🔥 Monero Wiki - XMR Course, Cryptocurrency & More!
According to the Monero website: Monero is a secure, private, and untraceable currency system. Monero uses a special type of cryptography to ensure that all transactions are 100% non-linkable and non-traceable. In an increasingly transparent world, one can understand why something like Monero can become so desirable. In this guide, we're going to get to know the mechanics behind Monero and see what makes it so special.
The origins of Monero XMR
Bytecoin, the first implementation of CryptoNote in real life, was launched back in July 2012. CryptoNote is the application layer protocol that supports various decentralized currencies. While it is similar in many aspects to the application layer Bitcoin runs on, there are many areas in which the two are different from each other.
Although the Bytecoin was showing promise, people noticed that a lot of dubious things were going on and that 80% of the coins were already released. So it was decided that in April 2014 the Bytecoin blockchain will be forked and the new coins in the new chain will be called Bitmonero, which will eventually be renamed Monero, which means "Coin" in Esperanto. In this new blockchain, a block is mined and added every two minutes.
Monero is led by a core development team of 7 developers, 5 of whom have chosen to remain anonymous while two have come out publicly. They are David Latapie and Riccardo Spagni alias "Fluffypony". The project is open source and publicly funded.
Special features of Monero XMR
So what is it that makes Monero so hot and sought after? What are the unique properties that the CryptoNote algorithm gives it? Let's take a look.
Property # 1: Your currency is yours
You have complete control over your transactions. You are responsible for your money. Since your identity is private, no one will be able to see what you are spending your money on.
Trait # 2: It is fungible
Another interesting quality it gains thanks to its privacy is that it is really fungible. What is fungibility? Investopedia defines fungibility as follows:
"Fungibility is the interchangeability of a good or asset with other individual goods or assets of the same kind".
Suppose you borrowed $ 20 from a friend. If you give him the money back with ANOTHER $ 20 bill, that's perfectly fine. In fact, you can even return the money to him in the form of 1 $ 10 bill and 2 $ 5 bills. It's still fine. The dollar has fungible properties (but not always).
However, if you borrow someone's car for the weekend and come back and give them another car in exchange, then that person is likely to slap in the face. If you leave with one red impala and come back with another red impala, that too is not a decided matter. Cars are a non-fungible asset in this example.
So what about fungibility when it comes to cryptocurrency?
For example, let's look at bitcoin. Bitcoin prides itself on being an open book and an open book. But it also means that everyone can see the transactions in it and, more importantly, everyone can see the trace of that transaction. This basically means: Assuming you own a Bitcoin that was once used in an illegal transaction, e.g. when buying drugs, then it would be imprinted on the transaction details forever. Essentially, this means that it will "contaminate" your Bitcoin.
With certain Bitcoin service providers and exchanges, these "contaminated" coins will never be worth as much as "clean" coins. This kills fungibility and is one of the most common criticisms made against Bitcoin. Finally, why should you suffer if one of the previous owners of your Bitcoin used it to make illegal purchases?
This is where Monero comes in. Since all of your data and transactions are private, no one can know what transactions your Monero went through before, nor what was purchased with your Monero. Since its transaction history can never be known, it also means that the "transaction" trail does not exist. As a result, the concept of the "contaminated" Monero and the "clean" Monero do not exist, and therefore they are fungible!
Feature # 3: Dynamic Scalability
The question of the scalability of bitcoins has been a very hot topic in the crypto community in recent months. To give you all an overview of the situation, Bitcoin was created with a self-imposed block size limit of 1Mb. In its early developments, Bitcoin did not have a block size limit, but to prevent spam transactions, the size limit was enforced.
Monero uses a free block size mechanism with no "preset" size limit. However, this also means that malicious miners can clog the system with disproportionately large blocks. To prevent this from happening, a block reward penalty is built into the system. And that is how it works:
First, the average size of the last 100 blocks is taken, which is called M100. Now let's assume that the miners have mined a new block and it has a certain size called "NBS" aka New Block Size. If NBS> M100, then the block reward is reduced as the square of how much NBS is greater than M100.
This means that if the NBS [10%, 50%, 80%, 100%] is greater than M100, the block reward will be reduced by [1%, 25%, 64%, 100%]. In general, blocks larger than 2 * M100 are not allowed, and blocks <= 60kB are always free of any reward penalties.
