-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rangeproofs #1
Comments
This repo was an educational exercise to help me with understanding during the process of writing this which was actually written in 2015 (despite the date on the pdf, that reflects minor edits). In that doc I go into the rangeproof construction in considerable detail (in the form used in the original Elements Alpha codebase; note that the Monero RingCT form described in your link is a slightly different (and suboptimal) form). |
Hey @AdamISZ thanks for the reply. I actually managed with that post to construct range proofs. Therefore I thank you a lot for the clear post. I'm now in the process of understanding multi-input and multi-output aspects. Since you go in confidential transactions with 1-in and 1-out, with an additional fee. There's a missing connection with the stealth addresses that are being used. I had the question if you would be able to explain the process of multi-input and multi-output and how the spend keys, derived from the incoming transactions, are used. In addition, how to link the created signatures and range proofs to a recipient. Is that possible for you to explain? EDIT: I have seen the bulletproof design, but for my current research I just have to show the appliance of borromean signatures and how they are used. But I will definitely look into it for future work. |
I believe the features you're describing there (stealth addresses, spend keys) are specific to Monero; at least, they are not part of CT itself. I only have a passing knowledge of some aspects of Monero, and in particular I don't know much if anything about the whole of ringCT itself. You should reach out to Monero people; one place is on freenode #monero-research-lab , they have other channels they can guide you to to get answers. |
First off, I greatly appreciate your Python implementation of Borromean signatures. It helps me a lot in my project. Next, I would like to request a feature: range proofs.
Rangeproofs, as shown in here have the ability to hide the transaction amount also. This would mean that you don't need any P_i's anymore from the network, but can just create a Borromean signature from the commitments made for the rangeproof. Would it be possible to have those implemented? If needed, I can aid you in the progress.
The text was updated successfully, but these errors were encountered: