The Incognito privacy stack - How am I private?

Incognito is a privacy ecosystem.

It’s not a single privacy coin, it’s a place you can go to use any of your favorite cryptocurrencies privately.

It’s not a mixer, it’s a layer of privacy that protects you while you’re in it.

Simply shielding and then unshielding your crypto right away does not benefit your privacy. Incognito provides privacy for your crypto while you use it on-chain. When you unshield, you’re sending your crypto to a public blockchain and removing it from the safety of Incognito’s privacy.

But what is that privacy, exactly?

Let’s take a look at just how you’re private with Incognito, and in what ways we’re going to increase our level of privacy in the near future.

Privacy levels

Here’s how we’ll be assigning levels of privacy to things in this topic:

Public - Bitcoin-level privacy. Nothing is tied to your actual identity, and Incognito does not use KYC or identity verification. However, your pseudonymous addresses are visible and so are the coin type and amounts.

Semi-private - Parts of the function are completely anonymous, and more so than with, say, Bitcoin, but some data are still visible.

Completely private - Total anonymity. Nothing links to your pseudonymous addresses, let alone your actual identity.

For visible data, check the network explorer.
To access the open-source code, visit the GitHub.

Transaction types

Before we look at privacy, we need to understand the transactions that take place on the network. There are three kinds, and every Incognito function relies on some combination of them:

1. Mint

A command that creates a new coin on the Incognito blockchain. Since the coins are native to the privacy network, we’ll call them privacy coins (pCoins) from now on.

Minting a pCoin is a public transaction. Coins must be minted to an address, and that address is visible, as is the number and type of coins. As you’ll see later, however, there are ways to privately use mint transactions.

2. Burn

A command that destroys a pCoin. Burning a pCoin is a public transaction. The amount and type of coin are visible.

3. Transfer (send<>receive)

A single transaction that is responsible for both sending and receiving. pCoins leave one address and appear in another.

In a transfer, the sender’s address is not visible, and neither is the amount of currency being transferred. The type of currency and the receiver’s payment address are visible for the time being.

Your receiving address is made up of 64 bytes, the first 32 of which are your public key, the last 32 of which are your public view key.

Privacy protocols

The above three kinds of transactions are the foundational functions of many blockchains. They are how chain data is created, so by necessity they cannot be private on their own.

To create privacy, there are a number of techniques that can be used together. Below is a look at some of the techniques Incognito uses.

Stealth addresses - Generates proxies to act as forwarding addresses, hiding the true sender.

Ring signature - Uses decoys and randomness to obscure the true spender of a transaction.

Confidential transactions/Pedersen commitments - Uses randomness to hide transaction amounts.

Homomorphic commitment - input commitments of a transaction are grouped, as are output commitments. Signers validate a zero-sum between them rather than actual amounts.

Bulletproofs/Zero-knowledge range proofs - Proves that transaction amounts are positive without revealing the amounts.

You can find a more detailed look at these protocols in Sending Cryptocurrencies Confidentially.

Relevant GitHub links:
pBFT (consensus)
Random Number Generation (in BTC package)
RingCT
Confidential Assets
Zero Knowledge

Coming privacy upgrades

Privacy can always be improved and expanded. We’re developing multiple new features that will increase the scope of privacy.

One-time addresses (OTA) - Creates single-use receiving addresses to hide the receiver in a transaction.

Confidential assets (CA) - Hides the type of cryptocurrency in the transaction by using randomness to categorize assets with blinded asset tags instead of unique identifiers.

Viewing key - enables user-controlled distributed access to encrypted balances.

Hardware wallet integration - Takes the Incognito wallet offline.

You can find our detailed plans in the 2021 Privacy Roadmap.

Privacy level of app features

Now that we understand the types of transactions and the techniques for ensuring privacy, let’s look at each of the Incognito app’s features and see how private they are.

Shield

Semi-private

”(Your non-Incognito address) sent (bridge custodial address) 1 BTC.”
” 1 pBTC was minted to (temporary proxy address).”
” Someone sent some pBTC to (your receiving address).”

Click to expand explanation

Transaction types used: Transfer, Mint

When you shield crypto by sending it to your Incognito address, the blockchain you’re leaving records all kinds of data, including the sending and receiving addresses.

