Ring signatures

Ring signatures are used for obfuscating the real input in a transaction so it’s impossible to tell what the history is of every output on the blockchain. Even Satoshi Nakamoto was investigating this technology in the early days!

Definition by  Wikipedia:

In cryptography, a ring signature is a type of digital signature that can be performed by any member of a group of users that each have keys. Therefore, a message signed with a ring signature is endorsed by someone in a particular group of people. One of the security properties of a ring signature is that it should be computationally infeasible to determine which of the group members’ keys was used to produce the signature. (…) Ring signatures were invented by Ron Rivest, Adi Shamir, and Yael Tauman, and introduced at ASIACRYPT in 2001.

Ring signatures are applied on every input in every transaction. The sender just randomly selects some other outputs with the same amount from the blockchain and signs it with his private spend key. He doesn’t need any approval from the owners of the other outputs. This can even be done offline, making it possible to do secure offline signing and broadcasting the signed transaction on an online computer.

Maybe you ask yourself by now how you can detect double spends when there is plausible deniability for every transaction output? The answer lies in the mathematics again. A “key image” is published alongside a transaction. This key images proves that one of the inputs in the ring signature is real and when sender tries to double spend the same input, the key image will be exactly the same.

Because ring signatures are enforced across the network, all coins are mixed all the time. This adds fungibility to the protocol level of Monero. If we compare this with privacy features implemented in Bictoin or DASH, we can clearly see the difference: if traceable transactions are possible on the network, regulation can force this traceability so you can never have fungibility.

Last but not least, this is tested cryptography. It exists since 2001 so we can assume it’s pretty reliable.