Skip to main content
SpringerLink
Log in

Privacy-Friendly Monero Transaction Signing on a Hardware Wallet

  • Conference paper
  • First Online:
ICT Systems Security and Privacy Protection (SEC 2020)

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 580))

Abstract

Keeping cryptocurrency spending keys safe and being able to use them when signing a transaction is a well-known problem, addressed by hardware wallets. Our work focuses on a transaction signing process for privacy-centric cryptocurrency Monero, in the hardware wallets. We designed, implemented, and analyzed a privacy-preserving transaction signing protocol that runs on a hardware wallet and protects the spending keys. Moreover, we also implemented a privacy-preserving multi-party version of the Bulletproof zero-knowledge prover algorithm, which runs on a hardware wallet with constant memory. We present the protocols and evaluate their performance on a real hardware wallet.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 129.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    By the market value https://coinmarketcap.com, accessed on 5. 1. 2020.

  2. 2.

    https://wiki.trezor.io/Trezor_Model_T.

  3. 3.

    https://micropython.org.

  4. 4.

    v in Pedersen commitment \(\gamma G + vH\), \(\gamma \xleftarrow {\tiny \$}\mathbb {Z}_l^{*}\). Refer to Sect. 3 for more details.

  5. 5.

    Multiplying by \(8^{-1}\) protects from small subgroup addition https://www.getmonero.org/2017/05/17/disclosure-of-a-major-bug-in-cryptonote-based-currencies.html.

  6. 6.

    https://www.ledger.com.

References

  1. Alonso, K.M.: Zero to monero: first edition (2018). https://www.getmonero.org/library/Zero-to-Monero-1-0-0.pdf. Accessed 20 Feb 2020

  2. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptograph. Eng. 2(2), 77–89 (2012). https://doi.org/10.1007/s13389-012-0027-1

    Article  MATH  Google Scholar 

  3. Bunz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more, pp. 315–334, May 2018. https://doi.org/10.1109/SP.2018.00020

  4. Goodin, D.: Official monero website is hacked to deliver currency-stealing malware (2019). https://arstechnica.com/information-technology/2019/11/official-monero-website-is-hacked-to-deliver-currency-stealing-malware. Accessed 26 Feb 2020

  5. Klinec, D.: Monero wallet trezor integration (2018). https://github.com/ph4r05/monero-trezor-doc. Accessed 26 Feb 2020

  6. Klinec, D., Matyas, V.: Privacy-friendly monero transaction signing on a hardware wallet, extended version. Cryptology ePrint Archive, Report 2020/281 (2020). https://ia.cr/2020/281

  7. Mesnil, C.: Ledger device for Monero. Online (2019). https://github.com/LedgerHQ/ledger-app-monero. Accessed 20 Feb 2020

  8. Noether, S.: Ring signature confidential transactions for monero. Cryptology ePrint Archive, Report 2015/1098 (2015). https://eprint.iacr.org/2015/1098

  9. Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_9

    Chapter  Google Scholar 

  10. Yao, A.C.: Protocols for secure computations. In: 23rd Annual Symposium on Foundations of Computer Science, pp. 160–164. IEEE (1982). https://doi.org/10.1109/SFCS.1982.88

  11. Young, J.: Malware steals user funds & bitcoin wallet keys from PCs (2017). https://cointelegraph.com/news/malware-steals-user-funds-bitcoin-wallet-keys-from-pcs-bitcoin-altcoins-targeted. Accessed 26 Feb 2020

Download references

Acknowledgement

We thank our colleagues Petr Švenda and Marek Sýs, who provided valuable insights and ideas that helped to improve the protocols. Thanks also go to SatoshiLabs employees, Tomáš Sušánka, Jan Pochyla and Ondřej Vejpustek who did the security review of the design and implementation and helped significantly with simplifying the protocol implementation. We also thank the anonymous reviewers for their feedback and suggestions for improvement, and to Daniel Slamanig for shepherding the final revisions of our submission. This work was partly supported by the Czech Science Foundation project 20-03426S. For an extended paper please refer to the [6].

Author information

Authors and Affiliations

  1. Masaryk University, Brno, Czech Republic

    Dusan Klinec & Vashek Matyas

Authors
  1. Dusan Klinec
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vashek Matyas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dusan Klinec .

Editor information

Editors and Affiliations

  1. University of Maribor, Maribor, Slovenia

    Marko Hölbl

  2. Goethe University Frankfurt, Frankfurt, Germany

    Kai Rannenberg

  3. University of Maribor, Maribor, Slovenia

    Tatjana Welzer

Rights and permissions

Reprints and permissions

Copyright information

© 2020 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Klinec, D., Matyas, V. (2020). Privacy-Friendly Monero Transaction Signing on a Hardware Wallet. In: Hölbl, M., Rannenberg, K., Welzer, T. (eds) ICT Systems Security and Privacy Protection. SEC 2020. IFIP Advances in Information and Communication Technology, vol 580. Springer, Cham. https://doi.org/10.1007/978-3-030-58201-2_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-58201-2_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-58200-5

  • Online ISBN: 978-3-030-58201-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation