One of the extremely important features of public blockchains is transparency. This means that every node in the peer-to-peer network can authenticate any transaction and get all the data it needs. This is how the largest blockchains work, such as Bitcoin and Ethereum.
Transparency significantly increases the reliability and authenticity of transactions, but at the same time - reduces their confidentiality, up to the complete loss of anonymity. The fact is that outside observers can associate certain transactions and addresses with real purchases, as a result of which - de-anonymize address owners. Yes, but it will take time and specific software, but there is nothing impossible.
Therefore, for those users who are looking for not only security but also confidentiality, have been developed special - confidential cryptocurrencies. And Monero is the most famous and widespread among them at the current moment.
A brief history of the project
The literal translation of the word "monero" from the Esperanto language is "money". During the creation of this cryptocurrency, the developers focused on two extremely important principles - it has to be an untraceable and unrelated. This made it possible to achieve the fact that it is almost impossible to establish a connection between two separate transactions in the network, as well as to determine the source of funds, their volume and purpose. But the very fact of the transaction and the possibility of its automated verification remain. This was achieved with the help of some specific cryptographic techniques.
Monero is a fork of another cryptocurrency project from 2012 - Bytecoin (not to be confused with Bitcoin), also focused on a high degree of transaction privacy. It was the first to implement the CryptoNote protocol, an open-source technology aimed at solving some of the key problems inherent in Bitcoin. Specifically, the use of ASIC equipment for mining and completely transparent transactions. And this protocol is still actively used.
But in 2014, some of the developers, dissatisfied with the way Bytecoin is developing, caused a rigid fork in the blockchain, calling the new branch "bitmonero". But soon the first syllable broke away from the name and it turned out Monero.
How does it work?
Two key points that differentiate Monero from other blockchains are the use of "ring signatures" and "hidden addresses". They make it possible to achieve such a high degree of anonymity. And now we will talk about these functions in more detail.
Ring signatures
In short, it is a type of digital signature created by someone from a specific group of users. Based on this signature and the public keys of the group members, it is possible to verify the authenticity of the transaction, but it is impossible to establish specific authorship.
In the 2001 article "How to Leak a Secret paper", this is written in some detail, taking as an example the work of a certain cabinet of ministers in the government. Suppose that one of the members of this cabinet, a certain Sam, has evidence against the Prime Minister. And he wants to publish them, for which he appeals to the press. But he needs to somehow prove that his words can be trusted and he had access to such documents. At the same time, it is vitally important to maintain anonymity, since Sam rightly fears revenge for his actions.
Sam cannot do this with his own digital signature. Because anyone can compare it with his own public key and make a direct relationship. But if you use a ring signature, which includes all the signatures of other members of the cabinet, then it is impossible to identify a specific author, but it is easier to prove that he definitely had access to documents by virtue of his work in the cabinet of ministers.
This principle is used every time you form your transaction on the Monero blockchain. Your wallet automatically pulls up the public keys of other users in the process to form a ring out of them. And an outside observer will not be able to determine who exactly originates the transaction. A kind of "mixing" takes place.
An important point. Real existing public keys with real transactions are pulled up. This was a certain problem - initially, to form a reliable ring signature, it was necessary to pull up transactions of the same size, since the transfer amount could be viewed. Therefore, it took some time to wait for a sufficient number of those who were going to transfer, for example, 2 XMR.
However, the Ring Confidential Transactions (RingCT) update changed this situation. With it, transaction amounts are now mixed. Therefore, you will no longer be able to track the amount of the transfer, since a different amount is signed for each of the digital signatures in the common ring. This has significantly increased the level of privacy in the Monero blockchain.
Hidden addresses
Yes, ring signatures hide who is carrying out transactions. But if you are going to transfer funds to open public addresses, then this moment can already be traced. An outside observer will see that some money is being transferred to the blockchain address associated with your personality. This information may be sufficient for de-anonymization.
A simple example. Let's say you run a web store and use the same public account for every order. Anyone can see the balance on it (transparency) and, by comparing transactions and your spending, establish the exact relationship between the address and your identity.
Hidden addresses avoid this situation. The sender of funds receives a one-time address, created on the basis of the public one, to which he will transfer funds.
Yes, you can view the list of accounts in the "Monero block explorer", but it only contains public, not hidden, addresses. And one-time addresses are generated automatically, don't repeat and can't be linked to each other. So it turns out that each owner of a public account has access to an unlimited number of hidden addresses associated with him. And convenient tools to access them.
