What is Monero And How Does It Work?

In April 2014, a group of cryptocurrency activists announced the BitMonero project. Later, renamed to Monero. It is one of few privacy coins, with a broad list of features to prevent data leaks. The cryptocurrency is using the code of CryptoNote and Bytecoin projects as its base.

CryptoNote Roots

The protocol called CryptoNote is the basis for Monero’s inner modus operandi. The anonymous developer Nicolas van Saberhagen created the protocol in 2012. He left the message in a whitepaper called “CryptoNote v.1.0” and dropped it in the anonymous IRC chat.

In 2013, he released the “CryptoNote 2.0” paper with important additions, and the standard became a subject of the development of three different cryptographers from around the world. Several cryptocurrencies now use the protocol, while the author remains anonymous.

The CryptoNote codebase is a foundation for the correct functioning of the Ring Transactions in Monero.

Bytecoin Roots

The Bytecoin currency appeared as the first realization of the CryptoNote anonymization protocol. BitcoinTalk forum users started numerous discussions. But later, it turned out that the Bytecoin developers cheated with the public: they pre-mined 80% of the coins in distribution.

This is a substantial hit for the Bytecoin economy. After discussions, fair users led by Ricardo Spagni joined a separate group and created their version of the coin with zero premine. All the network participants had equal conditions.

In 2019 developer Moneromooo and a bunch of others received substantial amounts of donations to continue the work. The project was led by Riccardo “fluffypony” Spagni, but he recently resigned (due to lack of energy) from being ‘the center of everything’ for Monero. He will remain as a shadow maintainer, though.

Monero resides in the third place after Bitcoin and Ethereum in terms of the total developers count. According to GitHub, Moneromoo is leading in the number of commits.

You can download several types of wallets to store Monero. The interesting take about this cryptocurrency is that it is missing in most of the multi-currency wallets except for the Edge mobile wallet.

Consider installing the official PC wallet, which is accessible in two main versions – CLI and GUI. The latter is for the majority of the users and we recommend it over the CLI version. CLI is for people who like entering commands in the terminal and receive text answers from the PC, without any graphics.

Hint: Always check the MD5 checksums of the cryptocurrency wallets that you download from official websites. On 18 November 2019, hackers took over the security of Monero’s primary website and replaced the official CLI wallet with an infected one. Users who downloaded the compromised wallet lost their funds.

CryptoNote Specifications

Monero is using the blockchain that is not showing any transactions to the public. Most of the cryptocurrencies show a noticeable level of payment details. Monero tends to hide everything: the payment address, the receiving address, and the sum transferred. More than that, even if you have the transaction ID you cannot view anything on the blockchain. That’s why XMR block explorers typically only provide transaction IDs and hashes. The addresses and the sums marked as Confidential.

This is very contrasting with the traditional blockchains. Monero is often called private, but optionally transparent crypto. The public address on the blockchain in Monero is different from the one in Bitcoin.

Firstly, the transaction details are visible only to the sender and the receiver. Secondly, CryptoNote is using 2 pairs of keys attached to every address instead of using one pair.

CryptoNote addresses are divided into four types and each of them has two of the private keys and two of the public keys.

Basic Monero Anonymization Techniques

Monero helps to 100% obfuscate the traces against companies such as Chainalysis, Ciphertrace, Elliptic, QLUE or Crystal Blockchain.

They gather addresses in clusters, mark them as safe or dangerous, give known addresses ratings and trace connections. Despite this is very convenient for their clients (exchanges and governments), coin fungibility is receiving a hit.

If so-called ‘tainted’ coins will get to your hands, there is a probability that you will not be able to sell them on an exchange. For instance, Binance is blocking the coins which came from hackers or ICO fraudsters. Sometimes blocked sum comes from honest traders too. Binance’s paranoia made them block the outgoing bitcoin transaction because the user sends coins to Wasabi Wallet.

Wasabi is known for its coin mixing build-in script called CoinJoin. It allows users to mix the coins within mutual transactions, where the senders and the receivers don’t match. Exchanges don’t like such mixing because it helps the community to keep bitcoins fungible. Centralized AML checks fail to determine the source of funds when using Wasabi in bitcoin mixing. In Monero, you don’t need special wallets to be able to hide the traces.

In the case of privately owned crypto exchanges, if you trade with them, keep an eye on their change of policies and user feedback. The exchanges better be blind about your Internet activity. You cannot be sure that the coins you use will not be blocked.

Ring Signatures

In cryptography, a ring signature is created by one of the few persons in a ring of parties. The ring may consist of real persons, bots or so-called ‘mixins’. 

