Monero(XMR) is a privacy focused cryptocurrency. The Monero project was announced in April 2014 by an anonymous founder and has gained in prominence ever since. Monero is one of the few blockchains that isn’t just a “fork” or copy of the Bitcoin source code with alterations, but rather Monero uses two early cryptocurrency projects’ code bases, which were built from scratch: CryptoNote/Bytecoin. The CryptoNote code base is where Monero gets its famous Ring Signatures, which we will get to later.
Like Bitcoin, Monero’s community is very focused on censorship resistance. Monero, like Bitcoin, has a community ethos of decentralization and also uses Proof of Work mining to secure the Monero blockchain. The Monero blockchain differentiates itself from Bitcoin with more robust privacy guarantees. Although there are no accounts or identities when using the Bitcoin blockchain, it is incredibly transparent and auditable by design. Bitcoin is not anonymous like many in the media wrongly proclaim every few months, but is rather pseudonymous. Monero, on the other hand, explicitly aims to get as close to anonymity as possible.
As a consequence of the anonymity of transactions, the Monero community boasts of the currency’s superior fungibility when compared to other cryptocurrencies. Every unit of Monero is equal to every other unit of Monero because there is no known identifiable transaction history that links them. This is comparable to the properties of some fiat cash schemes or gold. For example, when transacting with cash or gold, the buyers and sellers do not know the transaction histories of each unit of money.
Why is fungibility important? Fungibility limits financial censorship. Certain individuals, businesses or institutions could choose or be forced to not accept certain units of cryptocurrency associated with certain transaction histories, addresses, etc., if the transaction history of each unit of currency is known. Knowing the histories of transactions and the associated addresses effectively makes each unit of currency different, or less fungible. This lite form of financial censorship is near impossible to do with Monero since the transaction and address histories are obfuscated. This puts every unit of Monero on a level playing field.
Privacy Achieved: Two Key Pairs and Signatures
How exactly does Monero achieve anonymity? They do this through the clever use of two asymmetric key pairs and a unique signature algorithm which provide privacy for the sender, receiver, and the transaction itself.
When we refer to “keys”, we are talking about the use of public key cryptography, which is used by almost every cryptocurrency in existence. Most cryptocurrencies can be used exclusively with only one set of “keys”. For example, Bitcoin, can be used with one set of key pairs: a private key and a public key. That’s all you need. Monero uses two key pairs: a “spend key” and a “view key”, each with their own private and public key pair. The spend key pair, as the name implies, is used to spend funds in your Monero wallet. Spending cryptocurrency requires the use of digital signatures which provide cryptographic proof that the spender has ownership and the right to spend a digital currency.
Sender Privacy: Ring Signatures
Monero uses a unique signature algorithm called a “ring signature”. Without going too far into the details, a ring signature in Monero is a digital signature that is produced by a group (ring) of different users with their own unique set of spend keys. A ring signature is endorsed by one of the user’s spend key in the ring and it is computationally infeasible to figure out which member of the ring produced the signature. A ring signature allows the senders of coins to prove cryptographically that they had the right to spend specific units of Monero without any outside party knowing what signature belongs to any user related to the “ring”. It’s a way of mixing many different valid digital signatures together into one “ring” signature that obfuscates anyone’s ability to link that signature to any specific transaction. These ring signatures ultimately provide privacy to the sender of a Monero transaction.
Receiver Privacy: Stealth Addresses
The privacy of the receiver of a transaction is shielded in Monero by the use of “stealth addresses”. Stealth addresses are random one-time-use addresses for each transaction created by the sender of Monero. The receiver of Monero only needs to reveal their single public address, and from that one address the sender can create unique stealth addresses that only the sender and receiver know of, hence the use of the word “stealth”. Simply put: the receiver reveals one address (think of it as an address for a mailbox) that receives a message from the sender telling them where the Monero has actually been sent. The Monero has actually been sent to a one time stealth address created by the spender using the receiver’s public address. Again only the sender and the receiver know the stealth address the Monero was sent to.
This brings us to the second key pair used by Monero, known as the “view key”. The view key is used to create the address that the receiver of Monero reveals to the world and allows the receiver of Monero to “view” where the funds were actually sent. The view key allows the receiver to view the stealth addresses. Working off of the example used in the previous paragraph the view key is the key that opens the mailbox. In the mailbox there is a message telling the owner of the view key where the Monero has been sent.
Any outside party can know the revealed address but will never be able to see transactions being sent to the stealth address. They need the view key to be able to see the transactions. When we compare this to Bitcoin we can see the difference in privacy. With Bitcoin, if someone knows an address they can see every transaction that goes in and out. This is not possible in Monero without the view key.
Confidential Transactions: RingCT
In addition to sender (ring signatures) and receiver privacy (stealth addresses), Monero utilizes Ring Confidential Transactions (RingCT) which shield transaction amounts from outside parties. Only the sender and receiver know the amount sent. This begs the question: if the amounts are hidden how does the network know participants haven’t created or destroyed units or Monero arbitrarily? RingCT checks arithmetically that the sum of all the inputs in a ring equals the sum of all the outputs. This check can happen without knowing the specific amounts. One can see why privacy advocates are so excited about this blockchain.
Privacy by Default
There are other privacy coins on the market but to our knowledge Monero is one of the few with privacy on by default with no potential for privacy weak links. Some blockchains have privacy features which are opt-in meaning users can choose whether or not to use their respective anonymity features. This leaves open more possibilities for traceability and linkability between addresses, transactions and ultimately users.
Monero in Edge
The Edge Wallet uses MyMonero libraries and server infrastructure for our Monero capabilities. Neither Edge nor MyMonero has access to your spend key.
In the spirit of full disclosure, there is a privacy compromise when using Edge because MyMonero servers store the view keys. If MyMonero infrastructure is compromised, user’s view keys could be exposed to outside parties. However, even in this scenario, it would be extremely difficult to link those view keys to real life identities, but we think users should be aware. Access to an account’s view key only exposes how much an account has received. It does not expose what addresses the funds came from and does not provide access to spend a user’s funds. A user that wants to use a wallet that doesn’t expose their view keys would require them to view the entire Monero blockchain which requires hundreds of gigabytes of data being downloaded through their phone or computer. Edge is a great option for those who don’t want to incur such a large amount of bandwidth through their device.
In a future release, Edge will enable advanced users the ability to connect Edge to their own Monero nodes running a MyMonero compatible API. This will allow users to take full control of their view keys and privacy. Currently there is an open source implementation of MyMonero’s backend infrastructure called Open Monero that allows users to spin up and host their own Monero validating node.
For those who have spent Monero in Edge you may have noticed it takes a little more time to send a transaction than other cryptocurrencies supported in the wallet. This happens because the wallet has more work to do to complete the transaction compared to currencies like Bitcoin or Ethereum. Monero transactions are private by default, and that requires more intense cryptographic computations as well as additional network interaction to create a spend. Monero’s RingCT feature requires that a wallet coordinate with nodes to mix a user’s transaction with transactions being requested by other users. This may delay a transaction if other transactions are not immediately available to mix with. In addition, encrypting the amounts of a transaction requires almost 30 times the computation of a regular transaction. On smaller and slower mobile devices, this could cause transactions to take minutes, instead of seconds, to create and send.
When attempting a send in Edge, please be patient and let it process. Some older devices can take several minutes to complete before showing a success message.
If you haven’t used Monero in Edge, download it today, try it out, and let us know if you have any questions!
[edge_button url=”/monero-wallet/” text=”Install Edge to Buy Monero”]