Originally published in the NOWNodes blog.
Monero went through its latest fork on October 17th, 2020. Fork, or hard fork as it was in this case, implies a major network upgrade for the privacy coin. In Monero, these hard forks or network upgrades improve the base protocol and are non-contentious. It means that there will be no splitting and no new creation of a coin.
To be more specific, in this fork, Monero aimed to introduce some new features such as new ring signature construction CLSAG. How this feature would be helpful in the Monero community’s future is something that we will discuss in some time. But, before that, let’s have a look at what this hard fork means for the users at the level of usage and functionality of the platform.
What does it mean for the end-user?
- For the end-user, the hard fork is nothing to worry about. It is a simple software update. Any user who uses the app after 17th October would have to update their software.
- The company posted detailed instructions on how to carry out the update. For the holders of wallets or nodes, the process was to simply replace the previous version of the software, be it Monerod, Monero-wallet-cli, or Monero-wallet-gui with the new versions.
- It is no different for users who have their coins on a paper wallet. Whenever the user decides to move his/her coins, he/she would have to use an updated version of the software. That’s it.
- The hard fork didn’t mean any change for the mining community as well. The PoW consensus-building mechanism was not affected in any way in the update. Therefore, the miners could carry on with their work even without updating their software.
What the hard fork tried to achieve?
As mentioned already, the purpose of the Monero fork was to introduce a new feature known as a new ring signature construction CLSAG. We will discuss this in the next segment.
From MLSAG to CLSAG
- Monero uses a transaction protocol that is signer-ambiguous. It included many cryptographic components. One of these components was MLSAG which was a type of ring signature construction. Whenever a Monero user initiated a transaction, the system generated one or more MLSAG signatures to obfuscate the signers and the amount involved in the transaction.
- The latest introduction of CLSAG was aimed at replacing MLSAG. Its purpose was to improve efficiency. Monero Research Lab used some simpler but efficient algorithms by the virtue of which the CLSAG signatures could achieve the same functionality as MLSAG. But, where CLSAG raced ahead of its predecessor was that it could do the same at a much lesser size more quickly. To improve speed, the research lab optimized the underlying cryptography.
The transition from MLSAG to CLSAG also improved the security of Monero. The transition was preseeded with good cryptographic construction. And the construction was done keeping a formal security model in mind.
It would be relevant to mention here that security models are important in protecting the system from hackers and attackers. A security model conceives of hypothetical attackers. After that, it formalizes the capabilities of these hackers or attackers. Once the formalization has been done, it proves that these attackers can not break into particular security protocols of the network.
While implementing CLSAG, the developers created a scenario where hypothetical attackers could allure honest users of the platform to obtain their keys. They were also hypothesized of being able to convince the users to carry out transactions of their wish. The security enhancement proved effective against such scenarios.
The Improvement in Numbers
The fork on 17th October changed the signature protocol from MLSAG to CLSAG. The users, however, only had to update their software. For users of hardware wallets, the fork meant an update in their firmware, the latest firmware that could support the update.
Since a transition from MLSAG to CLSAG implies an improvement in the transaction size, let’s have a look at what transaction size means in Monero.
The size of transactions in Monero depends on two factors. The first one is the number of the previous transaction outputs one spends. The second one is the number of new transactions the user generates. On average, most of the transactions spend two previous outputs and generate two new outputs as well. With MLSAG in place, these transactions occupied approximately 2.5 kilobytes of space on the blockchain. With the implementation of CLSAG, it came down to 1.9 kilobytes. It was a significant improvement of 25% compared to the MLSAG standards.
With every new transaction happening, the Monero software verifies the signatures of these transactions. It is the standard protocol to verify that the transactions are valid. For individual transactions, the time taken to verify the signature is almost negligible. It is usually in tens of milliseconds. However, the users generally have to wait for confirmation till the entire block, which includes that transaction, is verified. This takes time. Although the time is a function of the efficiency of the computer, under CLSAG it would take far less than it used to take under MLSAG.
Testings under the CLSAG protocol show that the time taken to verify signatures have undergone an improvement of nearly 20%. The transaction-wise overall improvement was 10%.
Before deploying the code, Monero had commissioned an audit of the proposed changes. The audit looked into both aspects of CLSAG cryptography and the veracity of the implementation code. The aspect of CLSAG cryptography included the algorithms, the security models, and the proofs.
For the audit, Monero employed two expert cryptographers: JP Aumasson and Antony Vennard. For support and coordination, there were Monero Audit Workgroup and the Opensource Technology Improvement Fund. Donations from the Monero community took care of the expenses of this exercise.
The review process was divided into two segments. Examinations in the first segment took care looked into the security of the CLSAG. The reviewers could not find any issues in the algorithms. However, they made crucial recommendations to improve security proofs. Before going live, the network accommodated the modifications up to the reviewers’ satisfaction. Apart from the security aspects, the reviewers also recommended some actions to improve the preprint. The recommendations were implemented.
The reviewers found the implementation codes to be well written. They also concluded the implementation to be secure. According to them, the code was a correct implementation of the algorithm devised for CLSAG. Although the committee made some suggestions relating to the code, none of them pertained to any security aspect.
The success of the review stood testimony to the fact that the MLSAG to CLSAG transition was carried out efficiently. Like software upgrades, blockchains also need to go through performance improvements at frequent intervals. Blockchain is an emerging technology with new people joining the bandwagon each day that translates to increased attention and opportunities. But, what these changes also bring with them are the possibilities of congestion and reduced efficiency, and increased hacks and attacks.
The Monero fork, which improved speed and reduced requirements of space per transaction, indicated that the platform is on its toes when it comes to matching up with improving technology. Moreover, it also proved that the platform does not compromise security as a trade-off for improved performance.