Privacy Coin Technology: How Secure is Monero (XMR)?
Growing demand for XMR on multiple fronts - but how secure is the underlying technology? I am explaining the basics when it comes to the private cryptocurrency with the biggest market cap.
For Beginners: What is Monero?
Monero is the underlying technology of XMR which is one of the better-known and at the same time, measured by market capitalisation, largest cryptocurrencies.
Originally, the coin was called “Bit Monero” after its launch in 2014, but this did not meet with much approval within the community. The name “Monero” comes from the language “Esperanto” and means something like “currency”/“coin” and is therefore not a neologism, as many initially assume.
Decentralized: There is no difference in the classification of nodes, i.e. every node has the same priority in the network.
Fungible: One problem with Bitcoin is that transaction histories can be seen and thus there are “dirty” Bitcoins that were demonstrably the subject of illegal transactions, e.g. via the Darknet. This history is not clear with XMR, which is why there are no such “dirty” XMR.
Protected: By using a P2P network, encryption of the wallet, as well as the transaction, XMR is considered one of the safest cryptocurrencies.
Private: No one can prove that you have an XMR transaction or, for example, that you own XMR and/or how many you own through blockchain analysis. Thus, there is no “rich list” for Monero, which is usually openly accessible for other cryptocurrencies.
The biggest unique selling point of XMR is the fact that you can actually make completely anonymous transactions with this cryptocurrency.
Monero Technology
CryptoNote Protocol
Basis of the Monero technology with the associated Cryptonight hash algorithm
Aims to improve the privacy aspect of cryptocurrencies as transactions e.g. on the Bitcoin blockchain are just pseudonymous and visible to everyone
Payments can always be traced back to a wallet and, as a result, complete payment flows, i.e. multiple transactions over any length of time
Cryptonote also uses a public ledger, but it is not possible to trace which wallet a transaction came from or went to
The CryptoNote protocol has been under development since 2012 and was one of the first blockchain protocols dedicated to the topic of “privacy”
The first whitepaper was published by “Nicolas Van Saberhagen”, but this is only a pseudonym. Similar to Satoshi, no one knows who is behind it.
Stealth Addresses
Automatically created for each transaction
This “one-time key” determines the recipient of the transaction. Outsiders, however, cannot do anything with this key.
The public key for sending and the key for viewing are formed from the 95 characters of a Monero wallet
When a transaction is made, arbitrary data is added to create a new key, which in turn can be used to issue the XMR
The private key in the wallet then ensures that the coins sent arrive in the correct wallet and can also be spent
Private keys are never visible on the blockchain, the recipient protects his privacy; only the transaction can be traced by other people who have the private key to view it.
Ring Signatures
Ring signatures consist of different components, but only one part is the valid signature of the person who sent XMR
All others are randomly drawn from older transactions on the blockchain, which signature is from the sender cannot be traced
Ring CTs
(CT = Confidential Transaction) ensure that there is no information on the blockchain about how many XMR were sent
The sum of the inputs is always equal to the output. The total credit is always made up of different inputs.
If you have an input of 8 XMR and want to send 6 XMR, the complete input is divided into two outputs (1. 6 XMR transaction output; 2. 2 XMR bill of exchange output)
A range proof ensures that the amount of a transaction exceeds zero
Kovri
Kovri is an in-house development of the Monero Developer Team
Since TOR and VPN solutions have security gaps, they decided to build their own solution
Kovri offers anonymous access and works on the basis of an I2P network. IP addresses of the users are disguised and the data is inaccessible to third parties
Each node in the network adds a new “protection layer”. Only with the right key can these protective layers be removed again.
Can Monero be broken?
The first question that comes to many people’s minds when it comes to Monero is whether this technology could be cracked in the future.
Because one thing is clear: Governments and regulators are not very happy about the existence of such anonymous cryptocurrencies. For them, anything that is beyond their control is bad.
Therefore, it was not surprising that the us tax authority IRS promised a reward of 625,000 US dollars. For whoever can break through Monero’s security measures.
But till today there is not a single case in which there was a Monero hack or exploit presented. While there were attempts to attack Monero none of them had any impact. The fact that an authority like the IRS resorts to such measures shows how desperate they are.
From a technological perspective, it is highly unlikely that Monero will ever be cracked. Rather, there are problems due to regulatory measures and delistings of centralised crypto exchanges caused by this. One more good reason to rely on decentralized exchanges in the future.