An audit of Monero’s zk-SNARKS “bulletproofs” was completed, giving the developers a green light on implementing Zcash-style proofs for its blockchain.
When it comes to privacy coins, one of the first things that come to mind is Monero’s special blockchain that masks the participants and sums involved in transactions, opting to use special constructs known as “ring signatures”. Despite how impressive this may sound, it is not enough for the developers of the project who are currently looking to implement a new protocol for the coin’s blockchain.
We discovered that Kudelski Security finished its audit of Monero’s test of zk-SNARKs proofs in its blockchain. This audit yielded encouraging results, prompting the team behind the coin to announce it on Twitter, perhaps intending to implement this new approach in its blockchain.
Known as “bulletproofs,” this new algorithmic approach will further anonymize the cryptocurrency and change the way Monero functions to resemble Zcash’s infrastructure.
If it does this, the new proofing system for Monero would allow a transaction to take place without leaving enough of an imprint on the blockchain to determine who sent a transaction, who received it, how much was sent, and any other details that could give away crucial information.
The zk-SNARKs approach to proofing involves fully encrypting a transaction on the blockchain and providing proof that the event happened to each party without revealing any of the details of the transaction itself.
The only problem with zk-SNARKs is that very few people actually understand how the concept works, as we discussed with Reuben Yap, COO of Zcoin, in an interview.
While speaking to us about various coins and their protocols, he hinted at the idea that zk-SNARKs hasn’t been tested enough to convince him that the supply of coins using this approach could be reliably audited.
Using something so new and so difficult for even some of the foremost security experts to understand could prove to be a risky venture.
We can see in Kudelski Security report that Monero has a few minor issues, none of which severely compromise its security.
Let’s look at the code
We took a second look at the code ourselves and found that many of these problems have to do with unsafe checks on variables and many other minor bugs that could be fixed rather quickly.
However, we have concerns with one particular segment of Monero’s exponentiation algorithm, outlined in entry BP-F-002 of the report. According to Kudelski, the way in which the vector_power_sum() function processes the values sent to it could “compromise the verification of a bulletproof.
While this may sound scary, it simply means that the algorithm could return an incorrect value during a verification. It is a bug that could easily be fixed within minutes and would not warrant an incident that would even partially destroy the integrity of the Monero blockchain.
All in all, Monero looks like it is ready to enter the world of zk-SNARKs and one-up Zcash in its implementation of the protocol.