Monero, which means “currency” in Esperanto, is one of the oldest cryptocurrencies. However, its substance remains little known to the public. Its protocol solves one of the biggest challenges facing cryptocurrency developers: making confidential transactions.
Monero relies on the protocol CryptoNote. It uses different tools to guarantee a high level of confidentiality of transactions: circle signatures and the stealth addresses.
Created by a developer under a pseudonym, like Bitcoin, Monero is today jointly developed by a team composed of cryptography experts. More than 200 people collaborated on this project.
The creators of Monero want to overcome certain weaknesses that many open blockchains. They have an unfortunate tendency to harm the private life of their users.
The problem of fungibility
The notion of fungibility qualifies the interchangeable nature of an asset. In the case of money, this means that all units of account must be equal. Thus, a hundred euro note is always worth the same as another hundred euro note or two fifty notes.
On the Bitcoin network, fungibility means that all bitcoins must have the same value regardless of their history, or the entity that owns them.
This property is not guaranteed in the case of decentralized cryptocurrencies. On Bitcoin, the traceability of transactions recorded in the blockchain poses problems of fungibility. Some corners are deemed “dirty” when the associated transaction history includes illegal operations (stolen bitcoins, or used to purchase illicit products). For example, Coinbase automatically rejects corners who passed through some dark marketsor used to play online.
This poses a big problem for the proper functioning of the decentralized network, because all corners are not equal. Some users are even willing to pay additional fees to “launder” their corners using mixing services.
Confidentiality of transactions
The confidentiality of transactions is therefore necessary to ensure fungibility of a decentralized currency. It is also used to allow companies to use this new type of currency without disclose sensitive data. Some companies have no desire to communicate the details of their financial operations to their competitors. Likewise, individuals do not necessarily feel the need to communicate to the whole world the nature and amount of the purchases they make.
Bitcoin network researchers regularly come up with new solutions. Monero was created from the start with the aim of ensuring a high level of confidentiality of transactions, through different processes. The success of this cryptocurrency is due to this essential property.
The CryptoNote protocol
This is the cryptographic prerequisite for the genesis of Monero.
CryptoNote is an open-source protocol ensuring the anonymity of counterparties and the confidentiality of transactions. It served as the basis for several cryptocurrencies. Unlike the Bitcoin network, a blockchain administered via CryptoNote does not reveal the origin or destination of the units of account.
- Anonymity of the issuer: it is ensured by using several public keys to sign a transaction (circle signatures). Network nodes can prove that the transaction was indeed signed by the issuer; but without being able to identify the key used.
- Receiver anonymity: the protocol makes it possible to generate a pair of single-use keys for each transaction (stealth addresses). It is then impossible for a third party to determine whether certain transactions are sent to the same receiver.
- Double spending protection: the ancestor of circle signatures is called group signatures. It is necessary to rely on a third party to protect the system against double spending. Now, every stealth address leaves a footprint on the blockchain. The protocol then rejects any transaction involving a stealth address that has already been used.
- Proof of “egalitarian” work: the system wishes to ensure linearity between the financial investment and the corresponding hashing power, regardless of the hardware used to mine, whether GPUs/FPGAs/ASICs or CPUs.
CryptoNote was the first protocol to implement circle signatures and stealth addresses. Several hard forks of Monero made it possible to implement improvements, inspired in particular by the developer of Bitcoin Core Gregory Maxwell.
The CryptoNote white paper is available on WebArchive.
Circle signatures (ring signatures)
There are several versions of this cryptographic sleight of hand, but the goal is always the same. It’s necessary hide the public key associated with the private key used to sign a transaction, while being able to prove that the signature is indeed authentic. In the case of Monero, the protocol relies on the work ofEiichiro Fujisaki and of Koutarou Suzuki. For more details on confidential transactions based on ring signatures (Ring CT), read this paper Shen Noether.
A circle signature allows you to sign a message on behalf ofa set of public keys. It is then impossible to identify the author of the signature among all the signatories (there is equal probability of the issuers of the transaction among the signatories). The network nodes can just ensure that the signature is correct: you must have a private key associated with one of the public keys used for the signature to be correct, but it is impossible to link a signature to the address public of the issuer of the transaction.