Feature # 4: ASIC (Application Specific Integrated Circuit) resistant
Ok, before we start, let's get that out of the way for now. Monero isn't exactly "ASIC-resistant", but the cost of making ASICs for Monero would be so high it just wouldn't be worth it. Why is that the case? Do you remember when we said that Monero is based on the CryptoNote system, which makes it so different from Bitcoins? Well, the hashing algorithm that is used in CryptoNote based systems is called "CryptoNight".
Cryptonight was created to build a fairer and more decentralized monetary system. Cryptocurrencies that contain Cryptonight cannot be mined. It was hoped that this would prevent the formation of mine pools and distribute the currency more evenly.
So what are the characteristics of CryptoNight that make it ASIC resistant?
- Cryptonight requires 2MB of fast memory to function. This means that the parallelization of hashes is limited by how much memory can be packed into a chip, while at the same time it's cheap enough to be worth it. 2MB of memory uses much more silicon than the SHA256 circuit.
- Cryptonight is designed to be CPU and GPU friendly, as it uses the advantages of the AES-Ni instruction sets. Basically, some of the work done by Cryptonight is already being done in hardware when it runs on modern end devices.
- There have been discussions about converting Monero from the work record algorithm to the "Cuckoo Cycle" (another form of the work record hash). If such a switch occurs, then the effort of researching and developing Monero-friendly ASICs would be meaningless.
Trait # 5: Multiple Keys
One of the confusing aspects of Monero is its multiple keyboard. With Bitcoin, Ethereum etc. you only have one public and one private key. In a system like Monero, however, it's not that simple.
Show buttons: Monero has a public and private display key.
- The public view key is used to generate unique stealth addresses through which the funds are sent to the recipient. (later more).
- The private view key is used by the recipient to scan the blockchain and find the funds transferred to them.
That is the general overview of the process. The key to public opinion is the first part of the Monero speech. Issue keys: If the display key was mainly intended for the recipient of a transaction, the issue key revolves around the sender.
As mentioned above, there are two spend keys: the public and private spend keys.
- The issuance public key helps the sender to participate in ring transactions and also to verify the signature of the keyframe. (later more)
- The Issue Private Key aids in creating the keyframe that enables them to send transactions.
The key to public spending is the second part of the Monero address. By the way, the Monero address is a 95-character symbol chain, which consists of the public expenditure and the key for the public view.
This can be very confusing right now, but just keep this information in mind and it will become clearer with the following sections.
How does a transaction in a cryptocurrency work?
Every transaction has two sides, the incoming side and the outgoing side. Assuming Alice needs to send Bob some bitcoins, what will that be?
To make this transaction possible, Alice must receive bitcoins that she received from various previous transactions. Remember, as we said earlier, with Bitcoins, every single coin is billed through a transaction history. This allows Alice to use the outputs of her previous transactions to enter the new transaction. When we speak of "outputs" later, especially in the section on the ring signature, we mean the outputs of the old transaction that become the inputs of the new transaction.
So let's say Alice needs to pull bitcoins from the following transactions, which we will call TX (0), TX (1) and TX (2). These three transactions are added together and that gives the input transaction, which we will call TX (Input).
So this is what the input side looks like, let's see what the output side will look like.
The output will basically include a bunch of bitcoins that Bob will have after the transaction, plus any remaining changes that are left over, which will then be sent back to Alice. This change then becomes your input value for all future transactions.
Well this is a very simple transaction that only has one issue (aside from the CHANGE), there are transactions that are possible with multiple issues. Bitcoin transactions are based on public key cryptography.
A Bitcoin user first selects his private key. The public key is then mathematically derived from the private key. The public key is then hacked to create a public address that is open to the world. So when Alice sends Bob some BTC, she just has to send it to his public address.
Well there is a problem with this system. The public address is good ... public! Anyone on the blockchain can know who this address belongs to, and as a result, it can check their entire transaction history and also a number of bitcoins they own! While Bitcoin does a great job as a decentralized cryptocurrency, it doesn't really do a good job as a private currency system.
As they put it, an ideal electronic cash should meet three requirements:
- It should be electronic.
- It should be decentralized.
- It should be private.
