How do you audit the supply on monero?
Discussion
Does not audit. 🤣
Lmao I’m genuinely curious how monero works. Is there even a limited supply cap?
That's just one of the problems, there isn't.
"This one is very common from the Bitcoin crowd, and is technically true.
However, there is a lot of thought and intentional design that has gone into the supply dynamics of Monero. Monero implements a “defined supply” of 18.4m coins, and has a tail emission of 0.6XMR per block after the defined supply has been mined. That tail emission starts ~May, 2022.
This means that Monero has extremely low inflation that approaches 0% forever, and is technically “disinflationary” or “asymptotatically approaching 0% inflation”. The inflation rate is currently lower than Bitcoin and gold, and will continue to decrease. It’s also important to realize that a low inflation rate like that of Monero is a way to replace lost coins over time in circulation, but is likely even too little inflation to account for lost coins (rough estimates are ~1.5% of coins lost in circulation each year, compared to Monero’s current inflation rate of 1.12% as of writing). This would mean that Monero is in fact deflationary, even with the low perpetual issuance.
It’s also extremely important to make it clear that Monero’s supply is pre-defined, verified and enforced via consensus, and entirely predictable, just like Bitcoin’s – you can know the inflation rate and totaly supply at any point in the future without doubts.
This tail emission enables two key features in Monero
A lower bound of network security forever (miners will always be able to rely on 0.6XMR per block, no matter the fee market)
A dynamic block size (Monero’s blocks can grow/shrink to adapt to short-term increases in usage, with a penalty to mining rewards during these times)."
https://sethforprivacy.com/posts/dispelling-monero-fud/#monero-has-an-infinite-supply
The question is... how can I do an audit? In #bitcoin I run a complete node and everything is very clear.
Again, as you didn't read my previous answer:
"If Monero is so private how do we know they're not being created out of thin air?
In Monero, every transaction output is uniquely associated with a key image that can only be generated by the holder of that output. Key images that are used more than once are rejected by the miners as double-spends and cannot be added to a valid block. When a new transaction is received, miners verify that the key image does not already exist for a previous transaction to ensure it's not a double-spend.
We can also know that transaction amounts are valid even though the value of the inputs that you are spending and the value of the outputs you are sending are encrypted (these are hidden to everyone except the recipient). Because the amounts are encrypted using Pedersen commitments what this means is that no observers can tell the amounts of the inputs and outputs, but they can do math on the Pedersen commitments to determine that no Monero was created out of thin air.
As long as the encrypted output amounts you create is equal to the sum of the inputs that are being spent (which include an output for the recipient and a change output back to yourself and the unencrypted transaction fee), then you have a legitimate transaction and know no Monero is being created out of thin air. Pedersen commitments mean that the sums can be verified as being equal, but the Monero value of each of the sums and the Monero value of the inputs and outputs individually are undeterminable."
I've read all your answers and I still don't know how to do an audit. But ok thanks for your time and research.
I'm sure you didn't read or you did read but couldn't understand, because everything is explained there on my previous answers
Maybe I'm just not ready for it.
I read all your answers. A lot of it is word salad. That’s why I asked you to explain it to me like I’m 5. But I appreciate your time and I respect your passion for privacy. If you don’t know how much monero is moving around then you can’t see the total supply. If you can’t see the total supply in all of the addresses then you have to trust that the monero team’s code isn’t wonky. What if there was a bug that increased the supply? There’s no way to know. Best case scenario, monero could be used for privacy (maybe) but it’s not a good store of value. Bitcoin might not be private by default but privacy on bitcoin is very doable and I think you’re smart enough to figure that out.
What part of
"We can also know that transaction amounts are valid even though the value of the inputs that you are spending and the value of the outputs you are sending are encrypted (these are hidden to everyone except the recipient). Because the amounts are encrypted using Pedersen commitments what this means is that no observers can tell the amounts of the inputs and outputs, but they can do math on the Pedersen commitments to determine that no Monero was created out of thin air."
you didn't understand?
It doesn’t make sense. What is a pederson commitment? How can you know there is no inflation if no one can verify the inputs and outputs? One of your posts said the miners do it. Ok so the miners can also figure out what is being sent? So if feds start mining monero then they can figure out everything you’re doing. And monero mining security is extremely weak so it’s not impossible.
You audit the same way you audit on bitcoin. You run a node.
No Bitcoiner is taking advantage of it's "very clear" blockchain to scrutinize the blockchain anyway so that doesn't help you. Are you making sure every block that all input = all outputs? No, you just run your node and pay no mind.
No supply cap. If this worries you dont use it as savings. Save in Bitcoin.
Stable predictable supply with inflation less than that of gold and continuously falling %. Bitcoin will be more scarce by ~2040. But right now Monero has less total supply than Bitcoin.
Use Monero for what it is better at a MoE. As p2p digital cash in your pocket. Much cheaper tx fees <1 cent that get cheaper the more txs there are. No tedious, slow, expensive, and inferior CJing necessary. And comes with strong default privacy.
That's the good part: we don't need 😂😂😂
"In assets that focus more heavily on fungibility, amounts are typically not presented in the clear. Take popular projects like Monero or (shielded) Zcash, for example. In these projects, amounts are hidden using cryptographic structures called Pedersen commitments. To show that a transaction balances, the sender generates a signature or proof that uses clever (but well-understood) arithmetic on these hidden amounts to demonstrate to the network that no new assets were created. This helps with indistinguishability, which is beneficial for fungibility, security, and privacy."
Explain this to me like I’m 5.
1. Open the link
2. Read it
Sounds like you need to open the link and read it:
“You can choose to represent amounts in the clear, like Bitcoin does; you can be sure that the supply is what you expect it to be (or fork to ensure this in case of exploited inflation), but you sacrifice fungibility and could expose users to personal risk. Or you can choose to hide amounts like (shielded) Zcash or Monero do; you improve privacy and fungibility, but at the cost of offloading supply soundness guarantees to the correctness of proof and signature constructions.”
Here is a more detailed answer!
"If Monero is so private how do we know they're not being created out of thin air?
In Monero, every transaction output is uniquely associated with a key image that can only be generated by the holder of that output. Key images that are used more than once are rejected by the miners as double-spends and cannot be added to a valid block. When a new transaction is received, miners verify that the key image does not already exist for a previous transaction to ensure it's not a double-spend.
We can also know that transaction amounts are valid even though the value of the inputs that you are spending and the value of the outputs you are sending are encrypted (these are hidden to everyone except the recipient). Because the amounts are encrypted using Pedersen commitments what this means is that no observers can tell the amounts of the inputs and outputs, but they can do math on the Pedersen commitments to determine that no Monero was created out of thin air.
As long as the encrypted output amounts you create is equal to the sum of the inputs that are being spent (which include an output for the recipient and a change output back to yourself and the unencrypted transaction fee), then you have a legitimate transaction and know no Monero is being created out of thin air. Pedersen commitments mean that the sums can be verified as being equal, but the Monero value of each of the sums and the Monero value of the inputs and outputs individually are undeterminable."