[Cryptography] Call for Reviewers: Bulletproofs in Monero
Howard Chu
hyc at symas.com
Sun Jan 14 13:30:15 EST 2018
The Monero Cryptocurrency uses Ring Confidential Transactions (ringCT)[1] to
hide the amounts being transacted on its blockchain. One of the consequences
of hiding amounts is that you still need a means of verifying that the amounts
are legitimate, don't overflow, etc., without revealing them. In CT, "range
proofs" are used to assert the validity of output amounts. These proofs are
quite large, causing a typical 1-input/2-output Monero transaction to use
around 12.5kB. (Pre-ringCT this transaction would be only around 500 bytes.[2])
Last November saw the release of new work out of Stanford called
"Bulletproofs"[3] which makes the size of a range proof logarithmic in the
number of values, instead of the linear size they currently consume. Use of
Bulletproofs will reduce typical Monero transaction sizes by ~80%, so this is
a significant improvement. The Monero Research Lab[4] developed a prototype in
Java, and The Monero Project has subsequently implemented Bulletproofs in C++
and this code has been running on the Monero testnet since the beginning of
last December.[5]
While the researchers in the Monero Research Lab are confident in the
soundness of the math in the Bulletproofs paper, the Monero Project is being
cautious about deploying the feature to production on mainnet. The Monero
Project recognizes the value of independent 3rd-party reviews. Therefore, the
Monero Project is now soliciting help in conducting formal, in-depth reviews
of the C++ implementation. If you're interested, please contact
sarang.noether at protonmail.com for details. Funds are available to pay for
services rendered.
[1] http://www.ledgerjournal.org/ojs/index.php/ledger/issue/view/2
[2]
https://monero.stackexchange.com/questions/1271/how-do-you-calculate-the-size-of-a-monero-transaction-before-it-is-sent
[3] https://crypto.stanford.edu/bulletproofs/
[4] https://getmonero.org/resources/research-lab/
[5] https://github.com/monero-project/monero/pull/2883
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the cryptography
mailing list