Siqhubeka nochungechunge lwethu olumayelana ne-Monero blockchain, futhi isihloko sanamuhla sizogxila kuphrothokholi ye-RingCT (Ring Confidential Transactions), eyethula ukuthengiselana okuyimfihlo namasiginesha endandatho entsha. Ngeshwa, kunolwazi oluncane ku-inthanethi mayelana nokuthi lusebenza kanjani, futhi sizame ukugcwalisa lesi sikhala.
Sizokhuluma ngokuthi inethiwekhi iwafihla kanjani amanani okudlulisa isebenzisa le nqubo, kungani belahle amasiginesha endandatho ye-cryptonote yakudala, nokuthi lobu buchwepheshe buzothuthuka kanjani.
Njengoba le protocol ingenye yobuchwepheshe obuyinkimbinkimbi kakhulu e-Monero, umfundi uzodinga ulwazi oluyisisekelo lokuklanywa kwalesi blockchain kanye nolwazi oludlulayo lwe-cryptography ye-elliptic curve (ukuze uhlaziye lolu lwazi, ungafunda izahluko zokuqala zencwadi yethu. isihloko esandulele mayelana ).
Iphrothokholi ye-RingCT
Okunye ukuhlaselwa okungenzeka kwezimali ze-cryptonote ukuhlaziywa kwe-blockchain okusekelwe olwazini lwenani kanye nesikhathi sokuthengiselana okuthunyelwe. Lokhu kuvumela unciphise kakhulu indawo yosesho ukuze uthole ukuphuma okuthakaselayo kumhlaseli. Ukuze kuvikelwe ekuhlaziyweni okunjalo, i-Monero isebenzise iphrothokholi yokwenziwayo engaziwa efihla ngokuphelele amanani okudluliselwa kunethiwekhi.
Kuyaphawuleka ukuthi umbono wokufihla amanani awumusha. Umthuthukisi weBitcoin Core uGreg Maxwell ungomunye wabokuqala ukuyichaza kweyakhe . Ukuqaliswa kwamanje kwe-RingCT ukuguqulwa kwayo nethuba lokusebenzisa amasiginesha endandatho (noma ngabe ngaphandle kwawo), futhi kwaba kanjani igama layo - Ring Confidential Transactions.
Phakathi kwezinye izinto, iphrothokholi isiza ukuqeda izinkinga ngokuxuba okukhipha uthuli - imiphumela yemali encane (evame ukutholwa ngendlela yoshintsho kusuka kokuthengiselana), okwadala izinkinga eziningi kunalokho obekufanele.
NgoJanuwari 2017, i-hard fork yenethiwekhi ye-Monero yenzeka, okuvumela ukusetshenziswa kokuzikhethela kokuthengiselana okuyimfihlo. Futhi kakade ngo-September wonyaka ofanayo, nge-version 6 imfoloko kanzima, ukuthengiselana kwaba ukuphela okuvunyelwe kunethiwekhi.
I-RingCT isebenzisa izindlela ezimbalwa ngesikhathi esisodwa: amasiginesha eqembu axhumeke ngezigaba eziningi axhumene ngokuzenzakalelayo (Isiginesha Yeqembu Elixhumeke Kaningi Elixhumeke Ngokuzenzakalelayo, elizobizwa kamuva ngokuthi yi-MLSAG), uhlelo lokuzibophezela (Izibophezelo zikaPedersen) kanye nobufakazi bebanga (leli gama alinayo inguqulo emisiwe yesiRashiya) .
Iphrothokholi ye-RingCT yethula izinhlobo ezimbili zemisebenzi engaziwa: elula futhi egcwele. I-wallet ikhiqiza eyokuqala lapho ukuthengiselana kusebenzisa okokufaka okungaphezu kokukodwa, okwesibili - esimweni esiphambene. Ayahluka ekuqinisekisweni kwamanani okwenziwayo kanye nedatha esayinwe ngesiginesha ye-MLSAG (sizokhuluma kabanzi ngalokhu ngezansi). Ngaphezu kwalokho, ukuthengiselana kohlobo olugcwele kungenziwa nganoma iyiphi inombolo yokufakwayo, awukho umehluko obalulekile. Encwadini Mayelana nalokhu, kuthiwa isinqumo sokunciphisa ukuthengiselana okugcwele kokukodwa senziwa ngokushesha futhi singashintsha esikhathini esizayo.
