Wikipedia:Articles for deletion/CryptoNote


 * The following discussion is an archived debate of the proposed deletion of the article below. Please do not modify it. Subsequent comments should be made on the appropriate discussion page (such as the article's talk page or in a deletion review).  No further edits should be made to this page.

The result was keep based on coverage in multiple independent reliable sources. RL0919 (talk) 06:57, 19 January 2019 (UTC)

CryptoNote

 * – ( View AfD View log  Stats )

Declined PROD. Reason was: "Main source is original research, other two sources barely mention it, final source is non-reputable." I concur. Monero's probably notable, but this protocol it's built on shows little sign of independent notability outside the crypto blogs. David Gerard (talk) 09:50, 4 January 2019 (UTC)


 * Note: This discussion has been included in the list of Business-related deletion discussions. David Gerard (talk) 09:52, 4 January 2019 (UTC)
 * Note: This discussion has been included in the list of Computing-related deletion discussions. David Gerard (talk) 09:52, 4 January 2019 (UTC)
 * Note: This discussion has been included in the list of Internet-related deletion discussions. David Gerard (talk) 09:52, 4 January 2019 (UTC)


 * Delete: WP:ADVOCACY for a nn topic. K.e.coffman (talk) 00:09, 5 January 2019 (UTC)

Keep per the significant coverage in multiple independent reliable sources.  The book notes: "CryptoNote. The CryptoNote [35] design is the closest to our work in terms of provided privacy guarantees. CryptoNote relies on ring signatures to provide anonymity for the sender of a transaction. An extension of CryptoNote is fully compatible with CT [27] and has been implemented in the cryptocurrency Monero [28]. In contrast to ValueShuffle, an online mixing protocol is not required, and a sufficient anonymity set can be created using funds of users currently offline. However, CryptoNote’s use of ring signatures comes with two important drawbacks for scalability. First, CryptoNote essentially performs mixing on the blockchain and requires each transaction to contain a ring signature of size O(n), where n is the size of the anonymity set. Storing the ring signatures requires a lot of precious space in the blockchain, and verifying them puts a large burden on all nodes in the currency network. In contrast, ValueShuffle performs the actual mixing off-chain and stores only the result on the blockchain. Second, CryptoNote is not compatible with pruning, a feature supported, e.g., by the Bitcoin Core client [29]. Pruning reduces the storage requirements of nodes drastically by deleting old blocks and spent transactions once verified. This is impossible in CryptoNote because its use of ring signatures prevents clients from determining whether an transaction output has been spent and can be pruned. A CoinJoin-based approach such as ValueShuffle does not have this problem and is compatible with pruning."  The article notes: "Cryptonote: Non-interactive mixing with ring signatures The Cryptonote protocol [30] introduces a technique for users to obscure their transaction graph, in principle preventing transaction traceability. Instead of explicitly identifying the TXO being spent, a Cryptonote transaction input identifies a set of possible TXOs, including both the real TXO along with several chaff TXOs, called mixins (as illustrated in Figure 1). Instead of an ordinary digital signature, each Cryptonote transaction comes with a ring signature (a form of zero-knowledge proof) that is valid for one of the indicated TXOs, but that does not reveal any information about which one is real. To prevent double-spending, every input must provide a key image that is unique to the output being spent, and the network must check whether this key image has ever been revealed before. Several cryptocurrencies are based on the Cryptonote protocol, including Monero, Boolberry, Dashcoin, Bytecoin, and more. We focus our empirical analysis on Monero, since it is currently the largest and most popular, e.g. it has the 12th largest market cap of all cryptocurrencies, over $750M. However, our results are also applicable to other Cryptonote-based protocols (as we show for Bytecoin in Appendix C)." The article further notes: "Choosing mixin values in Cryptonote The Cryptonote protocol does not provide an explicit recommendation on how the “mixins” should be chosen. However, the original Cryptonote reference implementation included a “uniform” selection policy, which has been adopted (at least initially) by most implementations, including Monero. Since all the TXOs referenced in a transaction input must have the same denomination (i.e., a 0.01 XMR input can only refer to an 0.01 XMR output), the client software maintains a database of available TXOs, indexed by denomination. Mixins are sampled from this ordered list of available TXOs, disregarding any temporal information except for their relative order in the blockchain."  Author Shen Noether is a cryptography researcher at the Monero Research Lab. The article notes: "CryptoNote and Ring Coin advance the digital signature part of Bitcoin by using “ring signatures” which were originally described by Rivest et al. as a “digital signature that specifies a group of possible signers such that the verifier can’t tell which member actually produced the signature.” The idea, therefore, is to have the origin pubkey of a transaction hidden in a group of pubkeys all of which contain the same amount of coins, so that no one can tell which user actually sent the coins. The original CryptoNote protocol implements a slight modification of this to prevent double spends. Namely, CryptoNote employs a “traceable ring signature,” which is a slight modification of those described by Fujisaki and Suzuki. ... One possible attack against the original CryptoNote or ring-coin protocol is blockchain analysis based on the amounts sent in a given transaction. For example, if an adversary knows that .9 coins have been sent at a certain time, then they may be able to narrow down the possibilities of the sender by looking for transactions containing .9 coins. This is somewhat negated by the use of the one-time keys used in van Saberhangen’s CryptoNote protocol since the sender can include a number of change addresses in a transaction, thus obfuscating the amount which has been sent with a type of “knapsack mixing.” However this technique has the downside that it can create a large amount of “dust” transactions on the blockchain, i.e. transactions of small amounts that take up proportionately more space than their importance. Additionally, the receiver of the coins may have to “sweep” all this dust when they want to send it, possibly allowing for a smart adversary to keep track of which keys go together in some manner. Furthermore, it is easy to establish an upper and lower bound on the amounts sent. Another downside to the original CryptoNote set-up is that it requires a given pair of (P,A) of pubkey P and amount A to be used in a ring signature with other pubkeys having the same amount. For less common amounts, this means there may be a smaller number of potential pairs (P′,A′) available on the blockchain with A′ = A to ring signature with. Thus, in the original CryptoNote protocol, the potential anonymity set is perhaps smaller than may be desired. Analysis of the above weaknesses is covered in Noether et al."  