the mining algorithm every 6 months and conducted the first such fork in mid-2019. Manufacturers such as Obelisk have developed ASICs for the amenable version of Cuckoo Cycle, and there are a variety of mining pools such as Grinmint. Successful miners are rewarded at a rate of sixty GRIN per one minute block.
Grin’s governance system is broadly similar to Bitcoin’s: no formal on-chain mechanisms, funding for developers, or rigid power structures. Many in the small team of Grin developers are anonymous, including the leader Ignotus Peverell. The core developers and community considered the option of forming a foundation to coordinate development and funding efforts but ultimately decided against it, citing the various issues that foundations for other projects such as Bitcoin, Ethereum, and Tezos have encountered.
Central amongst these problems is that foundation structures are perceived as concentrating power in a small minority, and, as such, are anathema to Grin’s focus on decentralization. Instead, Grin has a technical council consisting of eight core developers; Ignotus Peverell, Antioch Peverell, Hashmap, Jaspervdm, Lehnberg, Quentin le Sceller (BlockCypher), Yeastplume (Michael Cordner), John Tromp, that lead decision-making processes. There are no formal processes for appointing or removing these members, though discussions concerning a move to a more structured governance system are ongoing. Notably, this structure is similar to early Bitcoin development and the original cypherpunk movements, although Bitcoin’s governance model went through a long era of being criticized as overly technocratic and too slow, among other things.