With Monero, they are trying to meet all of these 3 criteria. The basic philosophy behind Monero is complete privacy and opacity.
- The privacy of the sender is protected by ring signatures.
- The recipient's privacy is protected by stealth addresses.
- The confidentiality of the transaction is maintained by Ring CT aka Ring Confidential Transactions.
Monero Cryptography # 1: Ring Signatures
To understand what ring signatures are and how they help maintain sender privacy, let's take a hypothetical real-life example. When you send someone a check, do you have to sign it with your signature rights? However, this allows anyone who sees your check (and knows what your signature looks like) to know that you are the person who sent it.
Now think about it. Let's say you pick up any 4 people from the street. And you join your signatures with those 4 people to create a unique signature. Nobody will be able to find out whether it is really your signature or not.
This is essentially how the ring signature works. Let's look at the mechanism related to Monero. Assuming Alice needs to send 1000 XMR (XMR = Monero) to Bob, how will the system use ring signatures to hide her identity? (For the sake of simplicity, let's take a case from before the ring implementation ... more on that later).
First she will determine her "ring size". The ring size are random outputs from the Monero network that have the same value as their output aka 1000 XMR. The larger the ring size, the larger the transaction and therefore also the transaction fees. She then signs these issues with her private issue key and sends it to the blockchain. One more thing to note: Alice does not need to ask the owners of these previous transactions for their consent to use the expenses.
In a ring signature transaction, each of the decoys taken from the Monero network is just as likely to be an output as the actual output, leaving unintended third parties (including miners) unable to know the sender.
Now that brings us to a problem. One of the many important jobs miners do is prevent "double spending". Double spending basically means that the exact same coin will be spent on more than one transaction at the same time. This problem is circumvented because of the miners. In a blockchain, transactions only take place when the miners place the transactions in the blocks that they mined.
So let's say A sends 1 bitcoin to B and then it sends the same coin to C. The miners would then do one transaction within the block, overwriting the other, which prevents double spending. However, this is only possible if the miners can actually see what the inputs to the transaction actually are and who the sender is. In Monero this is all hidden and camouflaged thanks to the ring signatures. So how do you prevent double spending?
The answer lies in more sophisticated cryptography. Each transaction in Monero is provided with its own unique key image. Since the keyframe is unique for each transaction, the miners can simply check it and know whether a Monero coin is being spent twice or not.
In this way, Monero maintains the privacy of the sender through ring transactions. Next, we'll see how Monero protects the recipient's identity through the use of stealth addresses.
Monero Cryptography # 2: Stealth Addresses
One of Monero's biggest USPs is the unlinkability of transactions. Basically, if someone sends you 200 XMR, no one should know that this money is going to your addresses. When Alice sends money to Bob, basically only Alice should know that Bob is the recipient of her money and no one else.
So how does Monero ensure Bob's privacy? Remember that Bob has 2 public keys, the view public key and the broadcast public key.
In order for the transaction to take place, Alice's Wallet uses Bob's View Public Key and Issue Public Key to generate a one-time public key.
This is the calculation of the unique public key (P).
- P = H (rA) G + B
In this equation:
- r = random scalar chosen by Alice.
- A = Bob's public view key.
- G = cryptographic constant.
- B = Bob's public spending key.
- H () = The Keccak hashing algorithm used by Monero.
The calculation of this unique public key creates a unique public address in the blockchain to which Alice sends her Monero intended for Bob, which is called the "stealth address". How is Bob going to unlock his Monero from the random distribution of the data?
Remember that Bob also has an Issue Private Key. This is where it comes in. The issuing private key basically helps Bob scan the blockchain for his transaction. When Bob comes across the transaction, he can compute a private key that corresponds to the one-time public key and retrieve his Monero. So Alice paid Bob with Monero without anyone knowing about it.
The calculation of keyframes (a little detour)
Before we proceed, let's come back to the keyframes. So how is a keyframe (I) calculated? Now we know how the unique public key (P) was calculated. And we have the sender's private issuing key, which we will call "x".
- I = xH (P).
Things to consider from this equation.
- It is not possible to infer the one-time public address P from the keyframe "I" (it is a property of the cryptographic hash function) and therefore Alice's identity will never be revealed.