Isiginesha ye-MLSAG
Masikhumbule ukuthi kuyini okokufaka kokwenziwe esayiniwe. Okwenziwayo ngakunye kusebenzisa futhi kukhiqize imali ethile. Ukukhiqizwa kwezimali kwenzeka ngokudala imiphumela yokuthengiselana (isifaniso esiqondile izikweletu), futhi umphumela osetshenziswayo (ngemuva kwakho konke, empilweni yangempela sisebenzisa imali engamaphepha) uba okokufaka (qaphela, kulula kakhulu ukudideka. lapha).
Okokufaka kubhekisela kokuphumayo okuningi, kodwa kusebenzisa okukodwa kuphela, ngaleyo ndlela kudala "isikrini sentuthu" ukwenza kube nzima ukuhlaziya umlando wokuhumusha. Uma umsebenzi unokufaka okungaphezu kokukodwa, khona-ke isakhiwo esinjalo singamelwa njenge-matrix, lapho imigqa iwukokufaka futhi amakholomu ayimiphumela exubile. Ukufakazela inethiwekhi ukuthi okwenziwayo kusebenzisa ngokunembile okokukhiphayo (owazi okhiye bawo abayimfihlo), okokufaka kusayinwa ngesiginesha yokukhala. Isiginesha enjalo iqinisekisa ukuthi osayinileyo wayazi okhiye abayimfihlo bazo zonke izici zanoma yimaphi amakholomu.
Okwenziwayo okuyimfihlo akusasebenzisi okwakudala amasiginesha endandatho, athathelwe indawo yi-MLSAG - inguqulo yesiginesha yendandatho efanayo yongqimba olulodwa eguqulelwe okokufaka okuningi, .
Abizwa nge-multilayer ngoba asayina okokufaka okuningana ngesikhathi esisodwa, ngakunye okuxutshwe nabanye abambalwa, okungukuthi i-matrix isayiniwe, hhayi umugqa owodwa. Njengoba sizobona kamuva, lokhu kusiza ukulondoloza kusayizi wesiginesha.
Ake sibheke ukuthi isiginesha yendandatho yakheka kanjani, kusetshenziswa isibonelo somsebenzi osebenzisa okuphumayo kwangempela okungu-2 futhi usebenzisa okungahleliwe okungu-m - 1 okuvela ku-blockchain ukuze kuxutshwe. Ake sikhombise okhiye basesidlangalaleni bemiphumela esiyisebenzisayo
, kanye nezithombe ezibalulekile zazo ngokufanele: Ngakho, sithola i-matrix yobukhulu 2 x m. Okokuqala, sidinga ukubala lokho okubizwa ngokuthi izinselele zepheya ngayinye yokuphumayo:
Siqala izibalo ngemiphumela, esiyisebenzisayo sisebenzisa okhiye bayo basesidlangalaleni:kanye nezinombolo ezingahleliweNgenxa yalokho, sithola amanani alandelayo:
, esiyisebenzisayo ukubala inselele
okuphumayo okulandelayo (ukwenza kube lula ukuqonda ukuthi yini esishintshayo lapho, sigqamise lawa manani ngemibala ehlukene). Wonke amanani alandelayo abalwa kumbuthano kusetshenziswa amafomula anikezwe emfanekisweni wokuqala. Into yokugcina yokubala inselele yepheya lemiphumela yangempela.
Njengoba sibona, wonke amakholomu ngaphandle kwalelo eliqukethe okukhiphayo kwangempela asebenzisa izinombolo ezikhiqizwa ngokungahleliwe. Ngoba Ο- ikholomu sizozidinga futhi. Masiguquleku-s:
Isiginesha ngokwayo iyingxenye yawo wonke lawa manani:
Le datha ibe isibhalwa okwenziwayo.
Njengoba sibona, i-MLSAG iqukethe inselele eyodwa kuphela c0, okukuvumela ukuthi ulondoloze kusayizi wesiginesha (osevele edinga isikhala esiningi). Ngaphezu kwalokho, noma yimuphi umhloli, usebenzisa idatha, ibuyisela amanani ββc1,β¦, cm bese ihlola lokho. Ngakho, indandatho yethu ivaliwe futhi isiginesha isiqinisekisiwe.
Ngokwenziwe kwe-RingCT yohlobo olugcwele, omunye umugqa owengeziwe wengezwa ku-matrix ngokuphuma okuxubile, kodwa sizokhuluma ngalokhu ngezansi.
