In Bitcoin, all transactions are broadcasted on a public ledger. Research has shown that external information, such as publicly announced addresses, can be used to link identities and organizations to transactions.
The default reuse of bitcoin addresses exacerbates this problem. Furthermore, the same type of mechanism used to break privacy in social networks, such as the analysis of social network topology, can be used to break privacy in the Bitcoin network.
Bitcoin and preceding alternative cryptocurrencies have attempted to solve this problem through the use of transaction mixers or ring signatures. However, there are a number of drawbacks to these proposed solutions. For one, a malicious or compromised member of a mixer or ring signature can break privacy. Furthermore, the anonymity set is a key metric to understanding how private a cryptocurrency is.
The anonymity set in formerly proposed solutions is limited by the size of the mixing cycle or ring signature. Each mixing cycle or ring signature is limited by the number of transactions per cycle, which is transitively limited by the block size of the cryptocurrency. Thus, the anonymity set in previous attempts at privacy tends to only be a few hundred transactions.
With Moneta, the anonymity set is on a dramatically higher magnitude. Instead of having anonymity set limited to the few hundreds, Moneta has an anonymity set that encompasses all “minted coins” in the Moneta system.
The magnitude of the anonymity set is on the order of millions, rather than hundreds – it makes all previous alternative cryptocurrencies aimed at privacy obsolete.
Moneta solves the privacy problem found in all previous cryptocurrencies. Moneta implements a protocol called ZeroCoin, which allows users to have complete privacy via Zero-Knowledge cryptographic proofs. Zero-Knowledge proofs allows one to show ownership of a Moneta coin without having to reveal which coin one owns.