For our money to be private it needs to hide the sender and the receiver every time it changes hands. But it also has to hide the amount. Why’s that? If we cannot tell who’s sending to whom, why would it matter to know how much? Well, you could use very specific amounts to deanonymize people. Either by requesting a particular sum and discovering the true sender, or by sending money to someone to track the amounts as they move or cash out based on amounts and timing. There are many attacks that could be performed, and on top of that you could build a very nice and telling graph of money flowing through the network.

To solve that we can use RingCT, which is short for Ring Confidential Transactions. In a very, very simplified explanation of what they do, they hide the amount in a way that it can be verified that the amount is correct, without disclosing it. Sounds like magic, but it’s not. It’s cryptography.

They use two main math tricks: Pedersen commitments and Range Proofs. The former ensures that the amount the sender is sending is somehow locked and won’t change until it’s revealed at he other end by the receiver. And the later ensures that the mysterious amount is within the possible amounts and not doing anything funny, like creating Monero out of thin air, or sending more than the user has.

The result is that nobody will be able to see any amounts in the list and now our super secret transactions are ready to be written down in the blocks we mine. We just need to come up with a way to ensure that these transactions have room on the blocks and don’t get stranded on a forgotten bus stop at 2am forever.

◄ Previous / Next ►