Finance:Monero (cryptocurrency)

From HandWiki
Short description: A privacy-focused cryptocurrency
Monero
Monero-Logo.svg
Monero Logo
Denominations
PluralMonero
Symbolɱ
Ticker symbolXMR[lower-alpha 1]
Previous namesBitMonero
Subunits
 ​11000000000000piconero
Development
Original author(s)Nicolas van Saberhagen
White paperCryptoNote v 2.0
Initial release18 April 2014 (10 years ago) (2014-04-18)
Latest release0.16.0.0 / 23 May 2020 (4 years ago) (2020-05-23)
Code repositorygithub.com/monero-project
Operating systemAndroid, Windows, Linux, macOS, FreeBSD, Solaris
Source modelBSD 3-Clause
Websitegetmonero.org
Ledger
Timestamping schemeProof-of-work
Hash functionRandomX
Issuance scheduleDecentralized, block reward
Block time2 minutes (previously 1 minute)
Block explorerxmrchain.net
Circulating supply17,575,954 XMR ((As of May 2020))
  1. Compatible with ISO 4217.

Monero (/məˈnɛr/; XMR) is an open-source cryptocurrency created in April 2014 that focuses on fungibility, privacy and decentralization. Monero uses an obfuscated public ledger, meaning anybody can broadcast or send transactions, but no outside observer can tell the source, amount or destination.[1] Monero uses a Proof of Work mechanism to issue new coins and incentivize miners to secure the network and validate transactions.

The privacy afforded by Monero has attracted use by people interested in evading law enforcement during events such as the WannaCry Ransomware Attack, or on the dark web buying illegal substances.[2][3][4] Despite this, Monero is actively encouraged to those seeking financial privacy, since payments and account balances remain entirely hidden, which is not the standard for most cryptocurrencies.[5]

History

In 2014 Bitcointalk forum user known as thankful_for_today forked the codebase of Bytecoin into the name BitMonero, which is a compound of Bit (as in Bitcoin) and Monero (literally meaning "coin" in Esperanto).[3] The release of BitMonero was very poorly received by the community that initially backed it. Plans to fix and improve Bytecoin with changes to block time, tail emission and block reward had all been ignored, and thankful_for_today simply disappeared from the development scene. A group of users led by Johnny Mnemonic decided that the community should take over the project, and five days later they did while also changing the name to Monero.

Due to its privacy features, Monero experienced rapid growth in market capitalization and transaction volume during 2016, faster and bigger than any other cryptocurrency that year. This growth was driven by its uptake in the darknet market, where people used it to buy stolen credit cards, guns, and drugs.[3] Two major darknet markets were shut down in July 2017 by law enforcement.[6] From the beginning, Monero has been used by people holding other cryptocurrencies like Bitcoin to break the link between transactions, with the other cryptocoins first converted to Monero, then after some delay converted back and sent to an address unrelated to those used before.

On January 10, 2017, the privacy of Monero transactions was further strengthened by the adoption of Bitcoin Core developer Gregory Maxwell's algorithm Confidential Transactions, hiding the amounts being transacted, in combination with an improved version of Ring Signatures.[7]

After many online payment platforms shut down access for white nationalists following the Unite the Right rally in 2017, some of them, including Christopher Cantwell and Andrew Auernheimer ("weev"), started using and promoting Monero.[8][9]

The operators behind the May 2017 global ransomware incident WannaCry converted their proceeds into Monero.[2] In June, The Shadow Brokers, the group that leaked the code used in WannaCry, started accepting payments in Monero.[2]

Malicious hackers have previously embedded Monero mining code into websites and apps seeking profit for themselves.[10] In late 2017 malware and antivirus service providers blocked a JavaScript implementation of Monero miner Coinhive that was embedded in websites and apps, in some cases by hackers. Coinhive generated the script as an alternative to advertisements; a website or app could embed it, and use website visitor's CPU to mine the cryptocurrency while the visitor is consuming the content of the webpage, with the site or app owner getting a percentage of the mined coins.[11] Some websites and apps did this without informing visitors, and some hackers implemented it in way that drained visitors' CPUs. As a result, the script was blocked by companies offering ad blocking subscription lists, antivirus services, and antimalware services.[12][10]

In January 2018, Bloomberg suggested the hackers who stole approximately 500 million NEM tokens ($530 million) from Coincheck would find it challenging to launder the stolen tokens by selling them for Monero since at least one exchange, Shapeshift, had blocked NEM addresses associated with the theft.

