Ring signatures are the cryptographic technique Monero uses to hide who sent a transaction. When you send Monero, your transaction is grouped with 15 decoys from the blockchain into a ring of 16. An observer sees 16 possible senders but can't determine which one is real. Combined with stealth addresses and RingCT, ring signatures make every Monero transaction private by default.

How Ring Signatures Work

Think of it like signing a document in a room with 16 other people. Everyone signs, and anyone looking at the signatures can verify that one of the 17 people signed it. But they can't figure out which one. The real signer is hidden among the group.

In Monero, this works with cryptographic outputs instead of physical signatures. When you send XMR, the network pulls 15 other transaction outputs from the blockchain as decoys. Your real output is mixed in with them. The resulting ring of 16 outputs is published on the blockchain. Anyone can verify that one of them was spent, but the math makes it impossible to determine which one.

Ring Size History

Monero's ring size has increased over time as the protocol matured:

Early Monero: ring size was optional, often as low as 4
2016: minimum ring size set to 3, then increased
2018: minimum ring size increased to 7
2020: fixed ring size of 11 (no longer user-selectable)
Current: fixed ring size of 16

Larger rings mean more decoys, which means stronger privacy. The trade-off is slightly larger transaction sizes, but the Monero community has consistently chosen privacy over efficiency.

The Three Layers of Monero Privacy

Ring signatures are one piece of a three-part system. Each part protects different information:

Ring Signatures: Hiding the Sender

Ring signatures answer the question "who sent this?" with "it could have been any of these 16 outputs." The real sender is cryptographically indistinguishable from the decoys.

A key innovation is the key image. Each transaction output can only be spent once. When you spend it, a unique key image is published. The network checks that this key image hasn't appeared before, preventing double-spending. But the key image doesn't reveal which of the 16 ring members created it.

Stealth Addresses: Hiding the Receiver

When someone sends you Monero, they don't send it to your public address. They generate a one-time stealth address derived from your public key. This address appears on the blockchain instead of your real address.

Even if you post your Monero address publicly, nobody can scan the blockchain and find your incoming transactions. Each payment creates a unique stealth address that only your wallet can recognize using your private view key.

RingCT: Hiding the Amount

Ring Confidential Transactions hide how much Monero was sent. The network needs to verify that inputs equal outputs (you can't create money from nothing), but it does this using cryptographic commitments instead of visible numbers.

The blockchain shows that a valid transaction occurred. It does not show whether you sent 0.001 XMR or 1,000 XMR.

How This Differs from Bitcoin

Bitcoin has none of these protections. Every Bitcoin transaction shows:
- Which address sent the funds (sender is public)
- Which address received them (receiver is public)
- Exactly how much was sent (amount is public)

Companies like Chainalysis analyze the Bitcoin blockchain for law enforcement and financial institutions. They can trace funds across addresses, cluster addresses belonging to the same person, and link transactions to real identities.

Monero makes this kind of analysis extremely difficult. The sender is hidden among 16 decoys, the receiver uses a one-time address, and the amount is encrypted. For a deeper comparison, read our Monero vs Bitcoin privacy analysis.

The CryptoNote Origin

Ring signatures in cryptocurrency originated from the CryptoNote protocol, published in 2013. Monero launched in 2014 as a fork of Bytecoin (the first CryptoNote implementation) after the community discovered that Bytecoin's developers had premined a large portion of the supply.

Monero's developers took the CryptoNote foundation and improved it significantly. RingCT was added in 2017. Ring sizes have increased. The protocol continues to evolve with regular hard forks that upgrade privacy and efficiency.

Common Questions About Ring Signatures

Can ring signatures be broken?

No practical attack against Monero's ring signatures has been demonstrated. Theoretical analysis has identified some statistical techniques that could narrow down the real sender in certain edge cases (like spending immediately after receiving), but these are mitigated by the current ring size of 16 and timing recommendations.

Do ring signatures make Monero slower?

Ring signatures increase transaction size compared to a simple transaction. Each ring member adds data to the transaction. Monero developers have worked to optimize this with techniques like Bulletproofs (which dramatically reduced RingCT proof sizes). In practice, Monero transactions confirm in about two minutes.

Can I verify my own transactions?

Yes. You can share your view key or generate a payment proof to prove you sent or received a specific transaction. Privacy is the default, but you can selectively disclose when you need to.

Do all Monero wallets use ring signatures?

Yes. Ring signatures are part of the Monero protocol. Every wallet that sends Monero uses them automatically. There's no way to send a "non-private" Monero transaction. When you use Monero One or any other Monero wallet, ring signatures, stealth addresses, and RingCT are applied to every transaction without any action on your part.

Using Monero Privately

The privacy guarantees from ring signatures, stealth addresses, and RingCT are built into the protocol. But your wallet choice still matters. Some wallets use light wallet servers that require your view key, which gives a third party visibility into your transactions.

Monero One connects directly to Monero nodes without sharing your view key with any server. It supports Tor routing through two included onion nodes. Every privacy feature Monero offers works automatically. Read our guide to storing Monero safely for more on choosing the right setup.