What is Monero? [The Most Comprehensive Step-by-Step Guide]
According to Monero’s site: Monero is a secure, private and untraceable currency system. Monero uses a special kind of cryptography to ensure that all of its transactions remain 100% unlinkable and untraceable. In an increasingly transparent world, you can see why something like Monero can become so desirable. In this guide, we will see the mechanics behind Monero and see what makes it so special.
The origins of Monero
Back in July of 2012, Bytecoin, the first real life implementation of CryptoNote, was launched. CryptoNote is the application layer protocol that fuels various decentralized currencies. While it is similar to the application layer which runs bitcoin in many aspects, there a lot of areas where the two differ from each other.
While bytecoin had promise, people noticed that a lot of shady things were going on and that 80% of the coins were already published. So, it was decided that the bytecoin blockchain will be forked and the new coins in the new chain will be called Bitmonero, which is was eventually renamed Monero meaning “coin” in Esperanto. In this new blockchain, a block will be mined and added every two mins.
Monero is headed by a group of 7 developers of which 5 have chosen to remain anonymous while two have come out openly in public. They are: David Latapie and Riccardo Spagni aka “Fluffypony”. The project is open source and crowdfunded.
Image courtesy: Coinsutra
Special features of Monero
So what is it about Monero that makes it so hot and in-demand. What are the unique properties that the CryptoNote algorithm gives it? Let’s check it out.
Property #1: Your currency is yours
You have complete control over your transactions. You are responsible for your money. Because your identity is private no one will be able to see what you are spending your money on.
Property #2: It is Fungible
Another interesting property that it gains, thanks to its privacy, is that it is truly fungible. What is fungibility? Investopedia defines fungibility as follows:
“Fungibility is a good or asset’s interchangeability with other individual goods or assets of the same type.”
So, what is fungible and what is non-fungible.
Suppose you borrowed $20 from a friend. If you return the money to him with ANOTHER $20 bill, then it is perfectly fine. In fact, you can even return the money to them in the form of 1 $10 bill and 2 $5 bills. It is still fine. The dollar has fungible properties (not all the time though).
However, if you were to borrow someone’s car for the weekend and come back and give them some other car in return, then that person will probably punch on the face. In fact, if you went away with a red Impala and came back with another red Impala then even that is not a done deal. Cars, in this example, are a nonfungible asset.
So, what is the deal with fungibility when it comes to cryptocurrency?
Let’s look at bitcoin for example. Bitcoin prides itself in being an open ledger and an open book. But what it also means is that everyone can see the transactions in it and more importantly, everyone can see the trail of that transaction. What this basically means is that suppose you own a bitcoin which once was used in some illegal transaction, eg. buying drugs, it would forever be imprinted in the transaction detail. What this in essence does is that it “taints” your bitcoin.
In certain bitcoin service providers and exchanges, these “tainted” coins will never be worth as much as “clean” coins. This kills fungibility and is one of the most often used criticisms against bitcoin. After all, why should you suffer if one of the previous owners of your bitcoin used it to make some illegal purchases?
This is where Monero comes in. Since all their data and transactions are private, no one can know what transactions your Monero has gone through before and neither can they know what was used to buy with your Monero. Since its transaction history can never be known, it also means that the “transaction” trail is non-existent. As a result of this, the concept of “tainted” Monero and “clean” Monero doesn’t exist, and hence they are fungible!
Property #3: Dynamic Scalability
The Bitcoin scalability issue has been a very hot topic in the crypto circles the past few months. So, to give you all a gist of the the situation, Bitcoin was created with a self-imposed 1 Mb block size limit. In its early developments bitcoin didn’t have any block size limit, however, in order to prevent spam transactions, the size limit was enforced.
Monero, on the other hand, has no “pre-set” size limit, but this also means that malicious miners can clog up the system with disproportionately huge blocks. To prevent this from happening, a block reward penalty is built into the system. This is how it works:
Firstly, the median size of the last 100 blocks is taken which is called M100. Now suppose the miners mined a new block and it has a particular size which is called “NBS” aka New Block Size. If NBS > M100, then the block reward gets reduced in quadratic dependency of how much NBS exceeds M100.
This means that if NBS is [10%, 50%, 80%, 100%] greater than M100, the block reward gets reduced by [1%, 25%, 64%, 100%]. Generally, blocks greater than 2*M100 are not allowed, and blocks <= 60kB are always free of any block reward penalties.