In the first half of 2018, Monero was used in 44% of cryptocurrency ransomware attacks.[13]

In November 2018, Bail Bloc released a mobile app that mines Monero to raise funds for low-income defendants who can't otherwise cover their own cash bail.[14][15]

Architecture

Monero GUI 0.12.3.0 on Windows 10

Unlike many cryptocurrencies that are derivatives of Bitcoin, Monero is based on the CryptoNight proof-of-work hash algorithm, which comes from the CryptoNote protocol.[citation needed]

In particular, the ring signatures used in cryptonote mix the spender's input with a group of others, making it exponentially more difficult to establish a link between each subsequent transaction.[3] Since its original development from the cryptonote protocol, Monero has diverged on a number of features.

Security and privacy features

Enforced privacy

Monero uses enforced privacy by default for all transactions so that no user can accidentally or deliberately be traceable or insecure. Unlike a public-by-default mechanisms, this ensures users cannot be scrutinised or penalised by outside actors for using private transactions, leading to non-use of privacy features and therefore loss of privacy altogether.[16][unreliable source]

Ring confidential transactions (RingCT)

RingCTs are used to obfuscate the amount sent in a transaction[17][3] using range proofs and cryptographic commitments.[18][unreliable source]

Bulletproofs

Bulletproofs are used in Monero.[19][non-primary source needed][20][unreliable source?] They are a type of non-interactive zero-knowledge proof which allow transactions to be verified without knowledge of the sender, receiver or amount without the need for trusted setup. A secure method for verifying transactions is necessary to prevent senders sending currency they do not possess. Bulletproofs replaced the previous method in October 2018, improving on them by requiring much less data for each transaction, particularly for transactions with multiple outputs (receivers).[20][21][22]

Stealth (one-time) Addresses

Monero requires senders to cryptographically generate a one-time address using the receiver's public address. Although all transactions to a given public address end up in the same central cryptocurrency wallet, an outside party can never know whether two transactions have been sent to the same public address.[23]

Ring signatures

When sending a Monero transaction, the sender cryptographically "signs" the transaction with an input they own and 10 other inputs to give a total of 11 inputs that might have been used to generate a given transaction. This gives plausible deniability for senders as an external observer cannot be certain exactly which address sent a given transaction.[24][unreliable source?]

Mining

Monero is designed to be resistant to application-specific integrated circuit (ASIC) mining, which is commonly used to mine other cryptocurrencies such as Bitcoin.[25][26] It can be mined somewhat efficiently on consumer grade hardware such as x86, x86-64, ARM and GPUs - and so is a favourite of malware-based miners.[27][28]

Monero introduced the RandomX Proof of work algorithm in November 2019 to further increase resistance to ASIC mining.[29][30][31]

Transaction linkability

In April 2017 research highlighted three major threats to Monero users' privacy. The first relies on leveraging the ring signature size of zero, and ability to see the output amounts.[32] The second, described as "Leveraging Output Merging", involves tracking transactions where two outputs belong to the same user,[32] such as when a user is sending the funds to himself ("churning"). Finally the third threat, "Temporal Analysis", shows that predicting the right output in a ring signature could potentially be easier than previously thought.[32]

The Monero development team had addressed the first concern in January 2017, prior to the actual release of the research paper, with the introduction of Ring Confidential Transactions (RingCT) as well as mandating a minimum size of ring signatures in the March 2016 protocol upgrade. Monero developers also noted that Monero Research Labs, their academic and research arm, already noted and outlined the deficiency in two public research papers in 2014 and 2015.