From https://web.archive.org/web/20190105092134/http://xxhb.fjnu.edu.cn/inscrypt2018/ (after clicking the "Program" link): "Section 1A (Room 1): Blockchain and Crypto Currency Session Chair: Jin Li 10:50-12:20 (15 Dec) 10:50-11:05: Evaluating CryptoNote-Style blockchains  Runchao Han, Jiangshan Yu, Joseph Liu and Peng Zhang" Here is more information about the Inscrypt 2018 conference: "The 14th International Conference on Information Security and Cryptology will be held in Fuzhou, Fujian, from December 14 to 17, 2018, organized by the State Key Laboratry of Information Security of the Institute of Information Engineering of Chinese Academy of Science and the Fujian Provincial Key Laboratory of Network Security and Cryptology, Fujian Normal University. It is an annual conference targeting the top research results in the related area. Topics of interest encompass research advances in ALL areas of information security, cryptology, and their applications. Inscrypt 2018 seeks high-quality research contributions in the form of well-developed papers. The conference proceedings will be published by Springer-Verlag in LNCS series." The article notes: "CryptoNote [13] has been proposed to improve the anonymity of Bitcoin. In particular, it uses a modified version of traceable ring signatures [3], called One- time Ring Signature, to hide both the payer and payee of a transaction. However, CryptoNote cannot hide the amount of a transaction. Monero4 proposed Ring Confidential Transactions [10] (RingCT), to further hide the amount by using Pedersen Commitment [11]. ... One-time Ring Signature in CryptoNote: CryptoNote utilizes a modified version of Traceable Ring Signature [3], called One-time Ring Signature. In One- time Ring Signature, a public key Pπ and a Key Image I are derived from a private key x. The private key x and its key image Pπ are used to prove that the signer knows at least one pair of public and private keys, while I aims at preventing against the creation of multiple signatures using the same key. Thus, it prevents the double spending attack. The detailed process of One-time Ring Signature is shown in Fig. 1. ... This section compares the performance-related metrics between CryptoNote and RingCT at the protocol-level, including the core ring signature algorithm and the approaches of achieving anonymity."  More citation information available on page 80 of the book Trust, Privacy and Security in Digital Business: 14th International Conference, TrustBus 2017, Lyon, France, August 30-31, 2017, Proceedings at here. The article notes: "CryptoNote [vS13] describes a new crypto currency concept. While the basic structure of transactions and the block-chain is the same as in Bitcoin, address derivation and signature generation make use of new cryptographic methods. When transferring coins, the sender A calculates a new receiver address based on the public key B of the receiving party. The matching private key can only be calculated by the owner of the private key B. To spent coins, the transaction output is signed with a one-time ring signatures. These signatures can be veri®ed against a set of public keys without revealing the actually used private key. The most successful implementation to date is Monero. CryptoNote provides anonymity for the sender and the receiver. As it is not a mixing service but a completely new currency, it is not susceptible to DoS attacks. However, it is not compatible with Bitcoin without introducing breaking changes. Furthermore, it relies on new cryptographic methods like one-time key pairs and one-time ring signatures."</li> <li> The article notes: "3.1. CryptoNote Protocol CryptoNote[4]는 개인 정보 보호를 지향하는 암호 화폐 프로토콜로 발신자의 공개키를 여러 다른 공개키 와 그룹화 하여 함께 보내는 방식을 통해 익명성을 보장한다. CryptoNote는 CryptoNight라는 알고리즘으로 Proof of Work를 수행하여 새로운 블록을 생성한다. CryptoNight 알고리즘은 Proof-of -Work를 수행할 때 64바이트의 새 블록을 만들기 위해서 이전의 모든 블록 에 대한 정보가 있어야하기 때문에 메모리가 중점적으 로 사용될 수밖에 없다. CryptoNight 는 한번 알고리즘 이 실행될 때 2Mb 크기의 용량을 필요로 한다[5]. 메가 바이트의 메모리 사용은 ASIC pipeline에 맞지 않기 때 문에 ASIC 방식보다는 Memory-on-chip 방식을 갖춘 CPU에서 높은 성능을 보인다. CryptoNote 프로토콜 기반의 대표적인 암호 화폐는 2014년 개발된 모네로이 다[6]."</li> <li> The article notes: "2011: Cryptonote Protocol. Inspired by the idea of the blockchain, a group of developers invented a non- Bitcoin technology that theoretically could eliminate the need of trusted webservers for processing transactions, by providing unbelievably strong cryptography through the distributed network"</li> <li> The book notes: "Monero is a descendent of a lesser-known cryptocurrency called Bytecoin. Bytecoin was crafted quite differently from Bitcoin, using technology known as CryptoNote. Similar to Litecoin's scrypt, CryptoNote's block hashing algorithm aims to avoid the specialization and therefore centralization of the miners supporting the network by requiring an order of operations that favors general purpose chips like the CPUs found in PCs. Beyond a focus on more egalitarian proof-of-work, CryptoNote provided untraceable payments, unlinkable transactions, and blockchain analysis resistance.49 Adam Back is considered the inspiration for Satoshi’s proof-of-work algorithm and is president of Blockstream, one of the most important companies in the Bitcoin space. In March 2014, he tweeted about CryptoNote, saying it was one of the few ideas in the cryptocurrency space outside of Bitcoin that held a “defensible rationale for existence.”"</li> </ol>There is sufficient coverage in reliable sources to allow CryptoNote to pass Notability, which requires "significant coverage in reliable sources that are independent of the subject". Cunard (talk) 10:32, 5 January 2019 (UTC) </li></ul>
 * Pinging Articles for creation reviewer who accepted the article. Cunard (talk) 10:32, 5 January 2019 (UTC)


