Wed, Oct 28, 2020 5:14 PM

What Are The Ring Signatures In Monero?


Ring Signatures in Monero

Ring Signatures is one of the key technology solutions that Monero employs to achieve confidentiality. We are going to tell you what it is and why you need it. 

The Basics Of Ring Signatures

A ring signature is a digital signature developed by a person from the list of potential signers, but it doesn’t show who created it. The concept of this tool is straightforward, which doesn’t make it less efficient. A person who sends the message combines their signature with lots of other signers to generate a unified electronic signature that will represent the whole group. This system doesn’t let unauthorized people determine the original developer of the operation because randomly selected keys replace the real ones. All ring members have the same rights because all these people are valid signers of transactions.

Ring signatures got such a name because they contain a series of sectional electronic signatures from different people, and these parts form a unique signature. A bunch of signatures is called a “ring” and can be chosen from outputs from other users on the blockchain. External visitors cannot determine which of these codes belongs to a particular profile. All in all, a ring signature avoids any transaction data declassifications.

The Way Ring Signatures Work

Imagine, you need to send another member XMR. Your digital signature which permits you to make this transaction will be instantly merged with lots of other signatures that serve as a derivation. As a result, your receiver cannot find out which of the signatures is yours, and the origins of this operation are hidden.

This example will help to understand the way ring signatures work better:

  • Tom needs to send John 20 XMR and sets up this operation via his Monero account.
  • Tom’s signature for such an operation is a disposable spending key starting with the output spent from his account.
  • The non-signers of this digital signature are past transaction outputs randomly allocated from the blockchain. They act as snares in this operation.
  • All members of this system can become signers of the operation, and other users cannot determine the initial signer.
  • All output data of the digital signature together constitutes the input of the operation.
  • Tom can initiate his money transaction and be sure that third-party users won’t find out his identity.
  • Even though Tom’s real key is applied in this operation, it can be randomly picked for other operations in the Monero system to protect transactions.

How Are Ring Signatures Created?

The ring signature system is a triple ppt algorithm (Gen, Sign, Vrfy). They generate keys for members, sign messages, and verify signatures.

At different times, particular people run the Gen algorithm to develop public keys (P) and secret keys (S). There is no coordination among these people. When one of the members with a private key (Si) needs to generate an anonymous digital signature in a message (m), he selects the others’ public keys (P₁, P₂...Pn), which contains his own as well, and creates a signature (σ) based on this info (m, Si, P1, P2 ... Pn). Next, the signer outputs the signature (σ) to the message and encodes each component of the ring (Ek). All accessible keys are distinct. VrfyR (m, σ) is a system to confirm that the signature was developed by a user with a key in R.

The transmitter doesn’t have to notify other ring members or get help from them to include them in a ring.

The Foundation Of Ring Signatures

A prototype of Ring Signatures known as “group signatures” was initially represented in a 1991 paper by a cryptographer Eugene van Heyst and a computer scientist David Chaum. 

   In 2001, researchers Yael Tauman, Adi Shamir, and Ronald Rivest extended the idea of group signatures in the document known as “How to Leak a Secret”. They formalized the system of ring signatures for the first time. That idea had many similarities with group signatures, but it was impossible to find out the factual sender, and randomly selected individuals could be incorporated in the final code without further setups.

Soon it was proven that such a signature could be harnessed for digital currencies. The algorithm of this signature almost identical to the idea explained above was demonstrated in the whitepaper published by CryptoNote.

CryptoNote uses an implementation of Traceable Ring Signatures offered by Koutarou Suzuki and Eiichiro Fujisaki in the article published in 2006. A well-developed interpretation of such a signature is currently applied in lots of digital currencies that pay attention to the users’ privacy, such as Monero.

This protocol lets users avoid sharing information about their electronic wallets because their real addresses are replaced with one-time ones. CryptoNote makes blockchain analysis more complicated.

Ring Signatures In Monero

The most essential shortcoming of the Bitcoin network is that all significant information, including the exact sum, the transmitter, and the receiver is not hidden. Someone can easily track another person’s transactions by knowing his address. Lots of cryptocurrencies try to make transactions anonymous.

In 2015, the ring signature scheme was added to the Monro system to defend transactions. The idea was introduced by one of the Bitcoin Core developers Gregory Maxwell. It had many differences from Monero’s CryptoNote origins.

Since that time, Monero has improved this scheme to a multi-layer linked involuntary anonymous group signature. The whitepaper points out that such a technique makes all operations via this system anonymous by hiding their amount, sender, and beneficiary. This method was called RingCT, launched at the beginning of 2017 and used for all money operations since September 2017.

It is impossible to track transactions with Ring Signatures in Monero. Furthermore, there are no questions about interchangeability because all transaction outputs have the property of probable negation: the system cannot say which output is used and which is not.

In some Monero sources, it is noted that such signatures hide the transmitter, but it is not absolutely true. There is a great difference between senders (users) and their cryptocurrency accounts (wallets) when it comes to confidentiality. Even if a hacker finds out the ring signature, he still cannot access the transaction amount and its receiver. It decreases the harm done to both a transmitter and a receiver.

The Ring Signature system is constantly improving. Today, Monero’s developers work on the possible execution of RingCT 3.0 to operate on a reduced block size more securely. Moreover, the developers are working on new protocols Triptych, Arcturus, and Lelantus.


These days, Monero is making its services more efficient to provide whole confidentiality to all users. Such encrypted signatures are a more beneficial model than the alternatives. This is an element of blockchain confirmation confusion increasing the price and time of verifying each action. It provides anonymity and decreases the risk of counterfeiting and collusion.

The content of this article is for informational purposes only and should not be construed as investment advice. We ask you to do your research.