mirror of
https://github.com/monero-project/monero-docs.git
synced 2024-12-22 19:49:22 +00:00
Add prng, keccak-256
This commit is contained in:
parent
4f51d4f3f5
commit
74952e6cee
7 changed files with 93 additions and 4 deletions
5
docs/cryptography/cryptonight.md
Normal file
5
docs/cryptography/cryptonight.md
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
# CryptoNight Proof of Work
|
||||||
|
|
||||||
|
Possibly the most controversial aspect of Monero (and other CryptoNote coins) is the CryptoNight Proof of Work,
|
||||||
|
composed of 7 functions. Fortunately, the difficulty would auto-adjust should any major PoW "shortcuts" be discovered.
|
||||||
|
Still, it poses theoretical centralization risk, if the attacker manages to keep PoW exploit secret.
|
7
docs/cryptography/ed25519.md
Normal file
7
docs/cryptography/ed25519.md
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
# Ed25519 curve
|
||||||
|
|
||||||
|
Monero uses Ref10 implementation by Daniel J. Bernstein.
|
||||||
|
|
||||||
|
## Reference
|
||||||
|
|
||||||
|
https://stackoverflow.com/questions/19147619/what-implementions-of-ed25519-exist
|
36
docs/cryptography/keccak-256.md
Normal file
36
docs/cryptography/keccak-256.md
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
# Keccak-256 hash function
|
||||||
|
|
||||||
|
Monero employs Keccak-256 as a hashing function.
|
||||||
|
|
||||||
|
Keccak is the leading hashing function, designed by non-NSA designers.
|
||||||
|
Keccak won [NIST competition](https://en.wikipedia.org/wiki/NIST_hash_function_competition) to become the official SHA3.
|
||||||
|
|
||||||
|
## Uses
|
||||||
|
|
||||||
|
Monero does **not** employ Keccak for Proof-of-Work. Instead, Keccak is used for:
|
||||||
|
|
||||||
|
* random number generator
|
||||||
|
* block hashing
|
||||||
|
* transaction hashing
|
||||||
|
* stealth address private key image (for double spend protection)
|
||||||
|
* public address checksum
|
||||||
|
* RingCT
|
||||||
|
* multisig
|
||||||
|
* bulletproofs
|
||||||
|
|
||||||
|
...and likely a few other things.
|
||||||
|
|
||||||
|
## Keccak-256 vs SHA3-256
|
||||||
|
|
||||||
|
SHA3-256 is Keccak-256, except NIST changed padding.
|
||||||
|
For that reason original Keccak-256 gives in a different hash value than NIST SHA3-256.
|
||||||
|
|
||||||
|
Monero uses original Keccak-256.
|
||||||
|
The NIST standard was only published on August 2015, while Monero went live on 18 April 2014.
|
||||||
|
|
||||||
|
## Reference
|
||||||
|
|
||||||
|
* [Keccak source code used in Monero](https://github.com/monero-project/monero/blob/5c2dfe157b48a486eb2b92dcf8789b3b1eb20f60/src/crypto/keccak.c)
|
||||||
|
* [SHA3 on Wikipedia](https://en.wikipedia.org/wiki/SHA-3)
|
||||||
|
* [Keccak-256 vs SHA3-256](https://ethereum.stackexchange.com/questions/550/which-cryptographic-hash-function-does-ethereum-use) explained on Ethereum stackexchange
|
||||||
|
* [Online tool to calculate Keccak-256 and SHA3-256](https://emn178.github.io/online-tools/keccak_256.html)
|
8
docs/cryptography/overview.md
Normal file
8
docs/cryptography/overview.md
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
# Monero cryptography overview
|
||||||
|
|
||||||
|
Monero uses a wide variety of cryptographic primitives for various use cases.
|
||||||
|
|
||||||
|
Comparing to altcoins, Monero cryptography is considered conservative, sound and robust.
|
||||||
|
|
||||||
|
Comparing to Bitcoin, Monero uses much more primitives, and some of them are more advanced, especially those related to privacy and Proof of Work.
|
||||||
|
Some choices are deliberately non-standard (for better or worse) - oftentimes a legacy of the CryptoNote protocol.
|
18
docs/cryptography/prng.md
Normal file
18
docs/cryptography/prng.md
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
# Monero Pseudo Random Number Generator
|
||||||
|
|
||||||
|
Monero uses PRNG based on Keccak hashing function.
