Monero: You have mining machines and money, can't I just change the algorithm?

Recently, the developers of Monero announced that they will cooperate with the serverless storage protocol Arweave to verify a new ASIC-resistant mining algorithm RandomX, which will replace the CryptoNight algorithm once the audit is successful. The algorithm change directly turned the original mining machine into a pile of scrap metal.

Monero , changes algorithm every 6 months

Monero is a forked currency of Bytecoin. When Bytecoin was released, it was found that 82% of the currency had been pre-mined. In the digital currency world that advocates freedom, if you dare to pre-mine, I dare to fork. So the community directly forked Bytecoin and Monero was born (April 18, 2014).

As for Bytecoin, since the Bytecoin team likes pre-mining, the remaining 18% is left for them to mine by themselves. Monero seems to be born to pursue "fairness and freedom". It can't even tolerate team pre-mining, so how can it tolerate ASIC mining machines? Therefore, in order to deal with centralized mining tyrants, Monero will be hard forked every 6 months on average.

Monero's algorithm update is not just to fight against ASIC mining machines. Since Monero's mining is more friendly to terminal devices such as PCs and iPads, it has been targeted by various hackers. Various hackers use Trojan viruses to control other people's PCs, iPads, etc. to mine and then gain profits. This problem can also be solved by changing the algorithm.

Historically, Monero has had several forked coins, including Monero Zero, Monero Original, and Monero Classic. However, the Monero community is definitely very strong, and Monero is still the most recognized. This is called, your uncle is always your uncle!

The emergence of Monero is to fight against all kinds of injustice. If it does not fight, perhaps Monero will lose its inherent meaning. Of course, as a representative of mixed currency, Monero not only fights against centralized algorithms and hacker viruses, but also fights against the real world's censorship of electronic currency pairs - anonymity.

In Bitcoin, due to the public and traceable nature of the blockchain ledger, anyone can use the public information of the Bitcoin blockchain browser to trace back to all the Bitcoin accounts that have transactions with it. Therefore, the anonymity of Bitcoin is not impeccable.

Monero uses ring signatures and obfuscated addresses to ensure anonymity. Its transactions not only hide the addresses of both parties, but also the transaction amount. By default, the transaction details are completely invisible, and privacy is extremely strong. The so-called ring signature means that when a transaction occurs, the system automatically generates several groups of transactions with the same amount. Through this "true and false mixing" method, you can't find out which address the coin has gone to.

Ring Signature Technology, Monero's Hidden Art

In the transaction process, the three data involved are [sender] [receiver] [transaction amount]. The three technologies corresponding to Monero are based on these three perspectives. Let's take a look at how Monero achieves anonymity through ring signatures, obfuscated addresses, and ring confidentiality.

Ring Signatures - Sender, Untraceability

For example, when everyone jointly submits a letter to give opinions, how can we make it difficult for the outside world to guess who the initiator is? The names of the people who submit the letter can be written in a ring, and the status of each name in the ring seems to be equal to each other, so it is difficult to guess who the initiator is. Suppose A sends Monero to B, and the number of obfuscated transactions is set to 5. The network will automatically generate 5 transfer transactions when transferring money. In addition to the one sent by A to B, the other 4 are "decoy transactions" used to deceive external observers, so as to achieve the purpose of hiding the sender.

Obfuscated addresses - recipient, unlinkability

The purpose of obfuscating addresses is to break the association between input and output addresses, thereby concealing the relationship between the transfer. Whenever the sender initiates a transfer, the funds will not be directly transferred to the recipient's address, but to a temporary address generated by the system. For example, when A transfers money to B, A, as the sender, uses B's public key and private key plus some random numbers to generate a unique, one-time address, and the system transfers money to this temporary address. A and B can both see this temporary address, but neither of them knows who the money in the address belongs to.

So how does B know that someone has transferred money to him and how does he receive the money? B's wallet will use the private key to search and check whether there is money belonging to him at the temporary address on the blockchain. When B's private key (only the recipient B's own private key can be used) identifies the temporary address that he is entitled to claim, he can use the money.

Ring Confidentiality - Transaction Amount Anonymity

When A transfers money to B, in the RingCT transaction, A will not directly disclose the amount of the transfer to the network, but provide a digital rct as the transaction amount output. rct = random number + real transaction amount. The random number is used to cover the real amount and is automatically generated by the wallet. The network can use this rct value to verify whether the transaction input is equal to the transaction output amount to confirm that no additional Monero is forged. However, for others, there is no way to know the actual transaction amount.