Pedersen Izibopho
(igama lesiNgisi elithi izibophezelo livame ukusetshenziswa kakhulu) lisetshenziswa ukuze iqembu elilodwa likwazi ukufakazela ukuthi liyayazi imfihlo ethile (inombolo) ngaphandle kokuyidalula. Isibonelo, ugingqa inombolo ethile edayisini, ucabange ukuzibophezela bese ukudlulisela eqenjini eliqinisekisayo. Ngakho-ke, ngesikhathi sokudalula inombolo eyimfihlo, isiqinisekisi sibala ngokuzimela ukuzibophezela, ngaleyo ndlela siqinisekise ukuthi awuzange umkhohlise.
Izibopho ze-Monero zisetshenziselwa ukufihla amanani okudluliselwa futhi kusetshenziswe inketho evame kakhulu - ukuzibophezela kukaPedersen. Ngendlela, iqiniso elithakazelisayo - ekuqaleni abathuthukisi bahlongoza ukufihla amanani ngokuxuba okuvamile, okungukuthi, ukwengeza imiphumela yamanani angenangqondo ukuze baveze ukungaqiniseki, kodwa base beshintshela ekuzibophezeleni (akusilo iqiniso ukuthi balondoloza usayizi wokwenziwe, njengoba sizobona ngezansi).
Ngokuvamile, ukuzibophezela kubonakala kanje:
Kuphi C - incazelo yokuzibophezela ngokwayo, a - inani elifihliwe, H iyiphoyinti eligxilile ejikeni eliyi-elliptic (ijeneretha eyengeziwe), futhi x - uhlobo oluthile lwemaski engafanele, into yokucasha ekhiqizwa ngokungahleliwe. Imaski iyadingeka lapha ukuze umuntu wesithathu angakwazi ukuvele aqagele ukubaluleka kokuzibophezela.
Uma okukhiphayo okusha kukhiqizwa, isikhwama semali sibala ukuzibophezela kwakho, futhi lapho sichithwa, sithatha inani elibalwe ngesikhathi sokukhiqiza noma sibale kabusha, kuye ngohlobo lomsebenzi.
I-RingCT elula
Endabeni ye-RingCT transactions elula, ukuze kuqinisekiswe ukuthi ukuthengiselana kudalwe okuphumayo ngenani elilingana nenani lokufakwayo (akuzange kukhiqize imali emoyeni omncane), kuyadingeka ukuthi isamba sezibopho zokuqala nezesibili. ziyafana, okungukuthi:
Amakhomishana okuzibophezela akubheka njengokuhlukile - ngaphandle kwemaski:
kuphi a - inani lekhomishana, litholakala esidlangalaleni.
Le ndlela yokwenza isivumela ukuthi siqinisekise eqenjini elithembekile ukuthi sisebenzisa amanani afanayo ngaphandle kokuwadalula.
Ukuze senze izinto zicace kakhudlwana, ake sibheke isibonelo. Ake sithi okwenziwayo kusebenzisa okuphumayo okubili (okusho ukuthi baba okokufaka) kwe-10 no-5 XMR futhi kukhiqiza imiphumela emithathu ebiza u-12 XMR: 3, 4 kanye no-5 XMR. Ngesikhathi esifanayo, ukhokha ikhomishini ye-3 XMR. Ngakho, inani lemali esetshenzisiwe kanye nenani elikhiqiziwe kanye nekhomishini ilingana ne-15 XMR. Ake sizame ukubala izibopho futhi sibheke umehluko wamanani azo (khumbula izibalo):
Lapha sibona ukuthi ukuze i-equation ihlangane, sidinga izibalo zamamaski okokufaka nokuphumayo ukuze zifane. Ukuze wenze lokhu, isikhwama sikhiqiza ngokungahleliwe x1, y1, y2 kanye y3, kanye nabasele x2 ibala kanje:
Ngokusebenzisa lawa maski, singafakazela kunoma isiphi isiqinisekisi ukuthi asikhiqizi imali engaphezu kwaleyo esiyisebenzisayo, ngaphandle kokudalula inani. Okwangempela, akunjalo?
I-RingCT igcwele
Ekwenziweni okuphelele kwe-RingCT, ukuhlola amanani okudlulisa kuyinkimbinkimbi kancane. Kule misebenzi, isikhwama asibali kabusha izibopho zokufakwayo, kodwa sisebenzisa lezo ezibalwe lapho kukhiqizwa. Kulokhu, kufanele sicabange ukuthi ngeke sisawuthola umehluko ngezibalo ezilingana noziro, kodwa kunalokho:
kuyinto z β umehluko phakathi kwamaski okufaka nawokukhiphayo. Uma sicabangela zG njengokhiye wasesidlangalaleni (okuyi-de facto), ke z ukhiye oyimfihlo. Ngakho, siyabazi okhiye basesidlangalaleni nabahambisanayo abayimfihlo. Ngale datha esandleni, singayisebenzisa kusiginesha yeringi ye-MLSAG kanye nokhiye basesidlangalaleni bezinto eziphumayo ezixutshwayo:
Ngakho, isiginesha yendandatho evumelekile izoqinisekisa ukuthi siyabazi bonke okhiye abayimfihlo beyodwa yamakholomu, futhi singakwazi kuphela ukwazi ukhiye oyimfihlo kumugqa wokugcina uma umsebenzi ungakhiqizi imali eningi kunaleyo eyisebenzisayo. Ngendlela, nansi impendulo yombuzo othi "kungani umehluko enanini lezibopho ungaholeli ku-zero" - uma zg = 0, bese sizonweba ikholomu ngemiphumela yangempela.