|
||||||
|
|
||||||
|
The seed comes from entropy sources provided by operating system.
|
||||||
|
On Linux and MacOS this translates to `/dev/urandom`.
|
||||||
|
On Windows the WinAPI `CryptGenRandom` call is used.
|
||||||
|
|
||||||
|
There is no reseeding.
|
||||||
|
|
||||||
|
## Caveats
|
||||||
|
|
||||||
|
* In Monero source code you can also find libsodium based random bytes generator. It is part of the embedded library and apparently is not used in actual Monero code.
|
||||||
|
|
||||||
|
## Reference
|
||||||
|
|
||||||
|
* [Source code](https://github.com/monero-project/monero/blob/1a4298685aa9e694bc555ae69be59d14d3790465/src/crypto/random.c)
|
||||||
|
* [StackExchange answer](https://monero.stackexchange.com/a/2076/3218)
|
|
@ -1,6 +1,10 @@
|
||||||
# Monero Technical Specs
|
# Monero Technical Specs
|
||||||
|
|
||||||
## No premine, no instamine, no token
|
## Live
|
||||||
|
|
||||||
|
* Monero blockchain is live since 18 April 2014
|
||||||
|
|
||||||
|
## No premine, no instamine, no ICO/token
|
||||||
|
|
||||||
* Monero had no premine or instamine
|
* Monero had no premine or instamine
|
||||||
* Monero did not sell any token
|
* Monero did not sell any token
|
||||||
|
@ -32,7 +36,7 @@
|
||||||
|
|
||||||
## Emission curve
|
## Emission curve
|
||||||
|
|
||||||
**Main curve**
|
**Main emission**
|
||||||
|
|
||||||
First, the main emission is about to produce ~18.132 million coins by the end of May 2022.
|
First, the main emission is about to produce ~18.132 million coins by the end of May 2022.
|
||||||
|
|
||||||
|
@ -40,7 +44,7 @@ As of Dec 2017 the emission is about 30 XMR per 10 minutes.
|
||||||
|
|
||||||
See [charts and details](https://www.reddit.com/r/Monero/comments/512kwh/useful_for_learning_about_monero_coin_emission/).
|
See [charts and details](https://www.reddit.com/r/Monero/comments/512kwh/useful_for_learning_about_monero_coin_emission/).
|
||||||
|
|
||||||
**Tail curve**
|
**Tail emission**
|
||||||
|
|
||||||
The tail emission kicks in once main emission is done.
|
The tail emission kicks in once main emission is done.
|
||||||
|
|
||||||
|
@ -60,6 +64,12 @@ This translates to <1% inflation decreasing over time.
|
||||||
|
|
||||||
* Stealth addresses
|
* Stealth addresses
|
||||||
|
|
||||||
## Amount obfuscation
|
## Amount privacy
|
||||||
|
|
||||||
* Ring confidential transactions
|
* Ring confidential transactions
|
||||||
|
|
||||||
|
## IP address privacy
|
||||||
|
|
||||||
|
* not built in
|
||||||
|
* use TOR or I2P
|
||||||
|
* there is an ongoing effort to integrate I2P into Monero: the Kovri project
|
||||||
|
|
|
@ -10,6 +10,11 @@ pages:
|
||||||
- Technical Specs: 'technical-specs.md'
|
- Technical Specs: 'technical-specs.md'
|
||||||
- Primitives:
|
- Primitives:
|
||||||
- Base58: 'primitives/base58.md'
|
- Base58: 'primitives/base58.md'
|
||||||
|
- Cryptography:
|
||||||
|
- Overview: 'cryptography/overview.md'
|
||||||
|
- PRNG: 'cryptography/prng.md'
|
||||||
|
- 'Keccak-256': 'cryptography/keccak-256.md'
|
||||||
|
# - CryptoNight PoW: 'cryptography/cryptonight.md'
|
||||||
- Address:
|
- Address:
|
||||||
- Standard: 'public-address/standard-address.md'
|
- Standard: 'public-address/standard-address.md'
|
||||||
- Integrated: 'public-address/integrated-address.md'
|
- Integrated: 'public-address/integrated-address.md'
|
||||||
|
|
Loading…
Reference in a new issue