- P will always give the same value when chopped up, i.e. H (P) will always be the same. Since the value of "x" is constant for Alice, this means that she will never be able to produce multiple values of "I". That makes the keyframe unique for every transaction.
Monero Cryptography # 3: Confidential Ring Transactions
So now we've seen how the issuer can remain anonymous, and we've seen how the recipient remains anonymous. But what about the transaction itself? Is there some way to make sure that the transaction amount itself is hidden? Before the introduction of the ring CT, the transactions used to be like this:
If Alice had to send 12,5 XMR to bob then the output will be split into 3 transactions of 10,2 and .5. Each of these transactions is given its own ring signature and is then added to the blockchain. This preserved the privacy of the sender, but made the transactions visible to everyone.
To address this problem, a ring CT based on research conducted by Gregory Maxwell was introduced. What RingCT does is simple, it hides the transaction amounts on the blockchain. This also means that the incoming transactions do not have to be broken down into known denominations, but a wallet can now accept ring members from all ring CT outlets.
Remember what that means for the privacy of the transaction. With so many more ways to choose rings from, and the value is not even known, it is now impossible to know about any particular transaction.
These 3 factors work together in harmony to create a system in which total privacy is preserved. But that was still not enough for the Monero developers. They needed an extra layer of security.
Kovri and I2P
I2p, or Invisible Internet Project, is a routing system that enables applications to send messages to one another privately and without outside interference. Kovri is a C ++ implementation of I2P to be integrated into the Monero code.
If you are using Monero then Kovri will hide your internet traffic in such a way that passive network monitoring will not reveal that you are using Monero at all. In order for this to work, all of your Monero traffic is encrypted and passed through the I2P nodes. The nodes are like blind gatekeepers. They know your messages are going through but have no idea where exactly they are going or what the content of the messages is.
It is to be hoped that the relationship between I2P and Monero will one day be a symbiosis, because
- Monero will get an extra layer of protection.
- The number of nodes used in I2P will increase significantly after implementation.
Kovri is still under development (at the time of writing) and has not yet been implemented.
Monero value and transaction cap
The growth of Monero was pretty amazing to watch. Check out their graphic:
At the time of writing, there are 15.054.759 XMRs in circulation and each Monero is worth $ 114,83. The total market cap of Monero is $ 1.728.798.235.
There are 18,4 million XMRs in total, and mining is expected to continue through May 31, 2022. After that, the system is designed so that 0,3 XMR / min is continuously fed in. This was done so that the miners would have the incentive to continue mining and not just rely on transaction fees after all of the Monero has been mined.
How to Store Monero XMR Cryptocurrency?
The easiest way to save Monero is via "mymonero.com".
- Step 1: Click on "Create New Account".
- Step 2: Make a note of your private login key
- Step 3: Enter your private login key to log in and find your public address!
And you are done!
A quick comparison of Monero and Bitcoins
So obviously comparisons cannot be avoided - let's take a look at how these two coins stack up.
Bitcoin prides itself on its open transparency. The blockchain is, in the truest sense of the word, an open book that anyone can access and find out about all past transactions. Bitcoins are relatively easy to access and use.
Monero, on the other hand, is designed for complete and absolute privacy. All transactions are completely secret. Monero can be a little complicated to understand and accessible for beginners.
Advantages and disadvantages of Monero at a glance
- One of the best privacy features on any cryptocurrency.
- The transactions cannot be linked.
- The transactions and addresses are not traceable.
- The blockchain has no block limit and is dynamically scalable.
- Even if the Monero supply runs out, there will be a continuous supply of 0,3 XMR / min to incentivize the miners.
- It is selectively transparent. Anyone can make their transactions visible to the person of their choice, e.g. an auditor, by giving them their private view key. This also makes Monero auditable.
- Has a very capable and strong development team to lead this task.
- Although Monero was made ASIC resistant to prevent centralization, ~ 43% of Monero's hashrate is owned by 3 mining pools.
- Monero transactions are much larger than other cryptos like Bitcoin because of the amount of encryption.
- There isn't much compatibility for Monero with digital wallet.
- It is not easy for beginners and has not been so widely accepted and accepted.
- Since it is not a Bitcoin based cryptocurrency, Monero has faced difficult problems in the sense that it is harder to add things to.