Property #4: ASIC (Application Specific Integrated Circuit) Resistant
Ok, before we get started, let’s just get this out of the way. Monero is not exactly “ASIC resistant”, but the cost of manufacturing ASICs for Monero would be so high that it simply won’t be worth it. Why is that the case? Remember, when we said that Monero was based on the CryptoNote system which makes it distinctly different from bitcoins? Well, the hashing algorithm used in CryptoNote based systems is called “CryptoNight”.
Cryptonight was created to build a fairer and more decentralized currency system. Cryptocurrencies which incorporate Cryptonight cannot be mined using. It was hoped that this would prevent the creation of mining pools and make the currency more evenly distributed.
So what are the properties of CryptoNight which makes it ASIC Resistant? (The following is taken from “user36303” answer in monero.stackexchange.com).
- Cryptonight requires 2 MB of fast memory to work. This means that parallelizing hashes is limited by how much memory can be crammed in a chip while keeping cheap enough to be worth it. 2 MB of memory takes a lot more silicon than the SHA256 circuitry.
- Cryptonight is built to be CPU and GPU friendly because it is designed to take advantage of AES-Ni instruction sets. Basically, some of the work done by Cryptonight is already being done in hardware when running on modern consumer machines.
- There have been talks of moving Monero on from proof of work algorithm to “Cuckoo Cycle” (a different form of proof of work hash). If a switch like this does happen, then the amount of work spent in the R&D of Monero friendly ASICs would be meaningless.
Property #5: Multiple keys
One of the more confusing aspects of Monero is its multiple keys. In bitcoin, ethereum, etc. you just have one public key and one private key. However, in a system like Monero, it is not quite as simple as that.
View Keys: Monero has a public view key and a private view key.
- The public view key is used to generate the one-time stealth public address where the funds will be sent to the receiver. (more on this later).
- The private view key is used by the receiver to scan the blockchain to find the funds sent to them.
That’s the general overview of the process.
The public view key makes the first part of the Monero Address.
Spend Keys: If the view key was mostly for the recipient of a transaction, the spend key is all about the sender. As above, there are two spend keys: public spend key and private spend key.
- The public spend key will help the sender take part in ring transactions and also verify the signature of the key image. (more on that later)
- The private spend key helps in creating that key image which enables them to send transactions.
The public spend key makes the second part of the Monero address.
The Monero address btw is a 95-character string which is made of the public spend and public view key.
This can be very confusing right now, but just keep this information in your head, and it will become clearer with subsequent sections.
What is the cryptography involved in Monero?
How does a transaction in a cryptocurrency work?
Every transaction has two sides to it, the input side and the output side. Suppose Alice needs to send some bitcoins to Bob how will it look like?
In order to make this transaction happen, Alice needs to get bitcoins which she has received from various previous transactions. Remember, as we said before, in bitcoins, each and every coin is accounted for via a transaction history. So Alice can make the outputs of her previous transactions the input of the new transaction. Later on, when we talk about “outputs”, especially in the ring signature section, we mean the outputs of the old transaction which become the inputs of the new transaction.
So, suppose Alice needs to pull bitcoins from the following transactions which we shall name TX(0), TX(1) and TX(2). These three transactions will be added together and that will give you the input transaction which we shall call TX(Input).
Diagrammatically, it will look like this:
So, that is it from the input side, let’s check out what the output side will look like.
The output basically will have a number of bitcoins that Bob will possess post transaction and any remaining change that is left over, which is then sent back to Alice. This change then becomes her input value for all future transactions.
A pictorial representation of the output side looks like this:
Now, this is a very simple transaction that has just one output (apart from the CHANGE), there are transactions that are possible with multiple outputs.
Image courtesy: FluffyPony presentation.
Bitcoin transactions happen because of public key cryptography. To have a very basic understanding of how that works, check out this flowchart:
A bitcoin user first chooses their private key. The public key is then mathematically derived from the private key. The public key is then hashed to create a public address which is open to the world. So, if Alice were to send Bob some BTC, she simply has to send them to his public address.
Now, there is a problem with this system. The public address is well…public! Anyone on
the blockchain can know who that address belongs to and as a result checkout their entire transaction history and also a number of bitcoins that they own! While Bitcoin does a stellar job of being a decentralized cryptocurrency, it doesn’t really do a great job of being a private currency system.
This is the “Electronic cash triangle” as the Monero team puts it:
Image courtesy: FluffyPony presentation.
As they put it, an ideal Electronic cash should fulfill three requirements:
- It should be electronic.
- It should be decentralized.
- It should be private.
With Monero, they are attempting to fulfill all these 3 criteria.
The underlying philosophy behind Monero is complete privacy and opaqueness.
- The privacy of the sender is maintained by