Omniring: Scaling Up Private Payments Without Trusted Setup

Monero uses Ring Confidential Transactions (RingCT) for providing anonymity and confidentiality. Prior attempts of analyzing RingCT schemes are either informal, miss fundamental functionality, or introduce undesirable trusted setup assumptions. Moreover, the RingCT scheme currently used in Monero limits the anonymity set due to spend proof size growing linearly with the ring size. As a solution to these problems, we present the first complete and rigorous formalization of RingCT. We then propose a generic construction of RingCT and prove it secure in our formal security model. By instantiating our generic construction with efficient zeroknowledge proofs which extends Bulletproofs, we obtain Omniring: the first RingCT scheme which 1) does not require a trusted setup or pairings, 2) has a proof size logarithmic in ring size, and 3) allows to share the same ring between all source accounts in a transaction. Omniring enables significantly improved privacy levels without sacrificing performance. Sri Aravinda (Aravind) Krishnan Thyagarajan is a PhD student at University of Erlangen-Nuremberg, Germany under the supervision of Prof. Dominique Schroeder. I specialize in analyzing theoretical foundations and various problems pertaining to blockchain and cryptocurrencies namely, privacy, anonymity, scalability and other applications.

Napsat komentář

Vaše e-mailová adresa nebude zveřejněna. Vyžadované informace jsou označeny *