They are called "view private key" and "spend private key". "The private view key" and "the private spend key". The first allows you to view in general all transactions within the Monero blockchain associated with your public address. It can be transferred to a trusted person, for example, an accountant who maintains your records. The spending key allows, as the name implies, to freely spend money on hidden addresses, as if they were all within the same wallet.
The Monero blockchain uses a privacy policy by default, so you cannot just stop using hidden addresses. And yes, despite the fact that outside observers cannot track the content of your transactions, for yourself, or for those to whom you delegate these powers, this does not pose any problem.
Difference between Monero and Bitcoin
Since both are cryptocurrencies, they have similarities. But there are also a number of features that make them unique. So let's take a look at it.
Interchangeability
Regarding Bitcoin, this is a difficult point. Some think bitcoins are fungible, others that they are not. And each side has arguments. Let's start simple. Fungibility means that each coin is no different from the other. One $ 10 bill can be the same as another $ 10 bill. The same goes for gold bars. But art objects, even of the same value, are no longer interchangeable.
At the protocol level, bitcoins are completely fungible. The software doesn't care when they were created or what they were spent on. However, at the level of social interaction, interchangeability is significantly reduced.
Since the blockchain is transparent, it is possible to trace the history of each coin and even its part right up to the moment of mining. And it can easily happen that some coin is used for an illegal transaction or in the process of money laundering. There have already been cases when the system refused to accept bitcoins or even blocked them due to an “unfavorable history”. This automatically makes the coins non-fungible. The value of "freshly mined" bitcoins with an absolutely pure history becomes much higher, since they will definitely not have any problems in working with them.
Of course, there are ways to "erase" the history of a coin - various crypto mixers and CoinJoining services. However, to use them, you need to perform additional actions and wait for additional time.
Monero does not have a coin history tracking problem by default. So all XMRs are by definition interchangeable. And they easily pass checks even in companies with a strict analysis of incoming funds.
However, this has created rather specific fame for Monero - due to its high privacy, this cryptocurrency is actively used by various cybercriminals.
However, privacy comes at a price. In this case, large transactions. Therefore, the whole system is less resistant to the scaling problem.
Blocks and mining
Monero, like Bitcoin, is used to “mine” Proof of Work (PoW) blocks. But unlike him, due to the CryptoNote protocol, this process is not compatible with ASIC equipment. This prevents the formation of dominant mining pools using specialized and extremely powerful mining hardware.
Monero's PoW algorithm, RandomX, aims to make the process fairer by moving mining from GPUs to CPUs, allowing even regular consumer computers to participate effectively in the process. However, despite these tweaks, the process is still concentrated in a few large mining pools.
As for the blocks and the rewards for them, then there are also significant differences. Monero doesn't have a hard-coded value like bitcoins, but there is a "dynamic block size". This means that blocks can grow if demand for them increases. And will decrease if it falls. This size is calculated based on the average size of the previous hundred blocks. But yes, the larger it is, the longer the mining and the slower the transactions in general.
As for the reward, like in Bitcoin, it decreases over time. But not to zero, but to a certain predetermined value. So miners will have a constant incentive to work.
Hardforks
The essential difference between Monero and Bitcoin is at the governance level. In Bitcoin, hard forks are more extreme than normal. Even the simplest update is discussed for a long time before adoption. There are reasons for this conservatism - this is the only way to achieve maximum stability, decentralization and security.
However, protocols need to be updated - only this helps to eliminate critical errors and add extremely important, necessary and useful functions. Therefore, in the situation with Bitcoin, almost every really serious protocol update either led to the creation of a new cryptocurrency, or was used to eliminate significant and extremely dangerous vulnerabilities.
It's different in Monero - hard forks are an important and regular part of the project's development. This allows you to quickly adapt to changes and implement new security protocols. Experience shows that the benefits of such regular updates are much greater than the harm. But each such hard fork can either hide a potential vulnerability or cut off from interaction a certain part of the community that has not updated its protocols.
Development
As in the case of Bitcoin, anyone can participate in the development, since the source code is open. But whether to implement the proposed changes is up to the community. At the time of this writing, it consisted of over 500 people. Including the main development team - Riccardo Spagni (FluffyPony), Francisco Cabañas (ArticMine), and a number of other comrades operating under the pseudonyms NoodleDoodle, othe, and binaryFate.
In addition, there is a crowdfunding mechanism that encourages users to offer their solutions for the development of the project. Each such decision, if made by the community, goes through a "fundraising" period. And upon reaching a certain level, part goes to the development and implementation, and part - as a reward to the one who proposed or implemented this idea.
Conclusion
For many years, Monero (XMR) has been the main cryptocurrency for those looking for maximum transaction privacy. At the same time, the project is actively developing, new updates are released, which allow the system to remain competitive.