CryptoNote: Difference between revisions
Monero.dev (talk | contribs) →Untraceable payments: link to Wikipedia |
Altcoins are off-topic, no need to list them |
||
(20 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
CryptoNote is an open- | CryptoNote is an open-sourced protocol that allows for increased privacy in cryptocurrency transactions. | ||
== Features == | == Features == | ||
=== | ===Difficult to trace and link payments === | ||
Unlike traditional cryptocurrencies that mostly use unambiguous signatures to verify the transfer, CryptoNote utilizes [https://en.wikipedia.org/wiki/Ring_signature ring signature]. Ring signature is a more sophisticated scheme | Unlike traditional cryptocurrencies that mostly use unambiguous signatures to verify the transfer, CryptoNote utilizes [https://en.wikipedia.org/wiki/Ring_signature ring signature]. Ring signature is a more sophisticated scheme that demand several different public keys for verification. In this case the transaction is signed by a group of users. Thus, the verifier may only identify that one of them was a signer, but not who exactly that was. Though this does not offer provable anonymity (like [[Zerocoin]]), the increase in privacy in comparison to Bitcoin is considerable. | ||
CryptoNote automatically creates multiple unique one-time addresses for each of the payments, which are created from the single public key. Even though the payment is sent to a public address, in the block chain it appears as if it is sent to a one-time address. The sender uses random data and the public address of the receiver to calculate this one-time key of the payment. The redemption of the funds requires the receiver's private key, so only the latter may receive the money sent to the one-time address. Moreover, no third party can discover the link between the one-time key and the receiver's public address. | |||
CryptoNote automatically creates multiple unique one-time addresses for each of the payments, which are created from the single public key. Even though the payment is sent to a public address, in the block chain it appears as if sent to a one-time address. | |||
The sender uses | |||
=== Double-spending proof === | === Double-spending proof === | ||
CryptoNote's ring signatures restrict the double-spending attempt by linking the transactions with the same private key. The protocol uses the key image, derived from a private key through a one-way function. All the users keep the list of all the used key images, which are checked against a new transaction. In case there is a duplicate key image, the transaction is rejected as a double-spending attempt. However, the identity of the sender would still be unknown, since it is impossible to get the private key from its image. | |||
=== Block chain analysis resistance === | === Block chain analysis resistance === | ||
Line 24: | Line 19: | ||
=== Adaptive limits === | === Adaptive limits === | ||
There are no hard constants and magic numbers in CryptoNote. Each limit (e.g., max block size, or min fee amount) is re-calculated based on the historical data of the system. Moreover, the difficulty and the max block size are automatically adjusted with each new block. | There are no hard constants and magic numbers in CryptoNote. Each limit (e.g., max block size, or min fee amount) is re-calculated based on the historical data of the system. Moreover, the difficulty and the max block size are automatically adjusted with each new block. The main idea of the algorithm is to sum all the work that nodes have performed during the last 720 blocks and divide it by the time they have spent to accomplish it. The measure of the work is the corresponding difficulty value for each of the blocks. | ||
The main idea of the algorithm is to sum all the work that nodes have performed during the last 720 blocks and divide it by the time they have spent to accomplish it. The measure of the work is the corresponding difficulty value for each of the blocks. | |||
=== Smooth emission === | === Smooth emission === | ||
Line 33: | Line 27: | ||
BaseReward = (MSupply - A) >> 18 | BaseReward = (MSupply - A) >> 18 | ||
MSupply = 2^64 - 1 (atomic units) | MSupply = 2^64 - 1 (atomic units) | ||
CryptoNote forks DarkNote and MonetaVerde implement alternative emission logic: in DarkNote emission halves each month and in MonetaVerde block reward increases with difficulty. | |||
=== Egalitarian proof of work === | === Egalitarian proof of work === | ||
Line 44: | Line 40: | ||
== Origins == | == Origins == | ||
The first version of CN – CryptoNote v.1 (December 12 2012) was published in Tor http://ol346fucnsjru223.onion/whitepaper.pdf | |||
Little is known about CryptoNote's origins. The official website uses supposedly fake names for the team members, while the white paper's author is Nicolas van Saberhagen, which is also likely to be a pseudonym. The white paper "CryptoNote v 2.0" is dated back to October 2013.<ref>https://cryptonote.org/whitepaper.pdf</ref> There are claims that this date isn't correct: bitcointalk.org user rethink-your-strategy discovered copies of CryptoNote whitepapers with XPM properties set to 2014 on cryptonote.org site<ref>https://bitcointalk.org/index.php?topic=740112.0</ref> while nearly same documents with 2013 and 2012 years in XPM properties were available on bytecoin.org site.<ref>https://bitcointalk.org/index.php?topic=740112.msg8409063#msg8409063</ref> | |||
It was also mentioned that the team developing CryptoNote had experienced a schism and went separate ways. | |||
CryptoNote | |||
== Philosophy == | == Philosophy == | ||
Line 66: | Line 61: | ||
* [https://github.com/amjuarez/bytecoin Reference code] | * [https://github.com/amjuarez/bytecoin Reference code] | ||
* [https://cryptonote.org/whitepaper.pdf White paper] | * [https://cryptonote.org/whitepaper.pdf White paper] | ||
* [https://cryptonote.org/coins.php CryptoNote Currencies] | |||
== References == | == References == |
Latest revision as of 21:37, 24 December 2014
CryptoNote is an open-sourced protocol that allows for increased privacy in cryptocurrency transactions.