Each issuer of a payment must prove that it is spending unspent outputs (UTXOs) as in the case of Bitcoin, but these UTXOs do not have to be known to carry out the verification. In practice, this means that when a user wants to make a transaction of 50 XMR, they will use, for example, (22 XMR + 10 XMR + 3.8 XMR + 6.7 XMR + 6.5
Stealth addresses (stealth addresses)
Each Monero account has:
- A public address ;
- A spending key private (spend key): this private key allows the payment to be issued,
- A observation key (view key) which allows you to view incoming transactions to the account. Private by default, it can be shared to disclose the balance of a Monero account.
The system of stealth addresses allows the sender of a transaction to create random, single-use addresses on behalf of the receiver. The private key of these addresses is also linked to the receiver’s account, but it is impossible to identify its associated public address for a third party without knowing its observation key. Through this cryptographic process, only the counterparties involved can have knowledge of the transaction.
Monero in practice
It is obvious that the confidentiality of transactions carried out on the Monero network does not only attract entities carrying out legal activities. Monero is increasingly used on dark markets. However, a high level of privacy also offers many benefits to those who follow the law but want to protect sensitive information. For example, a merchant does not necessarily wish to disclose the identity of its customers, or the amount of transactions carried out.
Monero mining
There proof of work used on Monero relied for a long time on the CryptoNight algorithm. Since November 2019, it is RandomX. It is optimized for mining by CPU and employs different techniques making mining by ASIC (specialized chips) less efficient. The idea is to keep mining decentralized, as well as to have a more equal distribution of block rewards.
Sending and receiving a transaction
Several wallets multi-currencies manage Monero. However, in order to benefit from all the features offered by the protocol, it is necessary to install the complete client software on his computer. The sources are available here, and many languages are supported, including French.
After installing the client software, you will need to download the entire blockchain to your hard drive. Its size is approximately 64 GB. In order to start synchronization with the network, you must launch the “monerod.exe” executable present at the root of the folder. It is possible to modify the path to the blockchain, which is located by default in the C:ProgramDatabitmonerolmdb directory:
- Either through the command prompt:
cmd.exe, touche Windows + R et en ajoutant "--data-dir N:nouveauchemind'accès"
- Either by modifying the “Daemon startup flags” field (“Startup options” in French) of the “Settings” tab in the graphical user interface.
Creating a new portfolio is completely classic. The seed (mnemonic phrase, seed) can be up to 25 words long.
Receiving a payment (via a public address) is also trivial: its format is “human-compatible” and the associated QR code is displayed in large format.
The issuance of a transaction, on the other hand, must be configured according to the confidentiality level desired, that is to say it is possible to increase the size of the circle of signatories as he pleases. Obviously, this increases the costs.
I am an honest citizen. Why would I need anonymous transactions?
There confidentiality of transactions East essential because of information asymmetry. It occurs when some participants in an exchange have relevant information that others do not have:
- Certain entities monopolize a much greater quantity of information at the expense of others, in particular financial data of ordinary citizens.
- THE markets will never be free if the conditions of pure and perfect competition will never be met.
- THE corporations have a huge advantage over the average consumer. Indeed, they have much more information than him. This prevents him from making informed choices or from proposing a business competitive. The disclosure of consumer financial data greatly increases these inequality.
- Businesses can use financial data of their users in order to manipulate the markets. They can also sell this data to third parties or have it stolen.
- Companies with access to Big Data can influence consumers or adjust their prices as they wish.
- Beyond simple data loss or theft, this can create physical security issues. This is the case in the context of connected objects (example: autonomous cars).
- History is replete with examples of governments having an unfortunate tendency to use their citizens’ financial data to justify, at discretion, restrictions on basic individual freedoms.
Monero is not a perfect solution, and some will prefer cryptocurrencies based on zero-knowledge proof. However, Monero can count on a strong development team and an extensive user base.