Conclusions, Acknowledgments, and References

Introduction: A Platform of Decentralized Privacy Coins ▸

Shielding Cryptocurrencies: Turning Any Cryptocurrency Into a Privacy Coin ▸

Trustless Custodians: A Decentralized Approach to Cryptocurrency Custodianship ▸

Sending Cryptocurrencies Confidentially: Ring Signature, Homomorphic Commitment, and Zero-Knowledge Range Proofs ▸

Privacy at Scale with Dynamic Sharding ▸

Consensus: A Combination of iPoS, Multiview-pBFT, and BLS ▸

Multiview PBFT ▸

Incognito Software Stack: Navigating the Incognito Source Code ▸

Incognito Performance ▸

Network Incentive: Privacy (PRV) ▸

User-Created Privacy Coins ▸

Use Cases: Privacy Stablecoins, Privacy DEX, Confidential Crypto Payroll, and more ▸

Future Work: Smart Contracts, Confidential Assets, Confidential IP, and more ▸

Conclusions ▾

We built a new cryptonetwork to provide privacy for other cryptonetworks. To shield cryptocurrencies, we implemented a decentralized group of trustless custodians. To provide privacy, we use the linkable ring signature scheme, homomorphic commitment scheme, and zero-knowledge range proofs. To scale out network performance, we implemented sharding, pBFT, and proof-of-stake.

Incognito has been live on its mainnet since November 2019, with 8 shards powered by 885 validators. An increasing number of shards will continue to scale out the transaction throughput linearly.

Cryptocurrencies are increasing in number every day. Some of them wrap around existing assets like fiat (USDC) and gold (DGX) and make them more efficient. Some of them introduce entirely new asset classes, like programmable governance tokens (MKR). If this development trend continues, as we believe it will, cryptocurrencies are likely to play a very important role in the near future. It is not far fetched to estimate that cryptocurrencies will increasingly compose an individual’s net worth or a company’s balance sheet. Incognito hopes to give these assets and their owners – both now and in the future – the option to claim their right to privacy.


We thank 600+ founding nodes for powering the Incognito network since the testnet, Binance for the development grant to build incognito mode for Binance Chain, and members from the wider crypto community for their support, ideas, and encouragement. We’d especially like to thank the thousands of Incognito users who help us improve the network every day.


[Adam, 2018] Adam, H. (2018). Uniswap whitepaper. URL: https ://

[Baneth, 2019] Baneth, T. (2019). Waterloo - a decentralized practical bridge between EOS and Ethereum. URL:

[Benet and Dias, 2019] Benet, J. and Dias, D. (2019). libp2p specification. Technical report, URL:

[Boneh et al., 2018] Boneh, D., Drijvers, M., and Neven, G. (2018). Compact multi-signatures for smaller blockchains. In International Conference on the Theory and Application of Cryptology and Information Security, pages 435-464. Springer.

[Boudot, 2000] Boudot, F. (2000). Efficient proofs that a committed number lies in an interval. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 431-444. Springer.

[Bojja Venkatakrishnan et al., 2017] Bojja Venkatakrishnan, S., Fanti, G., and Viswanath, P. (2017). Dandelion : Redesigning the bitcoin network for anonymity. Proceedings of the ACM on Measurement and Analysis of Computing Systems, 1(1) :1-34.

[Bunz et al., 2018] Bunz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., and Maxwell, G. (2018). Bulletproofs : Short proofs for confidential transactions and more. In 2018 IEEE Symposium on Security and Privacy (SP), pages 315-334. IEEE.

[Buterin et al., 2014] Buterin, V. et al. (2014). A next-generation smart contract and decentralized application platform. white paper, 3(37).

[BTC Relay, 2019] BTC Relay (2019). A bridge between the Bitcoin blockchain & Ethereum smart contracts. URL:

[Castro et al., 1999] Castro, M., Liskov, B., et al. (1999). Practical byzantine fault tolerance. In OSDI, volume 99, pages 173-186.

[Chaum and Van Heyst, 1991] Chaum, D. and Van Heyst, E. (1991). Group signatures. In Workshop on the Theory and Application of Cryptographic Techniques, pages 257-265. Springer.

[Cheng et al., 2018] Cheng, R., Zhang, F., Kos, J., He, W., Hynes, N., Johnson, N., Juels, A., Miller, A., and Song, D. (2018). Ekiden : A platform for confidentiality-preserving, trustworthy, and performant smart contract execution.

arXiv preprint arXiv :1804.05141.

[Croman et al., 2016] Croman, K., Decker, C., Eyal, I., Gencer, A. E., Juels, A., Kosba, A., Miller, A., Saxena, P., Shi, E., Sirer, E. G., et al. (2016). On scaling decentralized blockchains. In International conference on financial cryptography and data security, pages 106-125. Springer.

[Diffie and Hellman, 1976] Diffie, W. and Hellman, M. (1976). New directions in cryptography. IEEE transactions on Information Theory, 22(6) :644-654.

[Dwork and Naor, 1992] Dwork, C. and Naor, M. (1992). Pricing via processing or combatting junk mail. In Annual International Cryptology Conference, pages 139-147. Springer.

[Finney, 1993] Finney, H. (1993). Detecting double- spending. URL:

[Fujisaki and Suzuki, 2007] Fujisaki, E. and Suzuki, K. (2007). Traceable ring signature. In International Workshop on Public Key Cryptography, pages 181-200. Springer.

