Monero ãããã¯ãã§ãŒã³ã«é¢ããã·ãªãŒãºãç¶ããŸãããä»æ¥ã®èšäºã§ã¯ãæ©å¯ãã©ã³ã¶ã¯ã·ã§ã³ãšæ°ãããªã³ã°çœ²åãå°å ¥ãã RingCT (Ring Confidential Transactions) ãããã³ã«ã«çŠç¹ãåœãŠãŸãã æ®å¿µãªãããã€ã³ã¿ãŒãããäžã«ã¯ãã®ä»çµã¿ã«é¢ããæ å ±ãã»ãšãã©ãªããç§ãã¡ã¯ãã®ã®ã£ãããåããããšåªããŸããã
ãããã¯ãŒã¯ããã®ãããã³ã«ã䜿çšããŠè»¢ééãã©ã®ããã«é ããããªãå€å
žçãªæå·é貚ã®ãªã³ã°çœ²åãæŸæ£ããã®ãããããŠãã®ãã¯ãããžãŒãããã«ã©ã®ããã«çºå±ãããã«ã€ããŠã話ããŸãã
ãã®ãããã³ã«ã¯ Monero ã§æãè€éãªãã¯ãããžãŒã® XNUMX ã€ã§ãããããèªè
ã«ã¯ãã®ãããã¯ãã§ãŒã³ã®èšèšã«é¢ããåºæ¬çãªç¥èãšãæ¥åæ²ç·æå·ã«é¢ããããçšåºŠã®ç¥èãå¿
èŠã§ã (ãã®ç¥èãããã«ç£šãäžããã«ã¯ãæ¬æžã®æåã®ç« ãèªãããšãã§ããŸã)ã«ã€ããŠã®ä»¥åã®èšäº
RingCTãããã³ã«
æå·é貚ã«å¯Ÿããèããããæ»æã® XNUMX ã€ã¯ãéä¿¡ããããã©ã³ã¶ã¯ã·ã§ã³ã®éé¡ãšæå»ã®æ
å ±ã«åºã¥ããããã¯ãã§ãŒã³åæã§ãã ããã«ããã
éé¡ãé ããšããèãã¯æ°ãããã®ã§ã¯ãªãããšã¯æ³šç®ã«å€ããŸãã ãããã³ã€ã³ã³ã¢éçºè
ã®ã°ã¬ãã°ã»ãã¯ã¹ãŠã§ã«ã¯ããããã³ã€ã³ã³ã¢ã«ã€ããŠèæžã§æåã«èª¬æãã人ã®äžäººã§ãã
ãšãããããã®ãããã³ã«ã¯ã䟡å€ä»¥äžã«å€ãã®åé¡ãåŒãèµ·ããããå°éã®åºåïŒéåžžã¯ååŒããã®ã€ãéã®åœ¢ã§åãåãïŒã§ãããã¹ãåºåã®æ··åã«é¢ããåé¡ãåãé€ãã®ã«åœ¹ç«ã¡ãŸãã
2017 幎 6 æã« Monero ãããã¯ãŒã¯ã®ããŒããã©ãŒã¯ãè¡ãããæ©å¯ãã©ã³ã¶ã¯ã·ã§ã³ã®ãªãã·ã§ã³ã®äœ¿çšãå¯èœã«ãªããŸããã ãããŠãã§ã«å幎㮠XNUMX æã«ã¯ãããŒãžã§ã³ XNUMX ã®ããŒã ãã©ãŒã¯ã«ããããã®ãããªãã©ã³ã¶ã¯ã·ã§ã³ããããã¯ãŒã¯äžã§èš±å¯ãããå¯äžã®ãã®ã«ãªããŸããã
RingCT ã¯ãè€æ°ã®ã¡ã«ããºã ãåæã«äœ¿çšããŸããå€å±€ãªã³ã¯ãããèªçºçå¿åã°ã«ãŒã眲å (Multilayered Linkable Spontaneous Anonymous Group Signatureãä»¥äž MLSAG ãšåŒã³ãŸã)ãã³ãããã¡ã³ã ã¹ããŒã (Pedersen Commitments)ãããã³ç¯å²èšŒæ (ãã®çšèªã«ã¯ãã·ã¢èªãžã®ç¿»èš³ã確ç«ãããŠããŸãã)ã ã
RingCT ãããã³ã«ã§ã¯ãã·ã³ãã« ãã©ã³ã¶ã¯ã·ã§ã³ãšãã« ãã©ã³ã¶ã¯ã·ã§ã³ãšãã XNUMX çš®é¡ã®å¿åãã©ã³ã¶ã¯ã·ã§ã³ãå°å
¥ãããŠããŸãã ãã©ã³ã¶ã¯ã·ã§ã³ã§è€æ°ã®å
¥åã䜿çšãããå ŽåããŠã©ã¬ããã¯æåã®å
¥åãçæãããã®éã®å Žåã«ã¯ XNUMX çªç®ã®å
¥åãçæããŸãã ãããã¯ãååŒéé¡ã®æ€èšŒãš MLSAG 眲åã§çœ²åãããããŒã¿ã®ç¹ã§ç°ãªããŸã (ããã«ã€ããŠã¯åŸã§è©³ãã説æããŸã)ã ããã«ãå®å
šãªã¿ã€ãã®ãã©ã³ã¶ã¯ã·ã§ã³ã¯ä»»æã®æ°ã®å
¥åã§çæã§ããåºæ¬çãªéãã¯ãããŸããã æ¬ã®äžã§
MLSAG眲å
眲åä»ããã©ã³ã¶ã¯ã·ã§ã³å ¥åãšã¯äœããæãåºããŠã¿ãŸãããã åãã©ã³ã¶ã¯ã·ã§ã³ã§ã¯ãããããã®è³éãæ¶è²»ãããçæãããŸãã è³éã®çæã¯ãã©ã³ã¶ã¯ã·ã§ã³ã®ã¢ãŠãããã (çŽæ¥çãªäŸãšããŠã¯çŽå¹£) ãäœæããããšã«ãã£ãŠçºçãããã©ã³ã¶ã¯ã·ã§ã³ã§æ¶è²»ãããã¢ãŠãããã (çµå±ã®ãšãããçŸå®ã®ç掻ã§ã¯çŽå¹£ã䜿ããŸã) ãã€ã³ãããã«ãªããŸã (éåžžã«æ··ä¹±ããããã®ã§æ³šæããŠãã ãã)ããïŒã
å ¥åã¯è€æ°ã®åºåãåç §ããŸããã䜿çšãããã®ã¯ XNUMX ã€ã ãã§ããããããç å¹ããäœæããã翻蚳履æŽã®åæãå°é£ã«ãªããŸãã ãã©ã³ã¶ã¯ã·ã§ã³ã«è€æ°ã®å ¥åãããå Žåããã®ãããªæ§é ã¯è¡åãšããŠè¡šãããšãã§ããŸããè¡ã¯å ¥åãåã¯æ··ååºåã§ãã ãã©ã³ã¶ã¯ã·ã§ã³ãåºåãæ£ç¢ºã«äœ¿çšãã (ç§å¯éµãç¥ã£ãŠãã) ããšããããã¯ãŒã¯ã«èšŒæããããã«ãå ¥åã¯ãªã³ã°çœ²åã§çœ²åãããŸãã ãã®ãããªçœ²åã«ããã眲åè ãããããã®åã®ãã¹ãŠã®èŠçŽ ã®ç§å¯éµãç¥ã£ãŠããããšãä¿èšŒãããŸãã
æ©å¯ãã©ã³ã¶ã¯ã·ã§ã³ã§ã¯åŸæ¥ã®ãã©ã³ã¶ã¯ã·ã§ã³ã¯äœ¿çšãããªããªããŸãã
ãããã¯äžåºŠã«è€æ°ã®å ¥åã«çœ²åãããããããä»ã®å ¥åãšæ··åããããããå€å±€ãšåŒã°ããŸããã€ãŸããXNUMX è¡ã§ã¯ãªãè¡åã眲åãããŸãã åŸã§èª¬æããŸãããããã¯çœ²åã®ãµã€ãºãç¯çŽããã®ã«åœ¹ç«ã¡ãŸãã
2 ã€ã®å®éã®åºåãæ¶è²»ãããããã¯ãã§ãŒã³ããã® m - 1 åã®ã©ã³ãã ãªåºåãæ··åã«äœ¿çšãããã©ã³ã¶ã¯ã·ã§ã³ã®äŸã䜿çšããŠããªã³ã°çœ²åãã©ã®ããã«åœ¢æãããããèŠãŠã¿ãŸãããã ç§ãã¡ãè²»ããåºåã®å
¬ééµã次ã®ããã«è¡šããŸãã
ãããã«å¿ããŠããŒç»åãè¿œå ããŸãã ãããã£ãŠããµã€ãºã®è¡åãåŸãããŸãã 2Ãmã ãŸããåºåã®åãã¢ã®ãããããã£ã¬ã³ãžãèšç®ããå¿
èŠããããŸãã
