If you’ve heard of Monero, it’s probably as a privacy coin. This is a project that has taken huge strides in cryptography to design a truly anonymous electronic payment system, a major step in the crypto world.
Monero is built through CryptoNote, an application layer protocol that powers many other decentralized cryptocurrencies today. The first currency launched that was based on CryptoNote was Bytecoin, which went live in 2012. It was a big step, but a little shady too! 80% of the coins were already published, essentially pre-mined. This left the currency wide open to price manipulation, and the community was having none of it. The proejct promptly forked into Bitmonero and eventually renamed as Monero.
So… what is it?
Monero is a private, anonymous, fungible coin with a number of appealing advantages over pseudonymous coins like Bitcoin. We covered pseudonymous vs anonymous coins recently – here’s a quick recap that will explain fungibility too.
Bitcoin: Pseudonymous, not very fungible
When you buy and exchange Bitcoin, you leave a trail that is in some ways even less anonymous than using fiat currency. The blockchain ledger is a permanent record that stores every single Bitcoin transaction ever made forever – not only that, you can actually identify which Bitcoin or fragment of a Bitcoin was used in which transaction.
You often see bank robbers in movies getting all worked up about serial numbers, and for good reason. If money is stolen from a bank, the government will issue the serial numbers of each note to other banks and businesses in an attempt to track the currency. With Bitcoin and other similar currencies, it’s even easier – if some Bitcoin was used in an illegal transaction in 2011, it’s possible to trace that currency to the current owner, even if the crime has nothing to do with them. So in a lot of ways, pseudonymous cryptocurrencies like Bitcoin are extremely helpful to law enforcement for apprehending criminals. Not what they sell you in mainstream media, I know.
In all likelihood, the majority of fiat currency notes (like dollar bills) you come into contact with have been used to make an illegal purchase at some point in the past. However, the serial number isn’t usually being monitored. It’s a concern that as adoption grows, Bitcoin used in illegal transactions and then recirculated to new owners may be “tainted” by its illicit past, and that certain exchanges may not accept it, or that governments may attempt to seize it. This leads to certain Bitcoins potentially being more valuable than others!
That makes Bitcoin a “non-fungible asset” that can’t always be easily exchanged, much like a phone or a painting. The ability to identify specific Bitcoin as opposed to each unit of currency being interchangeable means a lack of fungibility, or interchangeability. If an asset can easily be exchanged, it’s fungible. Once we start seeing each Bitcoin as a unique item, they become less fungible, and that’s not the only issue.
Given that Bitcoin users all have public keys that correspond to each purchase, they are in a sense tied to their transaction history. If someone were to learn a user’s public key, every transaction they’d ever made could be viewed with ease. In a sense, this is still more private than using names and dates of birth like with digital fiat payments – in fact, the public key essentially replaces the name, like a pseudonym (hence pseudonymous). However, it’s not true privacy, and even fiat records can be lost or destroyed, which is highly unlikely with blockchain – that’s sort of the point! The record is there forever, and these features of Bitcoin-based currencies allow authorities to link current users to the crimes of other, unrelated users, as well as simply track how much someone earns or spends without asking by simply having access to their public key.
Monero: Anonymous, fungible, and more
That brings us to Monero, a currency specifically designed to avoid these problems and many others besides.
Monero is a privacy coin, and it’s not possible to trace a person’s spending with their public key. In fact, Monero uses a completely different system with multiple keys and signatures to ensure this. Here’s how it works.
Stealth Addresses (and multiple keys)
So, first of all:
Second of all, it is cool, and here’s why.
Your stealth address is where you receive your funds, and as the name suggests, it’s a secretive affair. Nobody else knows about it or has access to it. A Monero wallet address is actually a 95 character string which consists of a public spend key and a public view key, and these two keys combine along with some random data to make a “one time public key”, or stealth address. If I send you XMR (Monero), my wallet takes your public spend and view keys, generates a stealth address, and transfers the money. This is not visibly linked in any way to your address or wallet, completely hidden from the blockchain. Anyone scanning the blockchain can view the stealth address, but that’s it – they won’t see who it connects to.
For you to retrieve the funds, you’ll need your private spend key. The whole transaction is private and unlinked with no visible record – however, if I need to, I can demonstrate that I did in fact send the money.
So recipients are protected by stealth addresses – if the address is hidden, we can’t see who’s receiving the money. What about the senders? This is where ring signatures come into play.
When someone sends funds on the Monero blockchain, the transaction is digitally signed (this is always necessary on a blockchain to prevent double spending). However, with Monero, four other “decoy” signatures are also included. These come from other people on the blockchain. The signatures all merge into a “ring signature”, with no way of knowing which signature corresponds to the person sending the money.
Double spending is prevented through the use of “key images”. Only one exists per transaction, and a complete list of key images is kept o the blockchain. Miners can then verify that no key images are repeated, meaning no double spending is taking place. This is done without ever connecting the key image to a user – totally private.
Monero ASIC resistant in the sense that it is too expensive to profitably mine with ASIC chips. This is due to the CryptoNote system using the CryptoNight hashing algorithm, which ASIC chips are not designed for. Even if there is ASIC research taking place to crack Monero, there’s a possibility that they will switch up the hashing algorithm. Coins that aren’t very ASIC-friendly are perceived by the crypto community as being less subject to falling under the control of mining pools, which would contribute to true decentralization.
Monero is also dynamically scalable. Bitcoin’s 1mb limit on block size has led to the blockchain becoming too slow to ever be a viable method of transaction in the world of commerce unless it can be rescued by SegWit and the Lightning Network.
Monero was put together with this in mind, and there’s no set limit on the block size. Instead, an average block size of the last hundred blocks is taken, and blocks that are too large are subject to miner penalties – this prevents malicious miners from deliberately slowing down the blockchain with overly large, data-heavy blocks.
XMR is definitely a crypto to keep an eye on as digital currencies begin to gain mainstream adoption.
Follow us on twitter @cryptoiscomin