推进加密货币隐私
Monero 研究实验室 (MRL) 是一个开放、协作的研究团队,致力于前沿密码学和隐私技术的研究。我们的工作重点是改进 Monero 的协议、分析潜在漏洞,并推进金融隐私研究的最前沿。
研究实验室
Monero 致力于继续研究涉及加密货币的金融隐私。以下是我们研究人员的工作,更多论文即将发布。
研究论文
MRL 成员撰写的关于密码学、隐私和协议改进的论文。
MRL-0010
Discrete Logarithm Equality Across Groups
This technical note describes an algorithm used to prove knowledge of the same discrete logarithm across different groups. The scheme expresses the common value as a scalar representation of bits, and uses a set of ring signatures to prove each bit is valid.
阅读论文 MRL-0009
Thring Signatures and their Applications to Spender-Ambiguous Digital Currencies
We present threshold ring multi-signatures (thring signatures) for collaborative computation of ring signatures, present a game of existential forgery, and discuss uses in digital currencies including spender-ambiguous cross-chain atomic swaps for confidential amounts.
阅读论文 MRL-0008
Dual Linkable Ring Signatures
This bulletin describes a modification to Monero's linkable ring signature scheme that permits dual-key outputs as ring members. Key images are tied to both output one-time public keys, preventing both keys from being spent separately.
阅读论文 MRL-0007
Sets of Spent Outputs
This technical note generalizes the concept of spent outputs using basic set theory. The definition captures a variety of earlier work on identifying such outputs. We quantify the effects of this analysis on the Monero blockchain.
阅读论文 MRL-0006
An Efficient Implementation of Monero Subaddresses
We document a new address scheme that allows a user to maintain a single master wallet address and generate an arbitrary number of unlinkable subaddresses. Each transaction needs to be scanned only once to determine if it is destined for any of the user's subaddresses.
阅读论文 MRL-0005
Ring Signature Confidential Transactions
This article introduces a method of hiding transaction amounts in Monero. A new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature, is described which allows for hidden amounts, origins and destinations with reasonable efficiency.
阅读论文 MRL-0004
Improving Obfuscation in the CryptoNote Protocol
We identify several blockchain analysis attacks available to degrade untraceability of CryptoNote 2.0. We analyze solutions, discuss merits and drawbacks, and recommend improvements including protocol-level minimum mix-in policies.
阅读论文 MRL-0003
Monero is Not That Mysterious
The purpose of this note is to clear up misconceptions and remove mystery surrounding Monero Ring Signatures. We compare the mathematics in CryptoNote ring signatures to the original paper on which it is based.
阅读论文 MRL-0002
Counterfeiting via Merkle Tree Exploits within Virtual Currencies Employing the CryptoNote Protocol
This research bulletin describes deficiencies in the CryptoNote reference code allowing for an attack on 4 September 2014, describes the solution, and elaborates upon what the offending block did to the network.
阅读论文 MRL-0001
A Note on Chain Reactions in Traceability in CryptoNote 2.0
This research bulletin describes a plausible attack on ring-signature based anonymity systems. It demonstrates that untraceability can be dependent upon all keys used in composing a ring signature, allowing for chain reactions in traceability.
阅读论文 IACR 2020/312 This paper has been retracted, but it's possible to view it clicking on 'All versions of this report'.
Arcturus: efficient proofs for confidential transactions
We extend Triptych to build Arcturus, a proving system that proves knowledge of openings of multiple commitments to zero within a single set, correct construction of a verifiable random function, and value balance across a separate list of commitments within a single proof.
阅读论文 IACR 2020/018
Triptych: logarithmic-sized linkable ring signatures with applications
We introduce Triptych, a family of linkable ring signatures without trusted setup based on generalizations of zero-knowledge proofs of knowledge of commitment openings to zero. Signatures are logarithmic in the anonymity set size and can be efficiently verified in batches.
阅读论文 IACR 2019/654
Concise Linkable Ring Signatures and Forgery Against Adversarial Keys
We demonstrate that a version of non-slanderability is a natural definition of unforgeability for linkable ring signatures. We present a linkable ring signature construction with concise signatures and multi-dimensional keys.
阅读论文Uniformly Most Powerful Tests For Ad Hoc Transactions In Monero
We introduce a general, low-cost, low-power statistical test for transactions in transaction protocols with small anonymity set authentication (TPSASAs), such as Monero. The test classifies transactions as ad hoc or self-churned. We extend these tests to exploit prior information about user behavior and discuss test parameterization.
阅读论文 Unpublished
Understanding ge_fromfe_frombytes_vartime
Monero uses a unique hash function that transforms scalars into elliptic curve points. This document translates its code implementation into mathematical expressions.
阅读论文