Listen up n00bs!
Today we will do another shitty explanation.
This time - it's ring signatures.
Let’s dig in…
Wtf is this shit?
FIRST THINGS FIRST N00BS - inputs and outputs in Bitcoin. Just so you understand how the system works.
Simply put: the transaction input is really the Bitcoin address FROM which the money was sent...the sender’s address. The transaction output is the address TO which the money was sent.
Got it? Good.
Ring signatures - used famously in Monero...as well as Particl and other projects, is a way to add more privacy to crypto transactions.
Now, ring signatures add privacy to the input side of the transaction. Unlike a Bitcoin transaction where there is one signer (using their private key), with ring signature transactions a ring is formed. Basically, a ring signature is a type of digital signature where a group of possible (decoy) signers are merged together to create one, unique signature that authorizes a transaction.
More specifically, a ring signature is made up of the actual signer, in addition to a bunch of non-signers. These non-signers are simply past transaction outputs grabbed from the blockchain’s history. The actual signer has a one-time spend key that corresponds with one of the outputs (the actual one) being sent from the sender’s wallet. To onlookers, both the actual signer and all of the decoy non-signers are equal and valid. The non-signers outputs as mentioned, are meant to act as decoys since they do makeup parts of the input of the transaction.
Now...one issue here is that if no one can tell which outputs are real...how do we stop the spending of outputs twice...AKA the classic double-spend problem. More technically, you need to ensure that each input corresponds to one output and can’t be used twice. Remember...in crypto you are not tracking “coins” per say, but a string of balances going along with transactions, made up of inputs and outputs.
SO….to stop the double-spending problem and to verify outputs being spent with a ring signature we must have a system for verifying the outputs (duh).
This is generally done with the use of key-images. A key image is a cryptographically secure key derived from an output of a transaction being spent (and is part of every ring signature). Only one key-image exists for each transaction output and the miners know a list of all key-images used and quickly reconcile against that (basically...for your sake of understanding). This allows miners to quickly verify that one of the outputs has not been used and thus, no “coins” are being double-spent.
QUICK EXAMPLE: If you want to send us Monero with a ring size value of 7. Then one of the seven inputs will be from you, and the other 6 will be old transaction outputs from the blockchain. Those 6 transaction signatures are decoys that help build the larger, unique ring signature input. You sign the transaction with your one-time spend key and using a key image, the Monero network can quickly verify that there is a valid transaction that has not been used, so the transaction is valid and bam you are done.
OH! Then there is Ring CT, Ring CT simply obscured the AMOUNT being used in the transaction of the ring signature transaction.
AND BOOM. There you have it. All in, it’s a way to obscure who the heck is sending shit.
Hope you learned some shit.
If you have any questions, feel free to reach out to us or follow us on Twitter.
- Mike and Aaron