See also

References

  1. Hern, Alex (2017-12-11). "Missed the bitcoin boom? Five more baffling cryptocurrencies to blow your savings on". The Guardian. ISSN 0261-3077. https://www.theguardian.com/technology/shortcuts/2017/dec/11/missed-bitcoin-boom-five-more-baffling-cryptocurrencies-to-blow-your-savings-on. 
  2. 2.0 2.1 2.2 Gallagher, Sean (4 August 2017). "Researchers say WannaCry operator moved bitcoins to "untraceable" Monero". Ars Technica. https://arstechnica.com/gadgets/2017/08/researchers-say-wannacry-operator-moved-bitcoins-to-untraceable-monero/. 
  3. 3.0 3.1 3.2 3.3 3.4 "Monero, the Drug Dealer's Cryptocurrency of Choice, Is on Fire". WIRED. https://www.wired.com/2017/01/monero-drug-dealers-cryptocurrency-choice-fire/. 
  4. "Meet Monero, the Currency Dark Net Dealers Hope Is More Anonymous Than Bitcoin". Motherboard. 2016-08-23. https://motherboard.vice.com/en_us/article/jpgv8k/monero-cryptocurrency-dark-net-drug-dealers-hope-more-anonymous-than-bitcoin-alphabay. 
  5. Somerset Webb, Merryn (2018-03-23). "Trust is in increasingly short supply for investors". Financial Times. https://www.ft.com/content/0356d7fe-2dea-11e8-a34a-7e7563b0b0f4. 
  6. Popper, Nathaniel; Ruiz, Rebecca R. (20 July 2017). "2 Leading Online Black Markets Are Shut Down by Authorities". The New York Times. https://www.nytimes.com/2017/07/20/business/dealbook/alphabay-dark-web-opioids.html?_r=0. 
  7. "Bittercoin: true blockchain believers versus the trough of disillusionment". https://techcrunch.com/2017/03/12/bittercoin-true-blockchain-believers-vs-the-trough-of-disillusionment/. 
  8. Hayden, Michael Edison (27 March 2018). "White supremacists are investing in a cryptocurrency that promises to be completely untraceable". Newsweek. https://www.newsweek.com/white-supremacists-cryptocurrency-monero-bitcoin-861104. 
  9. Cox, Joseph (5 March 2018). "Neo-Nazis Turn to Privacy-Focused Cryptocurrency Monero". Motherboard. https://motherboard.vice.com/en_us/article/neqy7z/neo-nazis-monero-weev-daily-stormer. 
  10. 10.0 10.1 Tung, Liam. "Android security: Coin miners show up in apps and sites to wear out your CPU | ZDNet". ZDNet. http://www.zdnet.com/article/android-security-coin-miners-show-up-in-apps-and-sites-to-wear-out-your-cpu/. 
  11. Thomson, Iain (October 19, 2017). "Stealth web crypto-cash miner Coinhive back to the drawing board as blockers move in". The Register. https://www.theregister.co.uk/2017/10/19/malwarebytes_blocking_coin_hive_browser_cryptocurrency_miner_after_user_revolt/. 
  12. Goodin, Dan (October 30, 2017). "A surge of sites and apps are exhausting your CPU to mine cryptocurrency". Ars Technica. https://arstechnica.com/information-technology/2017/10/a-surge-of-sites-and-apps-are-exhausting-your-cpu-to-mine-cryptocurrency/. 
  13. Rooney, Kate (2018-06-07). "$1.1 billion in cryptocurrency has been stolen this year, and it was apparently easy to do". CNBC. https://www.cnbc.com/2018/06/07/1-point-1b-in-cryptocurrency-was-stolen-this-year-and-it-was-easy-to-do.html. 
  14. "Mining cryptocurrency helps raise bail for those who can't | CBC Radio". CBC. https://www.cbc.ca/radio/spark/379-integrated-shopping-leaving-silicon-valley-wifi-enabled-plastic-and-more-1.4474658/mining-cryptocurrency-helps-raise-bail-for-those-who-can-t-1.4474674. 