The temporary address receives the shielded crypto, mints privacy versions of the same coins, and sends them to you.

Thanks to the use of the temporary address, the crypto is not minted directly to your address, enabling a semi-private transaction.

The third-party blockchain doesn’t know your true Incognito address, but your receiving address is still visible on the Incognito blockchain until OTA and CA are implemented.

Learn more about shielding >


Unshield

Public

”(Someone) sent some pBTC to (bridge custodial address)“
”(Bridge custodial address) burned 1 pBTC.”
”(Bridge custodial address) sent (your non-Incognito address) 1 BTC.”

Click to expand explanation

Transaction types used: Transfer, Burn

When you send your coins out of the Incognito network, they are no longer private. Just like with shielding, the other blockchain will record the sender and receiver.

The custodial address receives your pBTC, burns them, and releases an equal amount of standard BTC to the non-Incognito receiving address.

Incognito provides privacy for actions taken from within the network. It is not meant to be used as a mixer, and simply shielding and unshielding your crypto won’t do much for your privacy.


Send<>Receive

Completely private, semi-private

”Someone sent (the receiving address) some amount of BTC.”

Click to expand explanation

Transaction types used: Transfer

Send

When you send crypto between two Incognito addresses, the sender is completely anonymous.

No data is recorded about the sender’s address or identity. The amount of crypto sent/received is also unknowable.

Receive

The receiver’s address, consisting of public key and public view key, and the asset type (PRV, BTC, ETH, etc) are recorded.

Your receiving address is like your house address. No one can enter your home without a way to unlock the door (your private key).

Once OTA and CA are implemented, an onlooker can only see that “someone sent something to someone else“.


Trade

Completely private

”Someone sent some PRV to (intermediary address).”
”(Intermediary address) burned 0.05 PRV.”
”(Intermediary address) minted 1 pUSDT.”
”Someone sent some pUSDT to (your receiving address).”

Click to expand explanation

Transaction types used: Burn, Mint, Transfer

When you sell on the pDEX, the pCoins you sell are burned, and a record of the type and amount are kept on the blockchain. That record is called a “liquidity pool”.

Then, when someone buys the same type of pCoins you sold, new pCoins are minted, and the total of the liquidity pool is adjusted accordingly.

This is the same process for providing/withdrawing liquidity. However, since Mint and Burn transactions are public, an intermediary step was introduced to ensure your privacy.

When you sell your pCoins, they are sent to an Incognito address for that liquidity pool. You as the sender remain anonymous. Then they are burned from that address. The pCoins you purchased in that trade are then minted to the intermediary address, and transferred to you.

As a result, all anyone can see is that you received some amount of a pCoin. From whom is unknowable, and it’s not linked to a trade in any way. And yet simultaneously, all relevant market/trading data can be recorded without linking to you at all.

Once OTA and CA are introduced, even the fact that you received some amount of pUSDT will be unknowable.


Mint

Public

”1000000 ExampleCoin were minted to (your address).”

Click to expand explanation

Transaction types used: Mint

When you mint a privacy coin, you want to enter as many details as possible for the sake of transparency and to reassure users of the project’s legitimacy.

You can, however, opt to keep your identity hidden. In that case, what will be visible is the fact that your new pCoin was minted to your receiving address.


Provide/Withdraw

Completely private, semi-private

”Someone sent some PRV to (intermediary address).”
”(Intermediary address) burned 5000 PRV”
”(Intermediary address) minted 1000 PRV.”
“(Your receiving address) received some PRV.”

Click to expand explanation

Transaction types used: Burn, Mint, Transfer

Using the “Provide” feature and providing liquidity to the pDEX manually both follow the same process as trading, and have the same level of privacy.

When you deposit, you as the sender are anonymous.

The actions of the intermediary address burning and minting are not related to your transfers.

When you withdraw, it functions like a receive transaction, so your receiving address is visible. This will change with OTA and CA.


Power (Nodes)

Public

”(Node address) burned 1750 PRV.”
”1750 PRV was minted to (node address).”
”9.9 PRV was minted to (node’s receiving address).”

Click to expand explanation

Transaction types used: Mint, Burn

When you stake a node, you are burning 1750 PRV and it is recorded (so you can unstake later). Unstaking your node mints 1750 PRV to your node’s address.

