Benedikt Bunz (co-author of Bulletproofs), Dan Bohen et al. proposed Zether, the first privacy mechanism built specifically for Ethereum, i.e. account-based smart contract platforms. All notable blockchain privacy mechanisms developed so far (the authors refer to 10 of them), were designed for Bitcoin/UTXO-based chains.
Zether provides both confidentiality (by hiding payment amounts) and anonymity (by hiding the identities of senders and recipients).
The mechanism is practical today (no changes to Ethereum protocol required). The authors implemented it as an Ethereum smart contract and a single transaction costs 7M+ gas , but if two already discussed EIPs were to be implemented, it would go down to 1.7M and also the contract itself could be further optimized.
There currently exists an EIP to reduce the gas cost of elliptic curve multiplications by a factor of 6.66 and additions by a factor of 3.33 [bn1b]. A further EIP reduces the cost of calling a precompiled contract [pre] which would reduce the cost for each cryptographic operation by another 700 units of gas. If both of these were implemented, the cost of a Zether transfer would reduce to roughly 1.7 million gas (0.36 USD).
Here [bn1b] refers to EIP-1108 and [pre] refers to EIP-1109.
EIP-1108 went live with Istanbul. EIP-1109 is not planned for Berlin, but an alternative, EIP-2046 is – it is not reducing the cost to 0, but 40 (in its current and not final form).
Wondering if anyone will pick Zether up after these changes go live?
The Blockchain Team at JP Morgan have made significant improvements to the original Zether implementation. Further, they have came up with designs to add anonymity to Zether’s original designs. I would reach out to Benjamin Diamond to see if they would also deploy a version on mainnet Ethereum and not only on Quorum.
, but if two already discussed EIPs were to be implemented, it would go down to 1.7M and also the contract itself could be further optimized.