Features
Difficult to trace and link payments
Unlike traditional cryptocurrencies that mostly use unambiguous signatures to verify the transfer, CryptoNote utilizes ring signature. Ring signature is a more sophisticated scheme that demand several different public keys for verification. In this case the transaction is signed by a group of users. Thus, the verifier may only identify that one of them was a signer, but not who exactly that was. Though this does not offer provable anonymity (like Zerocoin), the increase in privacy in comparison to Bitcoin is considerable.
CryptoNote automatically creates multiple unique one-time addresses for each of the payments, which are created from the single public key. Even though the payment is sent to a public address, in the block chain it appears as if it is sent to a one-time address. The sender uses random data and the public address of the receiver to calculate this one-time key of the payment. The redemption of the funds requires the receiver's private key, so only the latter may receive the money sent to the one-time address. Moreover, no third party can discover the link between the one-time key and the receiver's public address.
Double-spending proof
CryptoNote's ring signatures restrict the double-spending attempt by linking the transactions with the same private key. The protocol uses the key image, derived from a private key through a one-way function. All the users keep the list of all the used key images, which are checked against a new transaction. In case there is a duplicate key image, the transaction is rejected as a double-spending attempt. However, the identity of the sender would still be unknown, since it is impossible to get the private key from its image.
Block chain analysis resistance
CryptoNote creates an obstacle for an analyst by using ring signatures and one-time addresses covered above. Every address of the payment is a unique one-time key, which is created from both the sender's and the receiver's data, and the usage of ring signature hides the exact outputs that have been spent for the input. Therefore, each next transaction increases the number of possible senders and hides the actual connection even more.
Adaptive limits
There are no hard constants and magic numbers in CryptoNote. Each limit (e.g., max block size, or min fee amount) is re-calculated based on the historical data of the system. Moreover, the difficulty and the max block size are automatically adjusted with each new block. The main idea of the algorithm is to sum all the work that nodes have performed during the last 720 blocks and divide it by the time they have spent to accomplish it. The measure of the work is the corresponding difficulty value for each of the blocks.
Smooth emission
The coins are emitted smoothly, as the reward changes with each new block. This allows a predictable steady growth of money supply determined by the formula[1]:
BaseReward = (MSupply - A) >> 18 MSupply = 2^64 - 1 (atomic units)
CryptoNote forks DarkNote and MonetaVerde implement alternative emission logic: in DarkNote emission halves each month and in MonetaVerde block reward increases with difficulty.
Egalitarian proof of work
CryptoNote uses CryptoNight hashing algorithm as its proof-of-work. The proof of work mechanism is actually a voting system. Users vote for the right order of the transactions, for enabling new features in the protocol and for the honest money supply distribution.
Origins
The first version of CN – CryptoNote v.1 (December 12 2012) was published in Tor http://ol346fucnsjru223.onion/whitepaper.pdf
Little is known about CryptoNote's origins. The official website uses supposedly fake names for the team members, while the white paper's author is Nicolas van Saberhagen, which is also likely to be a pseudonym. The white paper "CryptoNote v 2.0" is dated back to October 2013.[2] There are claims that this date isn't correct: bitcointalk.org user rethink-your-strategy discovered copies of CryptoNote whitepapers with XPM properties set to 2014 on cryptonote.org site[3] while nearly same documents with 2013 and 2012 years in XPM properties were available on bytecoin.org site.[4]
It was also mentioned that the team developing CryptoNote had experienced a schism and went separate ways.
Philosophy
CryptoNote philosophy has several key points: privacy as a fundamental human right; government's influence and control remission as an aim. The economy should be separated from politics, communities should set new transparent principles, and impartial cryptographic algorithms should control its implementation.