diff --git a/docs/cryptography/cryptonight.md b/docs/cryptography/cryptonight.md new file mode 100644 index 0000000..5169218 --- /dev/null +++ b/docs/cryptography/cryptonight.md @@ -0,0 +1,5 @@ +# CryptoNight Proof of Work + +Possibly the most controversial aspect of Monero (and other CryptoNote coins) is the CryptoNight Proof of Work, +composed of 7 functions. Fortunately, the difficulty would auto-adjust should any major PoW "shortcuts" be discovered. +Still, it poses theoretical centralization risk, if the attacker manages to keep PoW exploit secret. diff --git a/docs/cryptography/ed25519.md b/docs/cryptography/ed25519.md new file mode 100644 index 0000000..44dcba6 --- /dev/null +++ b/docs/cryptography/ed25519.md @@ -0,0 +1,7 @@ +# Ed25519 curve + +Monero uses Ref10 implementation by Daniel J. Bernstein. + +## Reference + +https://stackoverflow.com/questions/19147619/what-implementions-of-ed25519-exist diff --git a/docs/cryptography/keccak-256.md b/docs/cryptography/keccak-256.md new file mode 100644 index 0000000..90d6308 --- /dev/null +++ b/docs/cryptography/keccak-256.md @@ -0,0 +1,36 @@ +# Keccak-256 hash function + +Monero employs Keccak-256 as a hashing function. + +Keccak is the leading hashing function, designed by non-NSA designers. +Keccak won [NIST competition](https://en.wikipedia.org/wiki/NIST_hash_function_competition) to become the official SHA3. + +## Uses + +Monero does **not** employ Keccak for Proof-of-Work. Instead, Keccak is used for: + +* random number generator +* block hashing +* transaction hashing +* stealth address private key image (for double spend protection) +* public address checksum +* RingCT +* multisig +* bulletproofs + +...and likely a few other things. + +## Keccak-256 vs SHA3-256 + +SHA3-256 is Keccak-256, except NIST changed padding. +For that reason original Keccak-256 gives in a different hash value than NIST SHA3-256. + +Monero uses original Keccak-256. +The NIST standard was only published on August 2015, while Monero went live on 18 April 2014. + +## Reference + +* [Keccak source code used in Monero](https://github.com/monero-project/monero/blob/5c2dfe157b48a486eb2b92dcf8789b3b1eb20f60/src/crypto/keccak.c) +* [SHA3 on Wikipedia](https://en.wikipedia.org/wiki/SHA-3) +* [Keccak-256 vs SHA3-256](https://ethereum.stackexchange.com/questions/550/which-cryptographic-hash-function-does-ethereum-use) explained on Ethereum stackexchange +* [Online tool to calculate Keccak-256 and SHA3-256](https://emn178.github.io/online-tools/keccak_256.html) diff --git a/docs/cryptography/overview.md b/docs/cryptography/overview.md new file mode 100644 index 0000000..52336e9 --- /dev/null +++ b/docs/cryptography/overview.md @@ -0,0 +1,8 @@ +# Monero cryptography overview + +Monero uses a wide variety of cryptographic primitives for various use cases. + +Comparing to altcoins, Monero cryptography is considered conservative, sound and robust. + +Comparing to Bitcoin, Monero uses much more primitives, and some of them are more advanced, especially those related to privacy and Proof of Work. +Some choices are deliberately non-standard (for better or worse) - oftentimes a legacy of the CryptoNote protocol. diff --git a/docs/cryptography/prng.md b/docs/cryptography/prng.md new file mode 100644 index 0000000..80806f9 --- /dev/null +++ b/docs/cryptography/prng.md @@ -0,0 +1,18 @@ +# Monero Pseudo Random Number Generator + +Monero uses PRNG based on Keccak hashing function. + +The seed comes from entropy sources provided by operating system. +On Linux and MacOS this translates to `/dev/urandom`. +On Windows the WinAPI `CryptGenRandom` call is used. + +There is no reseeding. + +## Caveats + +* In Monero source code you can also find libsodium based random bytes generator. It is part of the embedded library and apparently is not used in actual Monero code. + +## Reference + +* [Source code](https://github.com/monero-project/monero/blob/1a4298685aa9e694bc555ae69be59d14d3790465/src/crypto/random.c) +* [StackExchange answer](https://monero.stackexchange.com/a/2076/3218) diff --git a/docs/technical-specs.md b/docs/technical-specs.md index 746563d..c2c5dff 100644 --- a/docs/technical-specs.md +++ b/docs/technical-specs.md @@ -1,6 +1,10 @@ # Monero Technical Specs -## No premine, no instamine, no token +## Live + +* Monero blockchain is live since 18 April 2014 + +## No premine, no instamine, no ICO/token * Monero had no premine or instamine * Monero did not sell any token @@ -32,7 +36,7 @@ ## Emission curve -**Main curve** +**Main emission** First, the main emission is about to produce ~18.132 million coins by the end of May 2022. @@ -40,7 +44,7 @@ As of Dec 2017 the emission is about 30 XMR per 10 minutes. See [charts and details](https://www.reddit.com/r/Monero/comments/512kwh/useful_for_learning_about_monero_coin_emission/). -**Tail curve** +**Tail emission** The tail emission kicks in once main emission is done. @@ -60,6 +64,12 @@ This translates to <1% inflation decreasing over time. * Stealth addresses -## Amount obfuscation +## Amount privacy * Ring confidential transactions + +## IP address privacy + +* not built in +* use TOR or I2P +* there is an ongoing effort to integrate I2P into Monero: the Kovri project diff --git a/mkdocs.yml b/mkdocs.yml index 5ba55f9..ea4295b 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -10,6 +10,11 @@ pages: - Technical Specs: 'technical-specs.md' - Primitives: - Base58: 'primitives/base58.md' +- Cryptography: + - Overview: 'cryptography/overview.md' + - PRNG: 'cryptography/prng.md' + - 'Keccak-256': 'cryptography/keccak-256.md' +# - CryptoNight PoW: 'cryptography/cryptonight.md' - Address: - Standard: 'public-address/standard-address.md' - Integrated: 'public-address/integrated-address.md'