Privacy is about staying one step ahead. The team behind Firo is responsible for some of the most significant blockchain privacy protocols on record, and all that tech is distilled into Firo.
Lelantus is a next-generation privacy protocol developed by Aram Jivanyan at Firo. Lelantus allows you to burn your coins, which hides them in an anonymity set of over 65,000. The receiver can redeem it from this anonymity pool, which breaks the links from your transaction and all the previous ones it has been through.
Lelantus is Firo’s next generation privacy protocol which improves on Sigma by removing the requirement of fixed denominations allowing people to burn arbitrary amounts and redeem partial amounts without revealing values or the source. Lelantus doesn’t require any trusted setup and uses only DDH assumptions. It also supports untraceable direct anonymous payments by allowing people to pass the right to redeem to someone else. Lelantus is Firo’s own innovation.
In this work, we introduce a new method of instantiating one-out-of-many proofs which reduces the proof generation time by an order of magnitude. In certain practical applications our method also helps to fasten the verification process of multiple simultaneously generated proofs. Our approach still results in shorter proofs comprised of only a logarithmic number of commitments and does not compromise the highly efficient batch verification properties endemic to the original construction. We believe this work can also foster further research towards building more efficient one-out-of-many proofs which are extremely useful constructions in the blockchain privacy space and beyond.
We believe the whole purpose of blockchain is to build systems that do not require trust, and that same principle applies to our privacy system itself. This is why we built Sigma for Zcoin in 2018. Sigma uses 256 bit ECC curves for proof sizes of just 1.5 kB - a 17x improvement on then-current technology. Sigma was a precursor to Lelantus, and set many stepping stones to get us where we are today.
One out of Many Proofs forms the foundation of Sigma which improves on Zerocoin by removing trusted setup and reducing proof sizes. Firo is also applying some further efficiency modifications to the original paper. Sigma is in development and is slated to be released in Q1 2019.
Dandelion++ protects your IP address. Before Firo transactions are broadcast to the whole network, they’re shuffled between nodes a random number of steps. This way, the origin of the broadcast is decorrelated from your IP address.
Dandelion++ was originally developed for Bitcoin as a way to obscure the origin of transactions by changing the way transactions propagate through the network. Dandelion++ is slated to go live on Bitcoin Core 0.18. Firo was the first project to go live with Dandelion++ on mainnet in September 2018.
Decentralized and fair security
Firo’s Merkle Tree Proof (MTP) mining algorithm further strengthens the practical anonymity of transactions. MTP is memory-intensive, preventing miner centralization. Nodes, however, can bypass this memory requirement. A Zcoin-sponsored audit in 2017 proved the effectiveness of this two-pronged approach.
MTP is the Proof of Work algorithm that Firo uses that promotes egalitarian mining while maintaining quick verification. The original paper had flaws as identified by Dinur and Nadler. Firo organized a bounty to harden MTP and also funded research to solve these issues as reflected in the linked paper. MTP was coded from the ground up by Firo and switched to the MTP algorithm in December 2018.