Dust attacks and data bloat

Obviously, Monero's currency mixing is achieved by creating multiple "fake transactions" at the same time, and then "confusing the real and the fake" to achieve privacy protection. The direct consequence of this model is that Monero is "bloated". Take Bitcoin as an example, each transaction is a transaction; but in Monero, each transaction includes at least 5 transactions (the purpose of the remaining 4 transactions is to confuse the real with the fake), which means that the amount of data in Monero will grow very fast.

The direct result of the rapid growth of data is that there are higher requirements for the operation of full nodes. Take Bitcoin as an example. The current data is more than 200g, and this data is still increasing. If this data increases to 500g or 1000g, even if the algorithm is resistant to professional mining machines, how many people are willing to run full nodes? If only a very small number of full nodes are running, then the system is inevitably centralized.

Among them, the most terrifying thing is not only the professional mining machines, but also the dust attack, which can paralyze the Monero currency due to bloat. Because in the mixed currency mode, whether transferring 1 Monero or 0.0001 Monero, it needs to be matched with 4 sets of the same transaction data, so the dust attack is enough to turn the Monero system into a bloated system.

Of course, some people will ask why we cannot edit or merge data during the hard fork process. For example, by editing transaction data before a certain time period, or merging multiple small transactions, a lot of space can be freed up. But the question is, how is this processing method different from the centralized mechanism in reality?

Bulletproof protocol makes bloat slower

In order to solve the above problems, the bulletproof technology came into being. The bulletproof protocol was originally published by cryptographers Benedict Bunz and Jonathan Bootle. The protocol can reduce the size of transaction data and reduce the transaction size by at least 80%.

Like Bitcoin, Monero uses the UTXO transaction model. This means that the blockchain manages balances through a concept called Unspent Transaction Outputs (UTXO). The balance of a wallet is made up of a series of UTXOs. Each UTXO is an amount of BTC (or XMR) that can be used to send to another user. Whenever a user sends BTC to another user, a portion of the sender's UTXO is spent, and a new UTXO is created and sent to the recipient. With Bitcoin, a spent UTXO can be considered gone and removed from the existing global set of UTXOs.

Since Monero uses ring signatures, it is impossible to determine whether a UTXO has been spent. Therefore, all UTXOs that have ever existed, whether they have been spent or not, need to be in the valid global UTXO set. This is a very large and growing data set that every mining node needs to keep track of, and if it grows too quickly, it will greatly hinder the scalability of the network.

Among Monero's three different mechanisms, the Bulletproof protocol focuses on the ring confidentiality link. That is, the Bulletproof protocol does not actually contribute to Monero's privacy technology itself. The protocol only ensures that the information stored in the confidential transaction does not contain any false information, so as to reduce the amount of data.

But it is clear that bulletproofs can only slow down the growth of Monero’s data, but cannot fundamentally solve the problem of data explosion. If the running data of Monero’s full nodes grows larger and larger over time, Monero will still not be able to solve the “computing power centralization” problem currently faced by Bitcoin.

The Problem with Monero

Monero’s anonymity is both its greatest strength and its greatest weakness. Anonymity has value, but it can also enable criminal activity to go unpunished, making regulation more difficult. Monero’s mixing transactions can easily be used for illegal financial transactions, such as money laundering and buying and selling illegal drugs. If it were easy to use Monero for illegal financial transactions, it would surely be used for such purposes, and governments would eventually be forced to intervene.

In addition to regulatory issues, Monero's privacy protection measures are not that strong. WIRED magazine published an article about Monero's privacy weaknesses earlier. Researchers from different universities pointed out flaws in Monero's transaction mixing algorithm, which undermines its untraceable properties. In response to these problems, Monero's developers have made regular and continuous improvements to Monero. However, privacy is not achieved overnight and will be a long-term battle.

It is undeniable that Monero has introduced privacy to cryptocurrencies without sacrificing decentralization, using innovative technologies to ensure that transactions are unlinkable, untraceable, and the amounts sent are hidden, which is worthy of recognition. Currently, Monero developers are also working on improving existing scalability, hacker attacks, and data abuse issues, but government regulation is still an uncertain factor that cannot be ignored.