Mixin is a shadow of the previous XMR transaction that the wallet adds to your transaction. It is a ‘ghost’ of a transaction taking roots in the past. When someone signs a cumulative ring transaction, such a signer is hidden and there is no way of determining who that was. Also, 10 mixins (i.e. the ghosts of the prev. Monero transactions) are automatically added to each XMR transaction.

Over time, your transactions can become mixins too.

Ring Confidential Transactions

This is the tiny protocol which allows the cryptocurrency to hide the amount sent and the addresses of participants. Very useful in Monero and some altcoins, but still not present in Bitcoin. Strangely, CT is a protocol created by a Bitcoin Core developer Gregory Maxwell.

Ring CT was added to the Monero protocol in January 2017. This feature became obligatory for all payments after September 2017.

Multi-Language Mnemonic SEED phrases

Monero wallets are the only ones where you can generate a SEED phrase using several languages, including Russian, Chinese, and some other strange ones. If the cops or burglars will find the paper with the SEED in your house, they won’t guess it’s a Monero recovery phrase if it’s written in Russian.

Mixins

Starting in February 2018, the number of mixins allowed for one TX is fixed on 10. Many of the users were lazy in the past and didn’t push mixins number up. This has led to the failure of the anonymity level in the network. Researchers were able to determine the inputs and outputs of most of the transactions, using the deduction method.

Key Images

Confidentiality of the ring signatures means the blockchain should have some way of confirming that certain coins were spent. This task is solved by the production of the key image. You can send it to another person to share full information about the payment, including the input address.

This key is always a part of the ring transaction, where every party has its key image bound to this same transaction. Monero blockchain is storing a list of all the used key images. Miners can identify that the outputs were not spent already.

The key image confirms that you knew the private key of one of the transaction participants and that you have correctly calculated it. The outside observer may look at the key image and be sure that the transaction indeed happened on the Monero blockchain.

Kovri I2P Protocol

This protocol allows sending the traffic through the I2P network, which works similarly to the Tor network. Users will be able to send the payments via a long connection of nodes. Each hop adds more anonymity. When you send the transaction, the wallet is telling the network that nodes must start propagating it. During such a delicate process, you open your IP address and some other metadata to the network. The information won’t e recorded to the blockchain, but someone who actively monitors the network may spot you.

Kovri is based on C++, this will pave the road to easy integrations with Apple, as well as with other cryptocurrencies with privacy features support. In 2015 Monero developer Anonimal accused the Tor network of working for the U.S. government and claimed he will create a fork of i2p client.

However, he didn’t make any significant commits in 10 months, and many people believe that the man isn’t going to finish the protocol implementation. For example, the developer is claiming that he performs all the code testing by himself right now. This goes out of accords with the traditional peer-review process.

To emulate some of the Kovri’s functionality, use a TOR/VPN system-wide when making payments.

Dynamic Block Size in Monero

Most of the cryptocurrencies have their block size fixed. This causes lots of debates about the ‘ideal’ size of the block. Bitcoin SV has 128 Mb blocks, while Bitcoin Cash has up to 32 Mb blocks. However, Bitcoin has 1 Mb block, that’s why sometimes users have to wait for confirmations for hours and increase fees. The space for transactions is small, and the majority of the crypto users don’t even want to try out new currencies.

However, in Monero the block automatically becomes larger when the transaction count increases. The network is watching the latest 100 blocks. If the mempool is bigger than the current block size, the blockchain increases it in a moment. But the network can expand the block only by 2x from its initial size.

A 100 blocks window is long enough to stop the evil miners. When they flood the network, users’ transactions remain without confirmations. This way, bad actors are trying to destroy the cryptocurrency’s image and decrease the fanbase. Flooding attack causes the transaction fees to grow, like in the Bitcoin network. By slowly increasing the blocksize Monero handles the demand and then the block returns to its normal size. There is no transaction queue and no increased fees.

Additional, or Tail Emission

The developers of Monero are sure that projects like Bitcoin or Ethereum do not incentivize miners in the longterm. The problem: the user’s fees will not cover the current network’s reward for mining. Bitcoin network starts cutting the reward by 2x in the first half of 2020, which means 2x fewer rewards for miners with the presumably same price.

Monero will decrease the monetary supply, just like Bitcoin:

The reward will decrease from 3 XMR in 2019 to 1 XMR in 2021, and then it sets to 0.6 XMR per block. This is the moment of Tail Emission start. Since May 2022, the XMR network will be issuing new portions of XMR to the loyal miners to give them compensation and the will to continue mining the blockchain.

The current total monetary supply of the network is 18.4 million coins. When the tail emission starts, this metric will slowly increase and unexpected things could happen to the price of XMR.

The Tail Emission is also good because it restores the lost coins. People sometimes forget about flash memory, paper sheets, and hard drives. If you use some dedicated drive to store crypto, mark it!