  15. "You Can Now Mine Cryptocurrency to Bail People Out of Jail". Motherboard. 2017-11-15. https://motherboard.vice.com/en_us/article/vb3j93/you-can-now-mine-cryptocurrency-to-bail-people-out-of-jail-bail-bloc. 
  16. SerHack (2018). Mastering Monero: The future of private transactions. https://masteringmonero.com/.+pp. 25. ISBN 978-1731079961. 
  17. Noether, Shen; Mackenzie, Adam; the Monero Research Lab (21 December 2016). "Ring Confidential Transactions". Ledger 1: 1–18. doi:10.5195/ledger.2016.34. ISSN 2379-5980. http://ledgerjournal.org/ojs/index.php/ledger/article/view/34. Retrieved 2018-08-03. 
  18. SerHack (2018). Mastering Monero: The future of private transactions. https://masteringmonero.com/.+pp. 61. ISBN 978-1731079961. 
  19. "Moneropedia: Bulletproofs". Moneropedia: Bulletproofs. 2018. https://getmonero.org/resources/moneropedia/bulletproofs.html. 
  20. 20.0 20.1 "Bulletproofs and Mimblewimble". https://tlu.tarilabs.com/cryptography/bulletproofs-and-mimblewimble/MainReport.html. 
  21. "Security Audit of Monero Bulletproofs". 2018-10-22. https://blog.quarkslab.com/security-audit-of-monero-bulletproofs.html. 
  22. Bunz, Benedikt; Bootle, Jonathan; Boneh, Dan; Poelstra, Andrew; Wuille, Pieter; Maxwell, Greg (May 2018). "Bulletproofs: Short Proofs for Confidential Transactions and More". 2018 IEEE Symposium on Security and Privacy (SP) (San Francisco, CA: IEEE): 315–334. doi:10.1109/SP.2018.00020. ISBN 9781538643532. 
  23. Courtois, Nicolas T.; Mercer, Rebekah (2017). "Stealth Address and Key Management Techniques in Blockchain Systems". Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP) (SCITEPRESS – Science and Technology Publications, Lda.): 559–566. doi:10.5220/0006270005590566. ISBN 978-989-758-209-7. http://www.scitepress.org/Papers/2017/62700/62700.pdf. Retrieved 2017-07-24. 
  24. Breaking Monero Episode 02: Ring Signatures Introduction. 2019-01-04.
  25. "How a few companies are bitcoining it". The Economist. 2018-05-19. ISSN 0013-0613. https://www.economist.com/business/2018/05/19/how-a-few-companies-are-bitcoining-it. 
  26. Gibbs, Samuel (2017-12-13). "Billions of video site visitors unwittingly mine cryptocurrency as they watch". The Guardian. ISSN 0261-3077. https://www.theguardian.com/technology/2017/dec/13/video-site-visitors-unwittingly-mine-cryptocurrency-as-they-watch-report-openload-streamango-rapidvideo-onlinevideoconverter-monero. 
  27. Brandom, Russell (2017-12-19). "Backdoor coin-mining hacks are spreading as prices rise". https://www.theverge.com/2017/12/19/16796084/backdoor-coin-mining-hacks-are-spreading-as-prices-rise. 
  28. Palmer, Danny. "Cyber attackers are cashing in on cryptocurrency mining - but here's why they're avoiding bitcoin". https://www.zdnet.com/article/cyber-attackers-are-cashing-in-on-cryptocurrency-mining-but-heres-why-theyre-avoiding-bitcoin/. 
  29. "RandomX is a new Proof-of-Work (PoW) algorithm used where decentralisation matters". 2019-06-05. https://www.monerooutreach.org/stories/RandomX.php. 
  30. Chu, Howard (2019-06-30). MoneroKon 2019 - ASIC-Resistant Proof of Work: Fact or Fantasy? (Howard Chu).
  31. ErCiccione. "Monero 0.15.0.0 "Carbon Chamaeleon" released". https://web.getmonero.org/2019/11/12/monero-0.15-released.html. Retrieved 16 January 2020. 
  32. 32.0 32.1 32.2 Kumar, Amrit; Fischer, Clément; Tople, Shruti; Saxena, Prateek. "A Traceability Analysis of Monero's Blockchain". https://eprint.iacr.org/2017/338.pdf. Retrieved 6 November 2017. 

External links