 * KEEP
 * CryptoNote is Monero. That bell can't be unrung.
 * How is a protocol that currently has a multi-billion dollar amount of value running on top of it somehow not noteworthy ?
 * What exactly are the references or sources you are expecting to see that are not yet there and why would you not just add them ?
 * This is absurd.
 * Aejontargaryen (talk • contribs) 19:58, 5 January 2019 (UTC) — Aejontargaryen (talk&#32;• contribs) has made few or no other edits outside this topic.
 * Being an editor of multiple topics doesn't make you an expert. It makes you an editor, just the same as a single topic editor. Having contributors who are knowledgeable on the topic is a good thing. I have mainly contributed to this topic because of the apparent lack of understanding of the significance to the technology being discussed.
 * Any discussion to be had regarding the swath of additional references and/or logical questions added so far? Aejontargaryen (talk) 05:33, 7 January 2019 (UTC)
 * Any discussion to be had regarding the swath of additional references and/or logical questions added so far? Aejontargaryen (talk) 05:33, 7 January 2019 (UTC)

<div class="xfd_relist" style="border-top: 1px solid #AAA; border-bottom: 1px solid #AAA; padding: 0px 25px;"> Relisted to generate a more thorough discussion and clearer consensus.
 * Keep per Cunard. While reviewing, I've thoroughly gone through the citations provided and found all of it acceptable. The Herald (Benison) (talk) 07:54, 10 January 2019 (UTC)

Please add new comments below this notice. Thanks, Michig (talk) 07:22, 12 January 2019 (UTC)


 * Comment When I initially proposed this article for deletion, I was unaware of the publications as cited above. Dr-Bracket (talk) 17:11, 14 January 2019 (UTC)
 * Keep per Cunard. Balkywrest (talk) 04:53, 16 January 2019 (UTC)


 * The above discussion is preserved as an archive of the debate. <b style="color:red">Please do not modify it.</b> Subsequent comments should be made on the appropriate discussion page (such as the article's talk page or in a deletion review). No further edits should be made to this page.