What is Monero Cryptocurrency?
Monero’s team describes this cryptocurrency as a highly-secure, untraceable system offering unparalleled privacy. It employs a cutting-edge form of Monero cryptography to keep every single transaction 100 percent untraceable, providing peace of mind. In a world which is becoming continually transparent, it’s simple to understand why a cryptocurrency that emphasizes privacy is so appealing to so many people. But how does it work? What other benefits does it offer? In this ‘What is Monero?’ guide, we explore the fundamentals, what makes it unique, and more about Monero.
- History Of Monero
- Monero Benefits
- Understanding Monero Cryptography
- What Are Kovri And 12P?
- Understanding Monero Wallet
- Comparing Bitcoin vs Monero
- Monero Pros and Cons
Exploring the History of Monero
The story of Monero starts in the summer of 2012, with the launch of Bytecoin. This was the original implementation of CryptoNote, an application layer protocol built to fuel different cryptocurrencies. It may be considered similar to Bitcoin’s application layer in some ways, but the two have their fair share of differences too.
Bytecoin had a lot of promise, but soon users began to realize that it involved some unsavory elements, and 8 in 10 coins had been published already. Around 18 months later, the Bytecoin blockchain was forked. This led to new coins known as Bitmonero, which would go on to be redubbed Monero (Esperanto for ‘coin’). It was decided that blocks would be mined, and new ones would be added, every two minutes.
The team behind the open-source, crowdfunded Monero was made up of seven developers, five of whom decided to stay anonymous. The other two, though, went public: Riccardo Spagni and David Latapie.
What Are The Benefits Of Monero?
Why is Monero so popular? Let’s explore its unique properties.
You’re Responsible for Your Own Coins
With Monero, you enjoy full control of any transactions you make, as your identity is kept private. No one else can see what you choose to spend your cryptocurrency on.
Monero is fungible, which means it's interchangeable with other assets of the same type. For example, if you were to borrow $10 from a relative and gave it back as another $10 bill, that’s an example of fungibility. You could also give it back as two $5 bills or 10 $1 bills. In this scenario, the dollar is fungible.
But if you borrowed your relative’s motorbike for a couple of days and gave them a different bike in return, they’d probably be furious. The motorbike isn’t fungible — you can only return the exact same vehicle rather than something that basically does the same thing (unlike money).
How does this apply to cryptocurrency? Discussing Bitcoin makes for a fantastic example. Bitcoin is sold as an open ledger, so everyone has the freedom to see any transaction and its trail. So, if a single coin was utilized in an illegal purchase (such as buying an illegal narcotic or a weapon) it would remain in the transaction trail, tainting it.
Such coins struggle to hold the same value as other, cleaner coins. This destroys the fungibility, and has earned Bitcoin some criticism over time — with good reason. It’s not fair that one innocent user suffers because of another user’s unethical actions years earlier.
However, Monero is different. All of its transactions and related data remains private, so no other user can see how Monero coins have been spent before. As a result, there’s no transaction trail and no need to worry about having tainted coins, as in another cryptocurrency (e.g. Bitcoin). That’s why Monero is fungible.
Scalability is a hot topic with Bitcoin. It was built with a block size limit of 1MB, though the early development versions of Bitcoin had no such limit. The 1MB limit was enforced to reduce the risk of spam transactions.
Monero utilizes a free block size mechanism that has no fixed limit restriction on size, but this does mean unscrupulous miners may clog the Monero network with blocks that are of a disproportionate size. That’s why a block reward penalty was imposed into the system. How does it work?
This begins when the median size of the last 100 blocks is taken, known as M100. If a miner were to mine a fresh block with a particular size (named New Block Size), and this is worth less than M100, the block reward is reduced in quadratic depending on how much New Block Size exceeds M100.
So, if the New Block Size was, say, 50 percent greater than the M100 amount, the block reward would be reduced by 25 percent. Blocks which are greater than two times M100 are prohibited, and any blocks which are <= 60kB have no reward penalties.
Resistance to Application Specific Integrated Circuit
Monero might not be considered completely resistant to Application Specific Integrated Circuit (ASIC), though the expense of manufacturing ASICs for use with Monero would be incredibly high, ultimately making it unviable.
Why? Because Monero is based on the CryptoNote system as we mentioned above, which has a hashing algorithm known as CryptoNight. This was built to offer users a more fair decentralized currency system, and the utilization of CryptoNight was hoped to eliminate the implementation of mining pools for more balanced distribution.