[Gentry and Boneh, 2009] Gentry, C. and Boneh, D. (2009). A fully homomorphic encryption scheme, volume 20. Stanford University.

[Go, 2009] Go, T. (2009). The go programming language specification. Technical report, http://golang. org/doc/doc/go spec.html, Google Inc.

[Goldreich et al., 1991] Goldreich, O., Micali, S., and Wigderson, A. (1991). Proofs that yield nothing but their validity or all languages in np have zero-knowledge proof systems. Journal of the ACM (JACM), 38(3) :690-728.

[Incognito, 2019a] Incognito, T. (2019a). Incognito mode for ethereum. Technical report. URL: https://incognito. org/blog/incognito-mode-for-ethereum.

[Incognito, 2019b] Incognito, T. (2019b). pDEX: The first privacy-protecting decentralized exchange. Technical report. URL: incognito-dex-trade-crypto-privately-tech-overview.

[Jedusor, 2016] Jedusor, T. E. (2016). Mimblewimble. URL:

[Juels, 1999] Juels, A. (1999). Client puzzles : A cryptographic countermeasure against connection depletion attacks. In Proc. Networks and Distributed System Security Symposium (NDSS), 1999.

[King and Nadal, 2012] King, S. and Nadal, S. (2012). Ppcoin : Peer-to-peer crypto-currency with proof-of-stake. self-published paper, August, 19.

[Kokoris-Kogias et al., 2018] Kokoris-Kogias, E., Jovanovic, P., Gasser, L., Gailly, N., Syta, E., and Ford, B. (2018). Omniledger : A secure, scale-out, decentralized ledger via sharding. In 2018 IEEE Symposium on Security and Privacy (SP), pages 583-598. IEEE.

[Kovri, 2018] Kovri. The Kovri Project, 2018. URL:

[Kwon, 2014] Kwon, J. (2014). Tendermint: Consensus without mining. Draft v. 0.6, fall, 1(11).

[Li et al., 2018] Li, C., Li, P., Zhou, D., Xu, W., Long, F., and Yao, A. (2018). Scaling nakamoto consensus to thousands of transactions per second. arXiv preprint arXiv :1805.03870.

[Liu et al., 2004] Liu, J. K., Wei, V. K., and Wong, D. S. (2004). Linkable spontaneous anonymous group signature for ad hoc groups. In Australasian Conference on Information Security and Privacy, pages 325-335. Springer.

[Luu et al., 2016] L Luu, V Narayanan, C Zheng, K Baweja, S Gilbert, P Saxena. (2016). A secure sharding protocol for open blockchains. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications.

[Luu and Yaron, 2017] Luu, L. and Yaron, V. (2017). Kyber Network : A trustless decentralized exchange and payment service. URL : https://home.Kyber. network/assets/KyberNetworkWhitepaper. pdf.

[Maxwell, 2015] Maxwell, G. (2015). Confidential transactions. URL: values.txt (Accessed 09/05/2016).

[Merkle, 1980] Merkle, R. C. (1980). Protocols for public key cryptosystems. In 1980 IEEE Symposium on Security and Privacy, pages 122-122. IEEE.

[Morais et al., 2019] Morais, E., Koens, T., Van Wijk, C., and Koren, A. (2019). A survey on zero knowledge range proofs and applications. SN Applied Sciences, 1(8) :946.

[Nakamoto, 2008] Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. URL:

[Noether et al., 2016] Noether, S., Mackenzie, A., et al. (2016). Ring condential transactions. Ledger, 1 :1-18.

[Pedersen, 1991] Pedersen, T. P. (1991). Non-interactive and information theoretic secure verifiable secret sharing. In Annual international cryptology conference, pages 129-140. Springer.

[Reid and Harrigan, 2013] Reid, F. and Harrigan, M. (2013). An analysis of anonymity in the bitcoin system. In Security and privacy in social networks, pages 197-223. Springer.

[Ren, 2019] Ren (2019). A privacy preserving virtual machine powering zero-knowledge financial applications. URL :

[Rivest et al., 2001] Rivest, R. L., Shamir, A., and Tauman, Y. (2001). How to leak a secret. In International Conference on the Theory and Application of Cryptology and Information Security, pages 552-565. Springer.

[Van Saberhagen, 2013] Van Saberhagen, N. (2013). Cryptonote v 2.0. URL:

[Sasson et al., 2014] Sasson, E. B., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., and Virza, M. (2014). Zerocash : Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy, pages 459-474. IEEE.

[Szabo, 2005] Szabo, N. (2005). Trusted third parties are security holes. White Paper. URL:

[TBTC, 2019] TBTC (2019). tBTC: A decentralized redeemable BTC-backed ERC-20 token. URL:

[Visa, 2018] Visa (2018). Visa acceptance for retailers. URL: small-business-tools/retail.html.

[WBTC, 2019] WBTC (2019). Wrapped Bitcoin. URL:

[Wood, 2014] Wood, G. (2014). Ethereum: A secure decentralised generalised transaction ledger. URL:

[Zamani et al., 2018] Zamani, M., Movahedi, M., and Raykova, M. (2018). Rapidchain: A fast blockchain protocol via full sharding. IACR Cryptology ePrint Archive, 2018 :460.

[Zilliqa, 2017] Zilliqa, T. (2017). The Zilliqa technical whitepaper. URL:


@dungtran thanks for References :face_with_monocle: