Cryptology ePrint Archive: Report 2021/1077

MProve+ : Privacy Enhancing Proof of Reserves Protocol for Monero

Arijit Dutta and Suyash Bagad and Saravanan Vijayakumaran

Abstract: Proof of reserves protocols enable cryptocurrency exchanges to prove solvency, i.e. prove that they have enough reserves to meet their liabilities towards their customers. MProve (EuroS&PW, 2019) was the first proof of reserves protocol for Monero which provided some privacy to the exchanges’ addresses. As the key images and the addresses are inherently linked in the MProve proof, an observer could easily recognize the exchange-owned address when a transaction spending from it appears on the blockchain. This is detrimental for an exchange’s privacy and becomes a natural reason for exchanges to not adopt MProve. To this end, we propose MProve+, a Bulletproofs- based (S&P, 2018) NIZK protocol, which unlinks the key images and the addresses, thus alleviating the drawback of MProve. Furthermore, MProve+ presents a promising alternative to MProve due to an order of magnitude smaller proof sizes along with practical proof generation and verification times.

Category / Keywords: cryptographic protocols / Cryptocurrency, Monero, Proof of Reserves

Original Publication (with major differences): IEEE Transactions on Information Forensics and Security
DOI:
10.1109/TIFS.2021.3088035

Date: received 22 Aug 2021

Contact author: arijit dutta67 at gmail com

Available format(s): PDF | BibTeX Citation

Note: This is the full version of the original paper published in IEEE Transactions on Information Forensics and Security.

Version: 20210823:063619 (All versions of this report)

Short URL: ia.cr/2021/1077


[ Cryptology ePrint archive ]