Paper 2019/595
DLSAG: Non-Interactive Refund Transactions For Interoperable Payment Channels in Monero
Pedro Moreno-Sanchez, Arthur Blue, Duc V. Le, Sarang Noether, Brandon Goodell, and Aniket Kate
Abstract
Monero has emerged as one of the leading cryptocurrencies with privacy by design. However, this comes at the price of reduced expressiveness and interoperability as well as severe scalability issues. First, Monero is restricted to coin exchanges among individual addresses and no further functionality is supported. Second, transactions are authorized by linkable ring signatures, a digital signature scheme only available in Monero, hindering thereby the interoperability with the rest of cryptocurrencies. Third, Monero transactions require high on-chain footprint, which leads to a rapid ledger growth and thus scalability issues. In this work, we extend Monero expressiveness and interoperability while mitigating its scalability issues. We present \emph{Dual Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups (DLSAG)}, a novel linkable ring signature scheme that enables for the first time \emph{refund transactions} natively in Monero: DLSAG can seamlessly be implemented along with other cryptographic tools already available in Monero such as commitments and range proofs. We formally prove that DLSAG achieves the same security and privacy notions introduced in the original linkable ring signature~\cite{Liu2004} namely, unforgeability, signer ambiguity, and linkability. We have evaluated DLSAG and showed that it imposes even slightly lower computation and similar communication overhead than the current digital signature scheme in Monero, demonstrating its practicality. We further show how to leverage DLSAG to enable off-chain scalability solutions in Monero such as payment channels and payment-channel networks as well as atomic swaps and interoperable payments with virtually all cryptocurrencies available today. DLSAG is currently being discussed within the Monero community as an option for possible adoption as a key building block for expressiveness, interoperability, and scalability.
Note: Minor changes to protocols
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Published elsewhere. Minor revision. Financial Cryptography and Data Security 2020
- DOI
- 10.1007/978-3-030-51280-4_18
- Keywords
- Linkable Ring SignaturePayment ChannelBlockchainRefund transactionsAtomic Swaps
- Contact author(s)
-
pedro sanchez @ tuwien ac at
le52 @ purdue edu
sarang @ getmonero org
surae @ getmonero org
aniket @ purdue edu - History
- 2020-10-05: revised
- 2019-06-02: received
- See all versions
- Short URL
- https://ia.cr/2019/595
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/595, author = {Pedro Moreno-Sanchez and Arthur Blue and Duc V. Le and Sarang Noether and Brandon Goodell and Aniket Kate}, title = {{DLSAG}: Non-Interactive Refund Transactions For Interoperable Payment Channels in Monero}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/595}, year = {2019}, doi = {10.1007/978-3-030-51280-4_18}, url = {https://eprint.iacr.org/2019/595} }