What is XMR resistance to ASIC? CryptoNight needs 2MB of fast memory to function property, so parallelizing hashes is limited based on the amount of memory which can be squeezed onto a chip while maintaining an affordable cost to make it worthwhile.
CryptoNight is designed to work with GPU and CPU, crafted to leverage AES-Ni instruction sets. So, some of the work performed by CryptoNight is done in hardware running on modern consumer machines already.
There have been discussions about transferring Monero from a PoW algorithm to Cuckoo Cycle, which is a different type of PoW. Should a transition like this take place, the level of work conducted in the research and development ASICs friendly to Monero would be, ultimately, without value.
Users may consider one of the most daunting things about Monero to be the inclusion of multiple keys. While some other cryptocurrencies — Bitcoin and Ethereum — provide users with a single private and public key, Monero takes a more complex approach.
Monero includes a public view key and a private view key. The latter is utilized to create single-use stealth addresses to which funds will be transferred to the recipient. The former is leveraged by the recipient to scan the Monero blockchain to locate the money sent their way. That’s a concise version of how the process unfolds.
How about spend keys? These revolve around senders rather than recipients. There are two of them, again public and private. The public spend key enables senders to partake in ring transactions and verify key image signatures. Private spend keys enable users to create key images for making transactions.
The public view key and public spend key make the first and second parts of a Monero address respectively. This is a string of characters (95 in total).
This can be a confusing aspect of using Monero, but it’ll become clearer as you keep reading.
Understanding Monero Cryptography
What Are Ring Signatures?
What are ring signatures and how do they help to protect senders’ Monero anonymity? Let’s look at a potential scenario.
If you were to send a friend a check, you’d have to sign it, which means anyone can recognize that it’s your check because of that signature. But if you were to choose a group of people off the street at random, and combined your signature with theirs to make a unique one, nobody would be able to recognize whether it was yours or not.
That’s basically how ring signature with Monero works. Imagine if Maria had 1000 Monero to send to Jade, how would the Monero network utilize ring signatures to protect Maria’s identity? First, she’d have to determine her ‘ring size’: these are random outputs with the same value gathered from the network. The greater the ring size, the greater the transaction, and the greater the fees.
Maria would sign the outputs with her private spend key before sending it to the Monero blockchain. She wouldn’t have to ask previous transaction owners for permission to utilize the outputs.
So, if Maria were to pick a ring size of six, that would be her own transaction and five decoy outputs. Any decoys pulled from the Monero network have the same likelihood of being an output as the real one, as third parties will be unable to identify the sender’s identity.
Still with us? Well, this possible situation leads to a problem we need to address.
Miners have various roles, and one of them is eliminating the risk of ‘double spending’, which refers to users spending a single coin on multiple transactions at the same time. Miners stop this happening, as transactions are only processed when miners form them into mined blocks.
If Maria planned to transfer one Bitcoin to Jade and sent that same one to Eliza, a miner would slot one transaction into the block and overwrite the other — meaning no double spend could take place. There’s a chance that only these miners could view what the transaction inputs were, and who sent them.
Thankfully, Monero keeps all of this cloaked with ring signatures, and cutting-edge cryptography helps to prevent double spending. All Monero transactions carry their own distinct key image, so miners can just check to see whether a Monero coin is double spent easily.
This way, users’ Monero anonymity is preserved through ring transactions and cultivates greater peace of mind.
What are Stealth Addresses?
Let’s move onto the next stage of discussing what is Monero.
One of Monero’s biggest USPs is the unlikability of transactions: if a user sends you 500 XMR (Monero), no one else would know any funds are being sent to your address. So, if Maria were to transfer funds to Jade, only Maria knows that Jade has received the money — nobody else.
Monero keeps Jade’s identity private through the use of keys. Jade holds two public keys (view key and spend key), and for the transaction to be completed, Maria’s wallet would utilize Jade’s public view and public spend keys to create a single-use public key that’s 100 percent unique. This involves the following computation:
P = H(rA)G+B
What does this mean?
r = Random scalar (selected by Maria)
H() = Monero’s Keccak hashing algorithm
A = The public view key for Jade
B = Jade’s public spend key
G = Cryptographic constant
This one-time public key’s computation leads to the formation of a single-use public address, referred to as a stealth address. This resides in the Monero blockchain in which Maria sends her XMR to Jade. Jade would unlock her Monero from the random data distributed through the network through the use of the private spend key.
Said private spend key essentially serves to help Jade scan the blockchain to locate her transaction, and when she does, she can calculate a private key that aligns with the single-use public key. She can then retrieve her Monero without anyone finding out.
Calculating Key Images
How is a Key Image calculated? We’ve explored how the one-time public key (P) was calculated, and the sender’s private spend key (X). The relevant equation is:
I = xH(P)
What can we learn here? It’s not feasible to derive the single-use public address (P) from the Key Image (I), so Maria’s identity will not be exposed. P always provides the same value after being hashed so H(P) won’t be identical every time.
So, while X’s value remains constant for Maria, she’ll be unable to create numerous values of (I), making the Key Image unique in every single transaction.
What are Ring Confidential Transactions?
Now that we’ve explored the way in which senders and recipients stay anonymous, how does the transaction itself stay private?
Transactions used to follow the following formula before Ring CT was implemented:
Maria wanted to send 12.5 XMR to Jade, the output would be separated into three transactions. These would be worth 10, 2, and 5 — adding up to 12.5 XMR. Each of these respective transactions would have their own ring signatures when they were implemented into the blockchain.
This was effective in protecting the sender’s privacy, and allowed transactions to be visible to all users.
Ring CT was launched to address this issue, based on Gregory Maxwell’s analysis. Ring CT masks transaction values in the blockchain, and transaction inputs don’t have to be broken down into specific denominations. Now, wallets can pick up ring members from all outputs with Ring CT.
As there are plenty of other options for picking rings from and values remain unknown, it’s not possible to recognize any specific transaction. These three factors work together to form a network in which complete privacy is assured. However, Monero developers wanted more security.
What Are Kovri And 12P?
12P (or ‘invisible internet project’) was designed to be a routing system enabling applications to deliver messages to one another, with full privacy, with no risk of interference from outside. Kovri is a C++ implementation of 12P is intended for integration with Monero’s code. If you’re a Monero user, you can take advantage of Kovri to keep your internet activity hidden, so that passive monitoring by a network won’t show that you’re utilizing Monero.
For this to work effectively, your Monero traffic won’t be encrypted and sent through 12P’s nodes, which recognize when messages pass through but are clueless as to where they’re being sent. The messages’ content will remain masked, too.
There’s a lot of hope that 12P and Monero will form a symbiotic connection, as Monero will benefit from extra security and 12P’s node network will be increased in size significantly.
Understanding Monero Wallet
You don’t have a huge range of options when you’re looking for a Monero wallet. You can use a hardware wallet, which is generally regarded as the most safe type, which can accommodate XMR. They offer support by Trezor and Ledger.
However, two of the biggest Monero wallets (listed on the official site), are:
- MyMonero web wallet: Just head to the website and make your own account to take advantage
- Monerujo: This mobile wallet can be installed on Android smartphones or tablets
- On the official Monero website, it’s stated that the community funded a Dedicated Hardware Wallet. The Ledger Nano S is working on the integration of Monero into their range of hardware wallets.
Comparing Bitcoin vs Monero
It’s obvious that Bitcoin and Monero can be compared:
One of the main selling points of Bitcoin is the open transparency, and the blockchain acts as an open ledger: this means anyone can check up on previous transactions. Bitcoin is made to be digital money with publicly viewable transactions. Bitcoin is fairly easy to access and take advantage of. It has a market cap of ~$20bn.
With Monero, privacy is the key selling point, and every transaction is kept totally hidden from the view of others. Monero is made to be untraceable digital money, and is hidden from public visibility. Monero can be somewhat difficult to understand and utilize for newcomers.
It has a market cap of ~$300m.
Monero Pros and Cons
- Monero has one of the strongest privacy infrastructures in the world of cryptocurrencies
- Transactions are unlikable
- The Monero supply will run dry someday, but miners will still continue to receive 0.3XMR/min as an incentive
- Transactions and addresses are untraceable
- Monero’s development team is incredibly skilled
- Monero has selective transparency, so you can make your transactions visible to anyone of your choice by providing them with a private view key (so Monero is auditable, too)
- The Monero blockchain has no block limit and has dynamic scalability
- Monero transactions are bigger than those of Bitcoin and other cryptocurrencies, due to the level of encryption required
- Monero was designed to be resistant to ASIC to avoid centralization, and ~43 percent of Monero’s hashrate is under the ownership of three mining pools
- As Monero isn’t based on Bitcoin, it’s experienced problems as adding things to it can be more difficult
- Monero isn’t friendly to newcomers, so hasn’t been adopted as widely as it perhaps should have been
- Monero isn’t compatible with many cryptocurrency wallets