Withdrawing your node’s block rewards is also a mint transaction, however, once OTA is introduced, a forwarding address will be used to transfer block rewards to you, and as the receiver you will be anonymous.


Quest

Semi-private

”(Your receiving address) received some QUEST/Prize.”

Click to expand explanation

Transaction types used: Transfer

When you receive QUEST tokens or a prize from the prize wheel, it’s just like receiving any other cryptoasset in a send<>receive transaction, because all prizes are currently held in master wallets so they don’t need to be minted.

As the receiver, your address will be visible, as well as the fact that you’ve received a prize or QUEST.


Keychain

Completely private

*static noises *

Click to expand explanation

Transaction types used: None

This is a local function of the app. Any actions you take in viewing, managing, and backing up your keys do not interact with the blockchain at all, and are restricted to the device you’re using to access the app.

Note: This is why it’s important to back up your private keys.

While the Keychain tab is a local and therefore private feature, your keys themselves have varying levels of privacy:

Private key: Private. Do not share with anyone.

Public key: The first half of your receiving address, which is visible until a future update.

Public view key: The second half of your receiving address, which is visible until a future update.

Readonly key (private view key): Private. Grants access to the details of your trades and transactions. Share only with people you want to give that information to.

Validator key: Used to assign an account to a Node, share only with someone you trust to set up/manage a Node for you. If you manage your own, do not share.

For more details on keys, see different keys explained.


Browser, Community, and Explorer

Completely private, variable

*silence *
*browser cookie noises *

Click to expand explanation

Transaction types used: None

The pApp browser is the engine used to access the Privacy Quest, the Community tab, and the Explorer tab. It’s a search engine, and can be used to visit websites.

It’s completely anonymous with regard to your Incognito app and addresses.

Websites do use cookies and various forms of logging, so be aware that your device may be logged by the websites you visit as if you were using a regular browsing app.


Settings

Completely private

*Invisibility noises *

Click to expand explanation

Transaction types used: None

Just like the Keychain tab, this is a local function of the app that has no interaction with the blockchain.


Building total privacy across the board

You can already enjoy total anonymity when doing just about anything with Incognito.

Incognito’s semi-private features are still much safer than transacting on a public blockchain, because there’s less data visible, and what is visible doesn’t link to your identity (no KYC, no ID verification).

But, we’re not stopping at anything short of total privacy and security across the board (and we won’t even stop then).

Look for more privacy upgrades in the near future, and let us know what features you want to see next!

28 Likes

a must-read post for all newcomers! Thank you @aaron

4 Likes

Call me Jon because –

5 Likes

A must read for everyone, amazing and concise explanation about the protocol’s privacy setting !!!

3 Likes

Ditto on that… :sunglasses:

1 Like

thanks for the detailed explanation :slightly_smiling_face:

2 Likes

Nice! It is more convenient and safe against using some coin.

1 Like

Thanks, this really helps when explaining the added value of the incognito wallet :ok_hand:t6:

Hi can someone clarify when shielding are you provided a one time BTC address? Is this a shared address?

Then when unshielding I have noticed from the receiving wallet my unshielding addresses has been the same on multiple transactions.

I am a little confused on this process? Can someone explain what happens during this process. Does the BTC break the public chain once it goes into the incognito chain. Or does it leave the private chain exactly the way it came in. Not sure if I have explained this accurately?

Hey @Razor When shielded you are provided a one-time-use address, these addresses are rotated to make it harder for someone to trace.

When you shield funds to Incognito, that transaction is public and traceable, once your funds are within the Incognito ecosystem, all transactions (trades, send, receive, etc) are private and untraceable.

When a user decides to leave the Incognito ecosystem they are also giving up the privacy given to their shielded assets. When you unshield, that transaction is public and traceable. Your best bet to remain completely private is to keep your tokens within the ecosystem. If there is a need to unshield, that transaction will be public once again.

One of the best things you can do to avoid being linked on the public ledger would be to shield asset A trade it for asset B and unshield asset B, since this will be on 2 different blockchains it will be alot harder to put 1 and 1 together. And if your asset B is for example XMR or ZEC even better :slight_smile:

-Hope that helps some.

3 Likes