Umamukeli wezimali wazi kanjani ukuthi yimalini ethunyelwe kuye? Yonke into ilula lapha - umthumeli wokwenziwe kanye nokhiye bokushintshana kwabamukeli besebenzisa iphrothokholi ye-Diffie-Hellman, besebenzisa ukhiye wokwenziwayo kanye nokhiye wokubuka womamukeli futhi abale imfihlo eyabiwe. Umthumeli ubhala idatha mayelana namanani okukhiphayo, abethelwe ngalo khiye owabiwe, ezinkambini ezikhethekile zomsebenzi.
Ubufakazi bebanga
Kwenzekani uma usebenzisa inombolo enegethivu njengenani lezibopho? Lokhu kungase kuholele esizukulwaneni sezinhlamvu zemali ezengeziwe! Lo mphumela awamukelekile, ngakho-ke kudingeka siqinisekise ukuthi amanani esiwasebenzisayo awanawo amabi (ngaphandle kokudalula la manani, kunjalo, ngaphandle kwalokho kunomsebenzi omningi futhi konke kuyize). Ngamanye amazwi, kufanele sifakazele ukuthi isamba sisesikhathini sokuphumula [0, 2n - 1].
Ukwenza lokhu, isamba somkhiqizo ngamunye sihlukaniswa ngamadijithi kanambambili futhi ukuzibophezela kubalwa ngedijithi ngayinye ngokwehlukana. Kungcono ukubona ukuthi lokhu kwenzeka kanjani ngesibonelo.
Ake sicabange ukuthi amanani ethu mancane futhi angena kumabhithi angu-4 (uma sisebenza lokhu amabhithi angu-64), futhi sakha okukhiphayo okubiza u-5 XMR. Sibala izibopho zesigaba ngasinye kanye nesamba sokuzinikela kulo lonke inani:
Okulandelayo, ukuzibophezela ngakunye kuxutshwa nomuntu ongeyena (Ci-2iH) futhi isayinwe ngababili ngesiginesha yendandatho ye-Borromeo (enye isignesha yendandatho), ehlongozwa ngu-Greg Maxwell ngo-2015 (ungafunda kabanzi ngakho ):
Kuhlanganiswe ndawonye, ββlokhu kubizwa ngokuthi ubufakazi bebanga futhi kukuvumela ukuthi uqinisekise ukuthi izibopho zisebenzisa amanani ebangeni [0, 2n - 1].
Yini okulandelayo?
Ekusetshenzisweni kwamanje, ubufakazi bebanga buthatha indawo enkulu - amabhayithi angu-6176 ngokukhipha ngakunye. Lokhu kuholela ekuthengiseni okukhulu ngakho-ke izindleko eziphezulu. Ukuze kuncishiswe usayizi womsebenzi we-Monero, onjiniyela bethula ama-bulletproofs esikhundleni samasiginesha e-Borromeo - indlela yobufakazi bebanga ngaphandle kwezibopho ezihlakaniphile. , bayakwazi ukunciphisa ubukhulu bobufakazi bebanga kufika ku-94%. Ngendlela, maphakathi noJulayi ubuchwepheshe budlulile kusuka ku-Kudelski Security, engazange iveze noma yikuphi ukushiyeka okuphawulekayo kubuchwepheshe ngokwabo noma ekusebenziseni kwabo. Ubuchwepheshe sebuvele busetshenziswa kunethiwekhi yokuhlola, futhi ngemfoloko entsha eqinile, cishe ingathuthela kunethiwekhi enkulu.
Buza imibuzo yakho, phakamisa izihloko zezihloko ezintsha mayelana nobuchwepheshe emkhakheni we-cryptocurrency, futhi ubhalisele iqembu lethu ku ukuze uhlale unolwazi ngemicimbi nezincwadi zethu.
Source: www.habr.com