Abelian FAQ Part 3: ABE Features & Technology
Have more questions? Ask us anything in our Telegram channel.
What are the key characteristics of ABE?
Abelian Coin (ABE) is a completely new cryptocurrency, provisioning quantum-resistance and full privacy with optional accountability. We defined three levels of privacy spanning from the level as of Bitcoin (i.e. Basic Privacy) to Full Privacy, with the coin flows over addresses remain unlinkable and untraceable, and at the same, ensuring that transaction amounts are hidden. We also defined the level of Full Privacy with Accountability for accommodating applications where regulatory organizations may require the basic privacy level while keeping the full privacy level to all other participants on the ABE platform.
Besides the quantum-resistance and privacy with optional accountability, we also aim at supporting the issuance of custom tokens similar to ERC-20 tokens on the Abelian Coin Blockchain platform. This will enable community members in the ABE ecosystem to issue their own quantum-resistant tokens. We would like to give the cryptocurrency market a new option and platform, which empowers other innovators to build their next disruptive technologies and businesses using the quantum-resistant tokens supported by the ABE platform.
What “privacy” means for ABE?
“Privacy” is a key merit that physical cash notes and coins of fiat currency inherently possess, and has been one of the most important concerns since cryptocurrency was first proposed.
“Full privacy” means (1) keeping the coin addresses untraceable and un-linkable, and (2) hiding the transaction amount. The existence of a cryptocurrency which is quantum-resistant and private is an open problem, and the cryptocurrency community is actively trying to solve this challenge, which is both theoretically and practically important.
ABE is a completely new cryptocurrency, focusing on providing quantum-resistance and privacy with optional accountability, and simultaneously achieving a secure and robust consensus mechanism, and high transaction throughput, both of which are preliminary requirements for a successful cryptocurrency.
How “privacy” can be chosen?
ABE provides fine-grained privacy, where the users can determine the privacy level for each of their transactions by selecting one from the following three when they issue a transaction. This fine-grained privacy is separated into three different levels:
(a) Basic privacy: coin addresses (namely the input and output coin addresses) and transaction amounts are public, while the output coin addresses are always one-time, freshly generated for each transaction. Note that this is the best privacy level that Bitcoin and most of the other conventional cryptocurrencies can achieve.
(b) Full privacy: no one can break the ability to link or traceability of coin addresses, and transaction amounts are hidden.
(c) Full privacy with accountability: to a designated authority, it has the same privacy level as ‘Basic privacy’; to other participants, it is the same as ‘Full privacy.’
How does ABE secure client’s “privacy”?
ABE believes, as the transactions in the ledger are public and consequently are the source of privacy leakage, the following ways have been considered to protect the privacy of participants: 1. cutting the linkage between the transaction output coins and the pseudonyms, i.e. hiding the receiver/owner of a transaction output coin; 2. hiding the transaction consumed coins; 3. hiding the values of the transaction output coins.
Inspired by CryptoNote and Monero, DAPOA hides the coin receiver by using a one-time coin address which is generated from the receiver’s pseudonym address by the transaction sender, and hides the consumed coins by mixing them in a larger input.
ABE incorporates proven technologies such as, linkable ring signature and cryptographic commitment schemes in the design to offer uncompromising privacy. We seek to hide the input coin address (called ‘consumed’ coin address) in a group of coin addresses using linkable ring signature, and keep the output coin addresses public while the output coin addresses are always one-time, freshly generated for each transaction. In this way, linking is not feasible as the destination addresses are always one-time and new, while the input address of each transaction is hidden.
What is “DAPOA”?
A DAPOA scheme is a tuple of polynomial-time algorithms (Setup, CreateTrackingKey, CreatePseudonym, DeriveCoinAddress, VerifyCoinAddress, DeriveCoinSK, HideCoinValue, OpenCoinValue, ComputeCoinSN, Coinbase, TransactPublic, Mask, Unmask, TransactPrivate, VerifyTransaction, Receive, TrackTransaction, VerifyTrack) with the following syntax and semantics.
How does ABE secure “DAPOA”?
Roughly speaking, a DAPOA scheme is secure, if it is ensured that:
● Only the participant who knows the coin’s secret key can issue a transaction to consume the coin.
