CryptoNote v 2.0

“Bitcoin” [1] has been a successful implementation of the concept of p2p electronic cash. Both professionals and the general public have come to appreciate the convenient combination of public transactions and proof-of-work as a trust model. Today, the user base of electronic cash is growing at a steady pace; customers are attracted to low fees and the anonymity provided by electronic cash and merchants value its predicted and decentralized emission. Bitcoin has effectively proved that electronic cash can be as simple as paper money and as convenient as credit cards. Unfortunately, Bitcoin suffers from several deficiencies. For example, the system’s distributed nature is inflexible, preventing the implementation of new features until almost all of the network users update their clients. Some critical flaws that cannot be fixed rapidly deter Bitcoin’s widespread propagation. In such inflexible models, it is more efficient to roll-out a new project rather than perpetually fix the original project. In this paper, we study and propose solutions to the main deficiencies of Bitcoin. We believe that a system taking into account the solutions we propose will lead to a healthy competition among different electronic cash systems. We also propose our own electronic cash, “CryptoNote”, a name emphasizing the next breakthrough in electronic cash.

[1]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[2]  Ntt Laboratorics,et al.  Universal Electronic Cash , 1992 .

[3]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[4]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[5]  Moni Naor,et al.  On Memory-Bound Functions for Fighting Spam , 2003, CRYPTO.

[6]  Joseph K. Liu,et al.  Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups (Extended Abstract) , 2004, ACISP.

[7]  Ted Wobber,et al.  Moderately hard, memory-bound functions , 2005, TOIT.

[8]  R. Rivest,et al.  Ad-Hoc-Group Signatures from Hijacked Keypairs , 2005 .

[9]  Joseph K. Liu,et al.  Linkable Ring Signatures: Security Models and New Schemes , 2005, ICCSA.

[10]  Fabien Coelho,et al.  Exponential Memory-Bound Functions for Proof of Work Protocols , 2005, IACR Cryptol. ePrint Arch..

[11]  Willy Susilo,et al.  Short Linkable Ring Signatures Revisited , 2006, EuroPKI.

[12]  Yi Mu,et al.  Ad Hoc Group Signatures , 2006, IWSEC.

[13]  M. Ulas Rational points on certain hyperelliptic curves over finite fields , 2007, 0706.1448.

[14]  Koutarou Suzuki,et al.  Traceable Ring Signature , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[15]  Colin Percival STRONGER KEY DERIVATION VIA SEQUENTIAL MEMORY-HARD FUNCTIONS , 2009 .

[16]  Eiichiro Fujisaki Sub-linear Size Traceable Ring Signatures without Random Oracles , 2011, CT-RSA.

[17]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, PASSAT 2011.

[18]  Tanja Lange,et al.  High-speed high-security signatures , 2011, Journal of Cryptographic Engineering.

[19]  Stefan Katzenbeisser,et al.  Structure and Anonymity of the Bitcoin Transaction Graph , 2013, Future Internet.

[20]  Marc Santamaría Ortega,et al.  The Bitcoin transaction graph anonymity , 2013 .

[21]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[22]  Adi Shamir,et al.  Quantitative Analysis of the Full Bitcoin Transaction Graph , 2013, Financial Cryptography.

[23]  Meni Rosenfeld,et al.  Analysis of Hashrate-Based Double Spending , 2014, ArXiv.