åºåããèšç®ãéå§ããå
¬éããŒã䜿çšããŠèšç®ãéå§ããŸãããããŠä¹±æ°çµæãšããŠã次ã®å€ãåŸãããŸãã
ããã£ã¬ã³ãžã®èšç®ã«äœ¿çšããŸã
次ã®åºåã®ã㢠(äœãã©ãã«çœ®ãæããŠããããç解ããããããããã«ããããã®å€ãç°ãªãè²ã§åŒ·èª¿è¡šç€ºããŠããŸã)ã 次ã®ãã¹ãŠã®å€ã¯ãæåã®å³ã«ç€ºãããŠããåŒã䜿çšããŠåã§èšç®ãããŸãã æåŸã«èšç®ããã®ã¯ãå®éã®åºåã®ãã¢ã«å¯Ÿãã課é¡ã§ãã
ã芧ã®ãšãããå®éã®åºåãå«ãåãé€ããã¹ãŠã®åã¯ãã©ã³ãã ã«çæãããæ°å€ã䜿çšããŸããã ã®ããã« Ï- åãå¿
èŠã«ãªããŸãã å€èº«ããŸãããs:
眲åèªäœã¯ã次ã®ãã¹ãŠã®å€ã®ã¿ãã«ã§ãã
ãã®ããŒã¿ã¯ãã©ã³ã¶ã¯ã·ã§ã³ã«æžã蟌ãŸããŸãã
ã芧ã®ãšãããMLSAG ã«ã¯èª²é¡ã XNUMX ã€ã ãå«ãŸããŠããŸã c0ããã«ããã眲åã®ãµã€ãºãç¯çŽã§ããŸã (ãã§ã«å€ãã®ã¹ããŒã¹ãå¿ èŠã§ã)ã ããã«ãæ€æ»å®ã¯ããŒã¿ã䜿çšããŠããå€ c1ãâŠãcm ã埩å ããããã確èªããŸããã ãããã£ãŠããªã³ã°ã¯éãããã眲åãæ€èšŒãããŸããã
ãã«ã¿ã€ãã® RingCT ãã©ã³ã¶ã¯ã·ã§ã³ã®å Žåãæ··ååºåãå«ããããªãã¯ã¹ã«ãã XNUMX è¡ãè¿œå ãããŸãããããã«ã€ããŠã¯ä»¥äžã§èª¬æããŸãã
Pedersenã®ã³ãããã¡ã³ã
Monero ã³ãããã¡ã³ãã¯ãéééé¡ãé ããæãäžè¬çãªãªãã·ã§ã³ã§ãã Pedersen ã³ãããã¡ã³ãã䜿çšããããã«äœ¿çšãããŸãã ã¡ãªã¿ã«ãèå³æ·±ãäºå® - éçºè
ã¯åœåãéåžžã®æ··åã«ãã£ãŠéé¡ãé ãããšãã€ãŸãäžç¢ºå®æ§ãå°å
¥ããããã«ä»»æã®éã®åºåãè¿œå ããããšãææ¡ããŸãããããã®åŸã³ãããã¡ã³ãã«åãæ¿ããŸããïŒã³ã¹ããç¯çŽãããšããäºå®ã¯ãããŸããïŒä»¥äžã§èª¬æããããã«ããã©ã³ã¶ã¯ã·ã§ã³ ãµã€ãº)ã
äžè¬ã«ãã³ãããã¡ã³ãã¯æ¬¡ã®ããã«ãªããŸãã
ã©ã C â ã³ãããã¡ã³ããã®ãã®ã®æå³ã a - é ãããéé¡ã H ã¯æ¥åæ²ç·äžã®åºå®ç¹ (è¿œå ã®ãžã§ãã¬ãŒã¿ãŒ)ããã㊠x â ããçš®ã®ä»»æã®ãã¹ã¯ãã©ã³ãã ã«çæãããé èœèŠçŽ ã ããã§ãã¹ã¯ãå¿
èŠã«ãªãã®ã¯ã第äžè
ãã³ãããã¡ã³ãã®äŸ¡å€ãç°¡åã«æšæž¬ã§ããªãããã«ããããã§ãã
æ°ããåºåãçæããããšããŠã©ã¬ããã¯ãã®ã³ãããã¡ã³ããèšç®ãã䜿çšããããšããã©ã³ã¶ã¯ã·ã§ã³ã®ã¿ã€ãã«å¿ããŠãçæäžã«èšç®ãããå€ãååŸããããåèšç®ããŸãã
ãªã³ã°CTã·ã³ãã«
åçŽãª RingCT ãã©ã³ã¶ã¯ã·ã§ã³ã®å Žåããã©ã³ã¶ã¯ã·ã§ã³ãã€ã³ãããã®éãšåãéã®ã¢ãŠããããã確å®ã«äœæãã (äœããªããšãããããéãçã¿åºãããã§ã¯ãªã) ããã«ã¯ãæåãš XNUMX çªç®ã®ãã©ã³ã¶ã¯ã·ã§ã³ã®ã³ãããã¡ã³ãã®åèšããããã¯åãã§ãããã€ãŸã:
ã³ãããã¡ã³ãå§å¡äŒã¯ããã¹ã¯ãªãã§ã¯ãããå°ãç°ãªãæ¹æ³ã§æ€èšããŸãã
ã©ã a â ææ°æã®éé¡ã¯å
¬éãããŠããŸãã
ãã®ã¢ãããŒãã«ãããä¿¡é Œåœäºè ã«å¯ŸããŠãé瀺ããããšãªãåãéã䜿çšããŠããããšã蚌æããããšãã§ããŸãã
ããããããããããã«ãäŸãèŠãŠã¿ãŸãããã ãã©ã³ã¶ã¯ã·ã§ã³ã 10 XMR ãš 5 XMR ã® 12 ã€ã®åºå (ã€ãŸããå ¥åã«ãªã) ãæ¶è²»ãã3 XMR ã«çžåœãã 4 ã€ã®åºå (5ã3ãããã³ 15 XMR) ãçæãããšããŸãã åæã«ãXNUMX XMR ã®ææ°æãæ¯æããŸãã ãããã£ãŠã䜿çšãããéé¡ãšçæãããéé¡ããã³ææ°æã足ããéé¡ã¯ XNUMX XMR ã«çãããªããŸãã ã³ãããã¡ã³ããèšç®ããŠããã®éé¡ã®éããèŠãŠã¿ãŸããã (èšç®ãæãåºããŠãã ãã)ã
ããã§ãæ¹çšåŒãåæããã«ã¯ãå
¥åãã¹ã¯ãšåºåãã¹ã¯ã®åèšãåãã§ããå¿
èŠãããããšãããããŸãã ãããè¡ãããã«ããŠã©ã¬ããã¯ã©ã³ãã ã« x1ãy1ãy2ãy3ããããŠæ®ãã® x2 次ã®ããã«èšç®ããŸãã
ãããã®ãã¹ã¯ã䜿çšãããšãéé¡ãé瀺ããããšãªããæ¯åºä»¥äžã®è³éãçã¿åºããŠããªãããšãæ€èšŒè
ã«èšŒæã§ããŸãã ãªãªãžãã«ã§ãããïŒ
ãªã³ã°CTãã«
å®å
šãª RingCT ãã©ã³ã¶ã¯ã·ã§ã³ã§ã¯ã転ééé¡ã®ç¢ºèªã¯å°ãè€éã«ãªããŸãã ãããã®ãã©ã³ã¶ã¯ã·ã§ã³ã§ã¯ããŠã©ã¬ããã¯å
¥åã®ã³ãããã¡ã³ããåèšç®ãããçææã«èšç®ãããã³ãããã¡ã³ãã䜿çšããŸãã ãã®å ŽåããŒãã«çããåèšã®å·®ã¯åŸãããªããªãã代ããã«æ¬¡ã®ããã«ãªããšæ³å®ããå¿
èŠããããŸãã
ãã㯠z â å
¥åãã¹ã¯ãšåºåãã¹ã¯ã®éãã èããŠã¿ããš zG å
¬ééµãšã㊠(äºå®äžããã)ã z ã¯ç§å¯éµã§ãã ãããã£ãŠãå
¬ééµãšå¯Ÿå¿ããç§å¯éµãããããŸãã ãã®ããŒã¿ãå
¥æãããšãæ··åãããåºåã®å
¬ééµãšãšãã« MLSAG ãªã³ã°çœ²åã§äœ¿çšã§ããŸãã
ãããã£ãŠãæå¹ãªãªã³ã°çœ²åã«ãããåã® XNUMX ã€ã®ãã¹ãŠã®ç§å¯éµã確å®ã«ç¥ãããšãã§ãããã©ã³ã¶ã¯ã·ã§ã³ãæ¶è²»ããè³éãè¶
ããè³éãçæããªãå Žåã«ã®ã¿ãæåŸã®è¡ã®ç§å¯éµãç¥ãããšãã§ããŸãã ã¡ãªã¿ã«ãããªãã³ãããã¡ã³ãéé¡ã®å·®ããŒãã«ãªããªãã®ãããšãã質åã«å¯Ÿããçãã¯æ¬¡ã®ãšããã§ãã zG = 0, 次ã«ãå®éã®åºåãå«ãåãå±éããŸãã
