Monero is a privacy-focused cryptocurrency derived from the CryptoNote protocol. Although CryptoNote is a significant extension of the Bitcoin protocol, its key differentiator is transaction privacy. Monero is an open source project maintained by a group of core developers and a community of open source contributors and researchers. Currently, Monero has the largest market cap of all other privacy cryptocurrencies.
How does Monero work?
Monero provides privacy through unlinkability, untraceability, and confidential transaction amounts.
A transaction is “unlinkable” when a user sends assets to another user, and the receiver, or anyone else for that matter, can't tell who the sender is based on information from the blockchain. Unlinkability is achieved through stealth addresses. Stealth addresses require the sender to create random one-time addresses for every transaction on behalf of the recipient. This means that two transactions sent to the same recipient cannot be associated as having the same recipient. It also means that only the sender and the recipient will know what addresses are involved in a transaction.
Unlinkability alone is not sufficient for privacy, since a sender can see a recipient's ensuing transaction activity by monitoring the activity of specific stealth addresses. Transactions between parties must also be untraceable. To make them so, Monero uses a technology called ring signatures to perform transaction mixing. In transaction mixing, when funds are sent, the sender randomly chooses funds from several other users to also appear in the transaction as a possible source of the funds being sent. This means that no one can tell which of the funds were really the source of the transaction, and thus no one can tell whether you've spent the funds you've received or not. Another implication of this is that an inactive but non-zero Monero wallet will still appear to possibly be transacting with many Monero wallets at all times.
Finally, Monero also hides the amount of XMR being sent in each transaction. This is done through an extension to the system of ring transactions called RingCT (Ring Confidential Transactions). This is achieved by applying a mathematical function to all funds such that public observers can see that the transactions are legitimate, but only the sender and receiver can know the actual amounts.
Besides building privacy into the blockchain's protocol, Monero's developers are also working on hiding a user's Monero network activity through an initiative called Project Kovri. With Project Kovri, passive network monitoring cannot reveal that a user is using Monero. This is achieved by encrypting Monero traffic and routing it through I2P (Invisible Internet Project) nodes. These nodes simply pass messages along. They don't know what's in a message and they don't know whether a node is the final destination or a waypoint to the final destination.
Project Kovri great increases the security of the Monero network by protecting its users from censorship external to the blockchain (e.g. arrested for using Monero). If no one can tell whether a user is using Monero, the user cannot be prosecuted for using Monero.
Like Bitcoin, Monero is a proof of work cryptocurrency. Unlike Bitcoin, Monero does not use the SHA256 hashing algorithm and instead uses an algorithm called CryptoNight. For the time being, there are no known ASICs available for CryptoNight and the algorithm can only be CPU-mined. This ensures Monero has egalitarian mining; users with conventional CPUs can still economically participate in the mining process.
Bitcoin and Ethereum mining is dominated by ASICs. This makes mining with relatively inefficient conventional CPUs uneconomical. Non-egalitarian mining crowds out many users from participating in a public blockchain's consensus process and this weakens the public blockchain's security.
Monero's developers have made it a point to maintain Monero's egalitarian mining. When Bitmain revealed Monero ASICs earlier this year, the developers quickly released an update to CryptoNight that rendered the ASICs ineffective. The update resulted in a hard fork of Monero, and the entire process resulted in the creation of four new coins by the community: Monero Classic, Monero-Classic, Monero Original, and Monero 0.
As previously mentioned, Monero is built on the CryptoNote protocol. The protocol was developed by pseudonymous author Nicolas van Saberhagen in October 2013. The first implementation of the CryptoNote protocol was Bytecoin. Monero was another implementation of the protocol. It was launched on Bitcointalk, a popular cryptocurrency forum, by user "thankful_for_today" under the name BitMonero. Monero translates to "coin" in the international auxiliary language Esparanto. The name was eventually shortened to just Monero.
The team behind Monero
There isn’t a company or foundation behind Monero. The cryptocurrency is developed by a group of core developers, known as the Core Team, and a community of open source contributors and researchers. You can see who's part of the team here.
The Core Team is led by Riccardo "fluffypony" Spagni. Fluffypony has an academic background in informatics and logistics. After spending many years in software development, he decided to start a business in the import/export industry with his wife. The business was successful and gave him the freedom to start playing with Bitcoin in 2011. Over the years, he has been involved in various cryptocurrency-related projects such as the cryptocurrency payment processor GloBee and an open-source blockchain protocol for digital assets called Tari.
