Most people assume Bitcoin provides privacy. The protocol offers almost none of it. Bitcoin transactions are transparent, traceable, and the network doesn't guarantee fungibility. Developers have prop
Most people assume Bitcoin provides privacy. The protocol offers almost none of it. Bitcoin transactions are transparent, traceable, and the network doesn't guarantee fungibility. Developers have proposed privacy upgrades over the years, but few have made it into Bitcoin's core code.
Blockstream mathematician Andrew Poelstra and Douglas Tuman, who hosts Monero Talk, explored these constraints in a recent YouTube conversation. Poelstra outlined three main barriers: the scalability burden of privacy schemes, technical vulnerabilities specific to Confidential Transactions, and the general difficulty of changing the Bitcoin protocol.
Scalability remains a fundamental obstacle. Privacy improvements suggested for Bitcoin have required more block space—they expand transaction sizes. That expansion forces a choice: raise transaction fees or increase the computational demands of running a full node. Zerocoin and Zerocash began as Bitcoin proposals before becoming separate projects. Zcash, which descended from Zerocash, has since reduced transaction sizes significantly. But even those improvements haven't shrunk transactions enough to satisfy Bitcoin users weighing the tradeoff.
The Lightning Network inverted this problem. The second-layer payment channel scheme operates off-chain, which means less data hits the blockchain permanently. As a result, it improves both scalability and privacy—less history stored forever means less surveillance.
Confidential Transactions emerged as one of the most discussed privacy upgrades. Adam Back introduced it on Bitcointalk in 2013. The scheme would hide transaction amounts. Yet it carries a serious cost: it demands new cryptographic assumptions.
Poelstra explained the bind: "If we were to get Confidential Transactions in Bitcoin, it would have the side effect of making the soundness of Bitcoin itself dependent on cryptographic assumptions."
The mechanism relies on the discrete logarithm problem, which underpins modern cryptography. If a quantum computer cracked discrete logarithm problems, an attacker could silently inflate Bitcoin's money supply in a Confidential Transactions version of the network.
Zcash addresses this using a trusted setup—a ceremony where participants generate encrypted parameters in advance. Critics have attacked them for this approach. Bitcoin developers would almost certainly reject a comparable weakness in the protocol.
Poelstra described the current state: "Right now, in Bitcoin, you can look at the blockchain and you can see all the transactions. You can check that all the amounts add up. You can check that nobody is minting coins. You can really verify the soundness of the system. And Confidential Transactions does not let you do that. Worse than that, it requires you trust a cryptographic assumption that we know will be broken by quantum computers."
A 2010 bug demonstrated why this matters. An attacker briefly inflated Bitcoin's supply, but the attack unraveled because observers could see the excess coins. Detection came through examination of the public ledger.
Poelstra suggested a compromise: "Maybe if there was something like Confidential Transactions or something like SNARKs or some sort of ring signature that was resistant to quantum computers—maybe that would be okay in terms of community sentiment."
Confidential Transactions could be designed to sacrifice privacy later rather than risk soundness now. A quantum computer breaks the encryption, and transaction history becomes visible—but the money supply stays intact. Bitcoin's community would probably find this more acceptable than a Zcash-style trusted setup. Whether it gains protocol support remains uncertain.
Liquid, a federated Bitcoin sidechain run by Blockstream, already incorporates Confidential Transactions. That arrangement sidesteps the protocol-level concerns.
Developers must expend significant effort to change Bitcoin's core rules. Building consensus takes time. Code must be written. By the time a proposal gains momentum, developers may devise something superior that renders the original obsolete. Reversing a Bitcoin change proves equally difficult, so developers must verify changes thoroughly before implementation.
Some proposals have gathered momentum. Schnorr signatures and Taproot represent genuine progress. Combined, these upgrades would make different transaction types indistinguishable on-chain. A CoinJoin-style mix would look identical to a Lightning payment, which would look identical to a simple Bitcoin transfer between two addresses.
With standardized transactions in place, developers can pursue future privacy improvements. Schemes like Confidential Transactions become more feasible once the blockchain displays uniform transactions.