The Change of Monero Mining Algorithm Against ASICs

Monero has settled a system of planned hard forks. Twice a year the developers put in new code and bug fixes. During such a major update, the developers can change the mining algorithm of the network. This is yet another unique feature of Monero – it can switch the mining algorithm to resist the development of compatible ASICs. Less ASICs in the system means more decentralization and rewards for GP miners.

Four Types of Monero Address Keys

In Bitcoin, the address appears from the private and the public key. In Monero there are four different keys forming the address:

• public view key – shows stealth addresses corresponding with the transaction.
• public spend key – it is used by the sender to generate a one-time stealth-address
• private view key – the private view key will allow looking at the history of incoming transactions, but not the outgoing ones.
• private spend key – It allows spending the coins and is generated by the 25 words SEED phrase. So don’t ever send it over to people and don’t show anyone. If the hacker manages to collect your private key, he will be able to steal the funds.

In Bitcoin, you sign the transaction with the private key. And you can check its information using the public key and blockchain explorer. In Monero, you cannot look up the transaction details online if you don’t have a special key image.

Four Types of Monero Addresses

When sending Monero, all you have to know is the receiver’s address.

The addresses are 95-106 characters in length, starting with 4. Different kinds of addresses allow increasing the anonymity level.

Standard Addresses

When the network began functioning, this was the only type of address out there. In 2019, users are recommended to use sub-addresses though.

• The standard addresses are a technical basis for sub-addresses and integrated addresses. However, the standard address is useful for receiving the block rewards (because other address types not supported)
• The acceptance of payments from people who combine several payments into one (like the mining pools), sub-addresses don’t work in such TX’s.

Integrated Address

It is the original Monero address, but with the short payment ID in the address itself. The integrated address keeps privacy via self-encryption. Only the receiving party can decrypt the address and see the ID. The ID is often set by the wallet, but it can optionally be your own words if you want.

The integrated address is useful for exchanges because they use such ones to attach your payments to a specific ID. Since Monero is fully anonymous, they don’t have other means to identify that the payment came from a certain person. It is also useful for barter trading because merchants can attach IDs to products, deals or people.

In certain cases, you shouldn’t send the coins without setting the ID. The famous Andreas Antonopoulos quote comes to mind: “Not your keys, not your bitcoins”. For instance, Kraken support can both return or dismiss the coins if you send them without the ID.

Technically, they should be able to retrieve the coins even if a user forgot to add the ID to the transaction. Be very careful while sending Monero from the wallet to the exchange. Send a small amount to look at whether the payment will top up the inner wallet balance.

Sub-address

The Standard address derives sub-addresses from itself. If you won’t publish them on forums and websites, they guarantee a very high degree of anonymization compared to standard and integrated addresses.

The sub-addresses are sitting within Accounts in the wallet. You can have separate deterministic accounts in one wallet (and one SEED) if you want. The addresses from one account won’t cross with the addresses from another. Accounts have labels, you can add yours like ‘mining’, ‘jobs’, ‘donations’, etc. This is very convenient: in most of the wallets, you can only have one Account per session.

Please note that the anonymity level decreases if you have an account on the exchange. In such a case, all your payments belong to the same address and the timestamps are in the database.

For most of the Monero fans, sub-address is a pretty good way of receiving the payment. Remember that you shouldn’t re-use addresses or give one address to different people. However, under certain rare circumstances such as the Janus attack, third party observers may expose your transactions even with all the precautions in place.

Researchers claim that it will take one year and $1.7 million to carry out such an attack. But even after such measures, it is possible to uncover only 47% of the total transaction pool. Most of the folks can use the addresses without any worries. However, if you want 99% privacy from your Monero transaction, use a separate SEED.

Stealth Addresses

All the transactions in the network are using the one-time stealth address.

The coins are not heading from one address to another directly. Instead, the sender’s wallet generates the address which receives the coins, and then the receiver is using his public spend key to withdraw the money. Such a scheme restricts direct interaction between two addresses. In traditional blockchains, you can see the connection between the senders and receivers.

The stealth address is always a one-time address that ties itself to a particular transfer. Both the sender and the receiver can look up the transaction details within the wallets if they have the key image.

Be Careful! Exchanges and Online Wallets Steal Monero

According to Monero Reddit, firms like Changelly, HitBTC and some others are scamming XMR users.

The community has created a list of untrusted ventures. Thanks to the anonymous nature of Monero payments, exchanges simply steal the user’s XMR coins. The reports say exchanges kept holding the coins while continuously demanding the users to send out documents. Some services only release coins after the user shows serious will to post tons of criticism online and invite the company lawyer to the court.

Be extremely aware of the place where you want to send coins to, and make your investigations using websites like TrustPilot, Glassdoor, etc.