è³éã®åå人ã¯ãèªåã«ééãããéé¡ãã©ã®ããã«ããŠç¥ãã®ã§ãããã? ããã§ã¯ãã¹ãŠãç°¡åã§ãããã©ã³ã¶ã¯ã·ã§ã³ã®éä¿¡è ãšåä¿¡è ã¯ããã©ã³ã¶ã¯ã·ã§ã³ ããŒãšåä¿¡è ã®ãã¥ãŒ ããŒã䜿çšã㊠Diffie-Hellman ãããã³ã«ã䜿çšããŠããŒã亀æããå ±æç§å¯ãèšç®ããŸãã éä¿¡è ã¯ããã®å ±æããŒã§æå·åãããåºåéé¡ã«é¢ããããŒã¿ããã©ã³ã¶ã¯ã·ã§ã³ã®ç¹å¥ãªãã£ãŒã«ãã«æžã蟌ã¿ãŸãã
ã¬ã³ãžãã«ãŒã
ã³ãããã¡ã³ãã®éé¡ãšããŠè² ã®æ°å€ã䜿çšãããšã©ããªããŸãã? ããã«ãããè¿œå ã®ã³ã€ã³ãçæãããå¯èœæ§ããããŸãã ãã®çµæã¯å®¹èªã§ããªãããã䜿çšããéé¡ããã€ãã¹ã§ã¯ãªãããšãä¿èšŒããå¿ èŠããããŸãïŒãã¡ããããããã®éé¡ã¯å ¬éããã«ãããã§ãªããšéåžžã«å€ãã®äœæ¥ãè¡ããããã¹ãŠãç¡é§ã«ãªããŸãïŒã èšãæããã°ãåèšãåºéå ã«ããããšã蚌æããå¿ èŠããããŸãã [0, 2n - 1].
ãããè¡ãã«ã¯ãååºåã®åèšã XNUMX é²æ°ã«åå²ãããã³ãããã¡ã³ããåæ¡ããšã«åå¥ã«èšç®ãããŸãã ãããã©ã®ããã«èµ·ããããäŸã§èŠãŠã¿ããšããã§ãããã
éãå°ããã4 ããã (å®éã«ã¯ 64 ããã) ã«åãŸããšä»®å®ãã5 XMR ã«çžåœããåºåãäœæããŸãã ã«ããŽãªããšã®ã³ãããã¡ã³ããšãéé¡å
šäœã®åèšã³ãããã¡ã³ããèšç®ããŸãã
次ã«ãåã³ãããã¡ã³ãããµãã²ãŒããšæ··åãããŸãã (Ci-2iH) 2015 幎ã«ã°ã¬ãã°ã»ããã¯ã¹ãŠã§ã«ã«ãã£ãŠææ¡ãããããã¡ãª ãªã³ã° ã·ã°ãã㣠(å¥ã®ãªã³ã° ã·ã°ããã£) ãšãã¢ã§çœ²åãããŠããŸã (詳现ã«ã€ããŠã¯ãã¡ããã芧ãã ãã)
ãŸãšãããšãããã¯ç¯å²èšŒæãšåŒã°ããã³ãããã¡ã³ãã§ç¯å²å
ã®éé¡ã䜿çšãããŠããããšã確èªã§ããŸãã [0, 2n - 1].
次ã¯äœã§ããïŒ
çŸåšã®å®è£
ã§ã¯ãç¯å²èšŒæã¯å€ãã®ã¹ããŒã¹ (åºåããšã« 6176 ãã€ã) ãå æããŸãã ããã«ãããååŒã®èŠæš¡ã倧ãããªããææ°æãé«ããªããŸãã Monero ãã©ã³ã¶ã¯ã·ã§ã³ã®ãµã€ãºãåæžããããã«ãéçºè
㯠Borromeo 眲åã®ä»£ããã«ããããããšã®ã³ãããã¡ã³ããå¿
èŠãšããªãç¯å²èšŒæã¡ã«ããºã ã§ããé²åŒŸæ©æ§ãå°å
¥ããŠããŸãã
質åãããããæå·é貚åéã®ãã¯ãããžãŒã«é¢ããæ°ããèšäºã®ãããã¯ãææ¡ããããã°ã«ãŒãã«ç»é²ãããããŠãã ããã
åºæïŒ habr.com