4rkal/monero-site
1
0
Fork 0
mirror of https://github.com/monero-project/monero-site.git synced 2024-12-13 11:56:33 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update index.md

Browse Source 
### Update FAQ
* added key image information (double spend protection)
* clarified Pedersen commitment information
This commit is contained in:
Mike Justman 2017-08-28 14:52:38 -04:00 committed by GitHub
parent 0bbeb816be
commit 89099b411f
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
get-started/faq/index.md
View File

@ -130,12 +130,13 @@ Fungibility is a simple property of money such that there are no differences bet
<label for="tab-eleven" class="accordian">If Monero is so private how do we know they're not being created out of thin air?</label>
<div class="tab-content" markdown="1">
In Monero, every transaction generates a key image. Key images that are used more than once are rejected by the the miners as double-spends and cannot be added to a valid block. When a new transaction is received, miners verify that the key image does not already exist for a previous transaction to ensure it's not a double-spend.
The value of the inputs that you are spending and the value of the outputs you are sending are encrypted and opaque to everyone except the recipient of each of those outputs.
We can also know that transaction amounts are valid even though the value of the inputs that you are spending and the value of the outputs you are sending are encrypted and hidden to everyone except the recipient of each of those outputs.
The clever part is that they're encrypted using Pedersen commitments. What this means is that no observers can tell the amounts of the inputs and outputs, but they can do math on the Pedersen commitments to determine that no Monero was created out of thin air.
They're encrypted using Pedersen commitments. What this means is that no observers can tell the amounts of the inputs and outputs, but they can do math on the Pedersen commitments to determine that no Monero was created out of thin air.
As long as the encrypted output amounts you create (which include an output for the recipient and a change output back to yourself) plus the transaction fee (which is unencrypted) is equal to the sum of the inputs that are being spent, then you have a legitimate transaction that is not creating Monero out of thin air. Pedersen commitments mean that the sums can be verified as being equal, but the Monero value of each of the sums and the Monero value of the inputs and outputs individually are undeterminable.
As long as the encrypted output amounts you create which include an output for the recipient and a change output back to yourself plus the unencrypted transaction fee is equal to the sum of the inputs that are being spent, then you have a legitimate transaction and know no Monero is being created out of thin air. Pedersen commitments mean that the sums can be verified as being equal, but the Monero value of each of the sums and the Monero value of the inputs and outputs individually are undeterminable.
</div>
</div>