● Each coin can be spent only once.
● The total value of the new generated coins and the transaction fee is equal to the total value of the consumed coins.The value of each new generated coin and the transaction fee is in a certain range [0, v max].
● For a transaction output TXO, only using the secret key for the target pseudonym can compute the secret key for the coin implied by the TXO. The core of these security requirements is the Verify Transaction algorithm, once an attacker can issue transactions that pass the verification and break the above requirements, the scheme is not secure.
How could digital signatures be secured?
A secure Signature scheme can ensure that (1) only the signer (who has a private key) can generate a valid signature and (2) anyone (since the corresponding public key is published) can verify if a signature with respect to a message is valid. Thus, a Signature scheme can be used to authenticate a message.
With these features, say authenticity and non-repudiation, Signature becomes one of the foundations for cryptocurrency. In cryptocurrency, coins are “owned” by some public key — pk, and when the “real owner” of the coins wants to spend the coins through a transaction, he needs to sign a message (i.e. the transaction) using the corresponding secret key — sk. When a transaction and the corresponding signature are verified to be valid, it implies that the transaction is issued by the input coins’ real owner and the owner will not be able to deny this transaction in the future.
What exactly can digital signatures be secured?
A secured signature scheme can be used to authenticate a message and demonstrate the ownership of a document, thanks to its authenticity, integrity and non-repudiation properties.
Because it is not only can ensure that only a singer (who has a private key) can generate a valid signature, but also can ensure that everyone (since the corresponding public key is published) can verify if a signature with respect to a message is authentic.
In cryptocurrencies, coins are “possessed” under some public key pk, and when the “real possessor” of the coins wants to spend them through a transaction, he needs to generate a signature on a message (i.e. the transaction) using his private key sk. When a transaction and the corresponding signature are verified, we can then be sure that the transaction is issued by the coins’ real possessor and at the same time, the possessor can’t deny about this transaction in the future either.
What is the background of Linkable Ring Signature?
In 2004, Rivest, Shamir and Tauman introduced the concept of Ring signatures, and Bender et al. provided rigorous security definitions for ring signatures and generic constructions based on trapdoor permutations. For ring signatures, users may be unaware of each other at the time they generate their public keys and rings may be formed completely “on-the-fly” and in an ad- hoc manner, and users are given fine-grained control over the level of anonymity associated with any particular signatures (via selection of an appropriate ring).
While Ring Signature provides strong anonymity and is applicable to the scenarios of leaking a secret safely, in 2004, Liu, Wei, and Wong extended the concept and introduced the notion Linkable Ring Signature, where an additional property — linkability is added.
Linkable Ring Signature is proposed for the scenarios of e-voting, where each signer is expected to sign only once, but it is obvious that Linkable Ring Signature is also a potential tool for achieving user privacy in cryptocurrency, as it simultaneously (1) has the functionalities of Signature, (2) can hide the signer’s public key in a set of possible public keys, and (4) can prevent double-spending as signing twice for the same message by the same signer (i.e. spending the same coins twice) will be detected.
What is the difference between a Ring Signature and a Linkable Ring Signature?
Ring Signature enables a user to sign a message in a way that a ‘ring’ / set of possible signers (in which the user is a member) is specified without revealing exactly which member in that ring is the real signer who generated the signature.
Ring signature can be viewed as a group signature scheme without anonymity revocation or group setup. A linkable ring signature is an extension of ring signature so that if the same signer in that ring generates two signatures with respect to the same message, everybody can find out who the real signer is. This additional property is used in privacy coins for preventing double spending.
What is “Colored coins” on Abelian Platform?
Colored Coins is a term used to represent launching an asset class on a Blockchain. Protocols for defining transferable assets include EPOBC, OpenAssets Protocol, Colored Coins, Bitcoin Covenants (for enabling non-fungible colored coins and vaults), Representative Tokens (for Bitcoin Cash Scripting Applications), etc.
Abelian creates a framework that enables custom asset classes similar to ERC-20 tokens. All the transactions are also quantum-resistant because the signing scheme is the same as that on the Abelian platform, namely, lattice-based signature algorithms are used.
