Tuesday, July 1, 2014

Vertcoin Introduces Stealth Addresses

It seems like forever ago that I was talking about Vertcoin (VTC), and sadly the coin has been slowly fading away -- in terms of mining profitability, coin value, and the amount of discussion oriented around the cryptocurrency. Certainly VTC is far from being dead, but with all the (empty) hype around the various PoW->PoS coins during the past couple of months, not to mention things like X11 and X13 proving to be far more popular than Scrypt-N (they're not as hard on the hardware or power bill, and hash rates are higher which some people take as being "better"), the original Scrypt-N coin has been languishing.

That all changes as of today (yesterday technically, depending on your time zone), with Vertcoin's introduction of Stealth Addresses. What exactly are Stealth Addresses, and how do they work? Well, that's where things get interesting. Let's start with a screenshot:
First things first, there was a typo (it says "Monocle" rather than "Vertcoin") in the first version of the client to support Stealth Addresses; it was fixed with an updated binary later in the day, and as the devs work on both Monocle and Vertcoin this isn't really a problem (plus they did the initial testing of Stealth Addresses on Monocle). Now, what exactly is a Stealth Transaction?

Some have erroneously labeled Stealth Addresses as just a form of transaction mixing, but that's not accurate. Put simply, there is now a new type of transaction that can take place, which uses a Stealth Address instead of a regular address, and others will not be able to see all of the transactions going into/out of these Stealth Addresses. They'll be able to see the transaction on the block chain, but they will not be able to link up the address to any specific user.

Think of it this way: if I write you a check, you can see my account number; if you write me a check, I can see your account number. However, neither of us is able to see the balance, deposits, and withdrawals that are in the account because we don't have the appropriate key. This is basically what Stealth Transactions are trying to do with Vertcoin.

The way it works is that when you create a Stealth Address and someone sends coins to that address, your client generates a one-time normal VTC address but the transaction gets tagged as a Stealth Transaction (SX). Embedded in the transaction is a marker that flags it as an SX, and your client can scan these SX to see if any match one of its Stealth Address; if they do, it can use the locally stored private key to retrieve the coins.

If you prefer a slightly more technical explanation -- understanding that this is currently closed-source code, so we don't actually know the specifics of how Vertcoin is doing things -- there is some information avaialble here. The short summary is that each Stealth Address is associated with two private keys, a Private Scan Key and a Private Spend Key. Presumably (though this isn't entirely clear), the counterpart Public Scan/Spend keys are embedded within the Stealth Address. When someone generates a Stealth Transaction using a Stealth Address, a Public Ephem Key is generated along with the standard Vertcoin address, and this becomes part of the block transaction. Using the Public Ephem Key, Private Scan Key, and Public Spend Key a receiving wallet can test a transaction to see if the Vertcoin address belongs to one of the wallet's Stealth Addresses; if it does, the Public Ephem Key, Private Scan Key, and Private Spend Key allow the wallet to retrieve the coins.

In terms of how it works with Vertcoin, at present coins from SX don't just show up in your wallet -- you have to manually tell your wallet to scan for any SX that belong to you. A future client update might make scanning for SX automatic, or something that runs every few minutes; I'm actually not quite sure what the purpose is to not have them show up automatically right now, but I think it's an effort to reduce the load on servers and exchanges. The good thing with Stealth Addresses and Stealth Transactions is that all the regular block explorer tools still work. This is in contrast to Darkcoin's DarkSend and things like Ring Signatures -- go look at the "awesome" block explorers for Monero for example and you'll find they're not particularly useful.

[Update: After redownloading the block chain, I was able to properly retrieve the SX. The text below has been edited.]

Let's walk through an example set of transactions, just to make things a bit easier to understand. I went ahead and sent a Stealth Transaction to a test address (vJmtKDHvgLV5SD1KQ2a9BhUeZaBBNhhSrkrCvfTy7cZ16pjEAnEGii1kL35FzGGeGy6g64BCErHGbczfExwcADZU43n8Y44fCGT9H9 if you're wondering). The coins disappeared from my wallet, so that went well, and I can now see the "real" one-time VTC address they were sent to (VoehMYgeLy8UAAj5TQh17fv5iRQNkSu2Ep):
So far so good; now let's see if I can find the transaction on the Vertcoin block explorer. It actually took a bit longer than I was expecting, but about 30 minutes later (ten blocks later) it showed up:
It took some time to sort things out (basically my initial block chain was somehow corrupted and I had to download it again), but once the transaction is visible on the block chain I was able to then press the "Import Stealth Address Transactions" button to collect the coins.

The first time you press this button, it appears your wallet has to scan the entire block chain looking for any matching SX; it took a couple minutes on a Core i7-4800MQ, but subsequent runs are much faster (nearly instant). And if you're wondering, the "Reset Private Keys Status" button is used to reset the scan index for SX back to the default (block 0?), but normally there shouldn't be any need to use that. One issue that remains is that there's no progress indicator or any form of feedback when you press the Import... or Reset... buttons, so hopefully that gets addressed in a future wallet update.

You'll notice that on the receiving end, it shows the original Stealth Address along with the one-time address. Interesting to note is that while my Stealth Address listed above may no longer appear very "stealthy", having that address be public knowledge still doesn't allow others to see the actual SX associated with it! Others could send me coins (donations always welcome!), but each new SX will generate a new one-time VTC address, so unless I go out of my way to publish those, no one can see what's happening inside my wallet.

Ultimately, despite a small hiccup along the way, I like the option to do these Stealth Transactions. It doesn't make things truly anonymous, but I'm not sure most people really want that level of anonymity. Right now, the SX implementation in Vertcoin is certainly better than some of the cryptic and user unfriendly stuff that needs to be done with CryptoNote coins. Could this mark a change in the global ranking of various coins? Will we see VTC valuation continue to rise while some of the other alternatives like DRK and XMR drop? I don't think that's really likely, especially considering the difficulty of mining Scrypt-N (it's simply more demanding on your GPUs and consumes more power than X11 and Cryptonight), but at least right now VTC is looking better than it has for the past couple weeks.

If you like reading these blog posts but don't want to subscribe to my thrice-weekly newsletter, please consider making purchases through my Amazon Affiliate links!

No comments:

Post a Comment