The CryptoNote Reference Implementation is an open-source application layer protocol that serves as the underlying technology for several well-known, decentralized and privacy-oriented cryptocurrencies.
The CryptoNote Technology is designed to provide some of the most innovative privacy features predicated on advanced cryptography, an egalitarian approach towards decentralization, and censorship-resistance.
Background on CryptoNote
The CryptoNote technology has a similarly mysterious origin as Bitcoin. Initially emerging in 2012 and published on Tor, the author of the original whitepaper used a pseudonym Nicolas Van Saberhagen. The identity of the author is still unknown following the publication of a second version of the whitepaper under the same pseudonym less than a year later.
The original paper addresses the flexibility and privacy deficiencies with Bitcoin, particularly emphasizing traceability and linkability of transactions as well as enforcing Bitcoin’s “one-CPU-one-vote” principle originally proposed by Satoshi Nakamoto. Referencing “we” in the paper, they present a new suite of advanced features for decentralized cryptocurrency networks predicated on mathematical analysis dubbed the CryptoNote Technology.
The CryptoNote Technology is built on the foundation of providing two fundamental properties that are needed to achieve full anonymity in a payment network:
Untraceability refers to for all incoming transactions, all possible senders are equiprobable as the origin.
Unlinkability refers to the notion that it is impossible to prove that any two outgoing transactions were sent to the same person.
The original proposal has since been supplemented with several optimizations and improvements to keep the technology at the cutting-edge of innovation while still holding true to its original principles. A list of standards is maintained on the CryptoNote website as the specifications of the protocol. Currently, the primary features of the CryptoNote Reference Implementation focus on:
- Untraceable Payments
- Unlinkable Transactions
- Double-Spending Proof
- Blockchain Analysis Resistance
- Egalitarian Proof of Work
- Adaptive Parameters
CryptoNote achieves untraceable payments through its integration of ring signatures. Ring signatures are based on a group signature concept originally proposed by David Chaum and E. van Heyst that later evolved to the “Traceable Ring Signature” paper, which CryptoNote ring signatures are based on. Ring signatures use multiple public keys mixed together to muddle the true signer of a transaction without sacrificing the ability to verify that the transaction is valid. A further development of Ring Confidential Transactions (Ring CTs) is implemented in several CryptoNote cryptocurrencies today as an improvement on the original traceable ring signatures.
Unlinkable transactions in CryptoNote are accomplished through the use of one-time keys. Even with a ring signature, all of the incoming transactions to a public key address can be observed on a blockchain. CryptoNote mitigates this by automatically generating one-time keys derived from the public key of the recipient for each transaction. By using an optimized version of the Diffie-Hellman Key Exchange — which allows for a cryptographically secure shared secret between two interacting parties –, the sender of a transaction hashes the recipient’s public key with their own data to create a unique one-time key for that transaction. As a result, only the receiver can generate the private component of the transaction, thus being the only party that can release the funds once the transaction is committed.
Accomplishing a double-spend proof when the goal is to obfuscate transaction data comes with some clear challenges. CryptoNote cleverly employs a concept known as key images to ensure there are no double-spends even in an opaque blockchain ledger. Key images are unique markers designed to support linkability while allowing a signer to remain anonymous. For instance, if Alice creates more than one ring signature using the same private key, then this will indicate a double-spending attempt. To be able to identify this without revealing Alice’s identity, a key image is generated when signing a transaction and subsequently retained by all users in the network. It is impossible to link a transaction to a public key and identify the signer of the transfer. Further, any transaction with a duplicate key image that is submitted is rejected outright by the network.
Blockchain analysis has arisen as an interesting topic for research and innovation with some companies emerging for analyzing on-chain patterns. Developments at both the blockchain layer and network layer of cryptocurrencies have revealed methods to deanonymize users in a pseudonymous network like Bitcoin. Due to each transaction in CryptoNote having a unique one-time key, linking inputs and outputs through public addresses is not possible.
To summarize at this point, the identity of senders is obfuscated by ring signatures, the amounts transacted are anonymized by (in the case of Monero) Ring CTs, and one-time addresses provide the recipient privacy in a transaction.
Image Credit – CryptoNote Website
The focus on an egalitarian proof of work in the CryptoNote reference implementation stems from the centralization risk of Bitcoin with the development of powerful ASIC mining chips. At the time of the original CryptoNote paper, CPU mining in Bitcoin was technically still feasible but was quickly becoming irrelevant due to the onset of specialized mining hardware. Especially considering the recently released Bitmain IPO prospectus that states Bitmain controls 37.1 percent of Bitcoin’s mining hash power, CryptoNote’s forward-thinking approach to ASIC dominance is largely corroborated in that 51 percent attacks may eventually be feasible, however unlikely.