Earlier in March this year, the Core Team posted a blog post describing the responsibilities of the Core Team. To summarize, these responsibilities are the management of Monero's codebase, the management of Monero's donation fund, the signing and distribution of Monero's reference clients, and the setting of a direction and vision for the project. In the event that there's a rift between the Core Team and the community, the community is expected to fork the project.
Compared to many other popular cryptocurrencies, which are often backed by companies or foundations, Monero appears to be a more organic and community-driven cryptocurrency. This is very important as its insufficient for a blockchain to be decentralized, the guidance and development of the blockchain should also be as decentralized as possible.
A high risk of a regulatory crackdown
Monero's privacy is both its greatest strength and its greatest weakness. Privacy is valuable, but it also enables criminal activity to be conducted with impunity. Monero's obfuscated transactions can easily be used for illegal financial transactions, such as money laundering and the buying and selling of illegal drugs. If it's easy to use Monero for illegal financial transactions , then it'll definitely be used for such purposes and governments will eventually be forced to intervene. This is especially true in the case of money laundering. And as we’ve seen from the recent US Secret Service testimonial, very little stands between a government and its tax revenue.
In fact, before AlphaBay, a large online black market, was shut down, most of its users were transacting with Monero. Even the mainstream media has caught on to the ellicit activities that Monero is being used for. The WIRED maganzine published an article titled "Monero, the Drug Dealer's Cryptocurrency of Choice, Is on Fire" and Bloomberg came out with its own Monero article titled "The Criminal Underworld Is Dropping Bitcoin for Another Currency".
Monero's Privacy Protections Aren't As Strong As They Seem
The WIRED magazine released an article earlier this year on weaknesses with Monero's privacy. Essentially, a team of researchers from various universities released a paper that pointed out flaws in Monero's transaction mixing algorithm which breaks its untraceability property.
The researchers point out two distinct cracks in Monero's untraceability that allow them to figure out the true UTXO from fake UTXOs in transaction mixing. The first crack, which relates to the continued use of old and verifiably spent UTXOs as decoys, has been ameliorated with a patch in 2017. The second flaw, which involves the fact that the real UTXO is very likely the most recent UTXO that has moved prior to the transaction, is still outstanding.
In response to these problems, fluffypoiny stated that Monero's developers are aware of these problems and have made periodic and ongoing improvements to Monero. According to him, "privacy isn't a thing you achieve, it's a constant cat-and-mouse battle".
Monero could have a UTXO scaling problem
Like Bitcoin, Monero uses a UTXO transaction model. This means that the blockchain manages balances through a concept known as an Unspent Transaction Output (UTXO). A wallet's balance consists a series of UTXOs. Each UTXO is an amount of BTC (or XMR) that can be used to send to another user. Every time one user sends BTC to another user, a portion of the sender's UTXOs are spent and a new UTXO is created and sent to the receiver. With Bitcoin, spent UTXOs are can be considered gone and removed from the active global UTXO set.
Because Monero uses ring signatures, it is not possible to determine whether a UTXO is spent or not. As such, all UTXOs that have ever existed, regardless if any has been spent or not, needs to be in the active global UTXO set. This is a very large and constantly growing dataset that every mining node needs to keep track of and can impede the scalability of the network if it grows too fast.
Privacy is valuable and Monero introduces privacy to cryptocurrencies without sacrificing decentralization. It uses innovative technology to ensure that transactions are unlinkable, untraceable, and the amounts sent are concealed. The project has strong organic support. It's led by a team of core developers that are supported by a large organic group of developers and researchers.
The main concerns with Monero are: a high risk of a regulatory crackdown due to its privacy, weaknesses with its protocol that can expose private transactions, and a scalability problem that results from an inability to discard spent UTXOs from the active global UTXO set which is necessary for the protocol to work.
Despite these risks, Monero is a strong cryptocurrency. Privacy is highly sought after given the recent string of hacks and data abuses by large companies. Monero elegantly integrates privacy into its protocol and although its not perfect, Monero's developers are actively improving it. The only wild card we’ve identified for Monero is government regulation.