Centralization of mining also permeates into off-chain governance decisions where it becomes even more complicated of a topic. Consolidation of mining power creates slower network upgrades but can also be a net positive considering Bitcoin’s conservative approach to development. CryptoNote identifies that Bitcoin’s SHA-256 mining algorithm does not sufficiently mediate the advantage that high-cost custom devices (like ASICs) have over standard CPUs. CryptoNote refers to the Pareto principle (valid at the time in the context of Bitcoin), where 20 percent of the system’s participants control more than 80 percent of the votes, as the reason for promoting a memory-bound algorithm for the proof of work pricing function to distribute mining power.
The CryptoNight mining algorithm eventually implemented in Bytecoin and subsequently optimized for Monero is an excellent example of such an algorithm. CryptoNight effectively resists ASIC mining and only allows for CPU and GPU mining. However, with constant advances in mining chip hardware, remaining ASIC-resistant is difficult and required Monero to fork its protocol to maintain its status quo recently.
Read: How to Mine Monero
An interesting component of CryptoNote is the emphasis placed on adaptive parameters, also called adaptive limits. Hard limits refer to hardcoded parameters in a decentralized cryptocurrency network’s protocol, such as block size and block difficulty. These limits can lead to polarizing dilemmas such as Bitcoin’s block size debate and the eventual Bitcoin Cash hard fork. CryptoNote tackles hardcoded limits by setting automatically adjusting parameters for each block based on certain conditions.
For instance, Monero uses a dynamic block size rather than a hard block size where the block size has a maximum value of 2 * M100 where M equals the median size of the last 100 blocks. This allows for blockchain bloating to be alleviated and the removal of the need to explicitly limit transaction sizes. Further, the difficulty adjustment in Monero retargets every block based on the last 720 blocks, excluding 20 percent of the timestamp outliers. This mirrors the CryptoNote reference for readjusting the difficulty target.
Overall, the suite of features available in the CryptoNote Technology is built on some incredibly complex and innovative mathematical analysis. As an open-source protocol, CryptoNote is designed to provide the framework for a competitive environment of decentralized and privacy-oriented cryptocurrencies.
Popular Cryptocurrencies Using CryptoNote
There are numerous cryptocurrencies available today that use the CryptoNote Reference Implementation. All of them implement the underlying technology in some form or another, typically with some optimizations tailored to the purpose of the cryptocurrency.
CryptoNoteCoin is the CryptoNote Reference Implementation for the CryptoNote Technology. It has zero commercial value, and the Genesis block is replaced every 2 months. Some features that showcase the technology include:
- CryptoNight Mining Algorithm
- 30 Second Block Time
- 18.4 Million Coin Supply
- Full Re-Emission Every 2 Months
CryptoNote provides some excellent resources on how to fork the CryptoNoteCoin protocol and begin creating your own CryptoNote cryptocurrency. Further, you can download the CryptoNoteCoin wallet and blockchain to experiment with sending and receiving coins as well as mining.
Bytecoin was the first CryptoNote-based currency created in 2012 that was originally produced in close association with the CryptoNote team. A popular cryptocurrency today, Bytecoin includes the CryptoNight mining algorithm as well as the typical privacy features of CryptoNote coins such as ring signatures and a decreasing emission rate over time. Notably, Bytecoin places a considerable emphasis on instant transactions and no fees to appeal to businesses, customers, and merchants alike for secure, anonymous, and fast international payments.
Monero is probably the most popular privacy-focused cryptocurrency today. As an open-source protocol and decentralized community that consistently contribute to its development and increased network effects, Monero is a powerful network for anonymous payments.
The Kovri Project has also been in the works for more than 4 years and has made substantial headway in integrating a Tor-like P2P overlay network into its protocol to provide an even further layer of privacy. Monero has pushed the boundaries of innovation in anonymity with cryptocurrencies, recently completing a code audit for its implementation of Bulletproofs, a zero-knowledge proof technology.
The CryptoNote Technology provides some of the most significant improvements and resources for anonymous cryptocurrency networks. The technology has been implemented in several established cryptocurrencies and is backed by the CryptoNote Foundation. Anonymous cryptocurrencies will continue to be a mainstay of the broader industry, and their developments will continue to push the limits of technology.