Account-Based Privacy: The Unprecedented Combination
Architectural Breakthrough: DERO achieves something no other blockchain has accomplished: combining an account-based model with strong privacy guarantees through homomorphic encryption. This enables direct account updates, simple balance tracking, and private smart contracts - all with encrypted amounts.
What Problem Does This Solve?
The Challenge:
Blockchain needs:
β Account simplicity
β Privacy guarantees
β Smart contract support
β Direct account updates
But historically:
β Accounts = No privacy
β Privacy = Output-based only
β Can't have both... or can we?DERO's Solution:
- β Account-based model (simple, fast)
- β Homomorphic encryption (privacy)
- β Private smart contracts (unique to DERO)
- β Best of both worlds
The Account Model Advantage
How DERO's Accounts Work
Account Structure:
- Balance is a single value that can be directly updated
- Direct query - no need to sum outputs
- Simple add/subtract operations
- Natural fit for smart contracts
- Lower complexity than output-based systems
Why Account + Privacy Is Hard
The Challenge DERO Solved
The Impossible Problem:
Why This Was Thought Impossible:
The Account Privacy Challenge
For accounts with privacy:
1. Balance must be encrypted
2. Operations must work on encrypted values
3. Network must verify without decrypting
4. Updates must be direct
5. Must support smart contracts
The problem:
β How to add E(old) + E(new)?
β How to verify E(balance) >= E(amount)?
β How to update encrypted balance ciphertexts?
β How to do this efficiently?
Most blockchains: CANNOT solve thisThree Key Advantages
1. Transaction Confirmation (Target Block Time)
DERO's Flow: Submit to mini-block system β account update β main block target time (BLOCK_TIME = 18s)
| Aspect | DERO Account Model |
|---|---|
| Confirmation | Target block time: 18 seconds |
| Validation | Simple account update |
| Block Structure | Mini-blocks + main blocks |
| Finality | Same-block finality |
Advantage: Fast confirmation with account model + privacy β
Source: Target block time is defined by config/config.go:34 (const BLOCK_TIME = uint64(18)).
2. Simple Balance Checking
DERO's Flow: Query encrypted balance β decrypt with private key (no chain scanning)
| Step | DERO Account Model |
|---|---|
| 1 | Query encrypted balance |
| 2 | Decrypt with private key |
| 3 | See balance locally |
| Time | No chain scanning required |
| Data Required | One RPC call |
Advantage: Balance checks without full sync β
3. Smart Contract Compatibility
DERO Account Model: Natural state storage, direct balance updates, contracts can move encrypted wallet balances homomorphically without seeing the amount
| Feature | DERO Account Model |
|---|---|
| State Storage | β
Natural (STORE/LOAD to graviton tree, plaintext) |
| Balance Updates | β Direct (homomorphic on encrypted wallet balances) |
| Logic Complexity | β Full support |
| Encrypted Wallet Token Balances | β Contract can transfer without decrypting the amount |
Advantage: Rich smart contracts whose token movements preserve user privacy (contract logic and state itself are public).
Technical Implementation
How DERO Manages Encrypted Accounts
Account Structure:
- Address:
dero1qy... - Encrypted balances stored in Graviton DB
- Key: the compressed public key (33 bytes β
tx.MinerAddress[:]or the pubkey decoded from the bech32 address); thedero1qy...bech32 form is only the display encoding. Value:E(amount)(ElGamal(Left, Right)pair) - Supports multiple assets: DERO, tokens, etc.
Balance Updates:
Simplified pseudocode (blockchain/transaction_execute.go):
// Conceptual flow β see source for actual implementation
func UpdateBalance(address, amount):
old_encrypted := LoadBalance(address) // E(old)
new_encrypted := HomomorphicAdd(old_encrypted, amount) // E(old + amount)
StoreBalance(address, new_encrypted) // Save E(new)
// Network never decrypts old, amount, or new!Mini-Blocks and Finality
How DERO Achieves Fast Confirmation
Mini-Block Architecture:
Timeline:
| Step | Order | What Happens |
|---|---|---|
| 1. Submit | 1 | User submits transaction |
| 2. Mini-Block | 2 | Included in mini-block |
| 3. Update | 3 | Homomorphic balance update |
| 4. Main Block | 4 | Aggregated and confirmed |
| 5. Final | 5 | Transaction final |
Why This Works:
- Single account validation (simple)
- Easy parallelization
- Fast confirmation
- Privacy maintained throughout
DERO combines: Speed of accounts + Privacy of encryption β
Wallet Synchronization
Lightweight Clients Possible
DERO Account-Based: Query encrypted balance to Decrypt with private key = Seconds (optional history sync)
| Aspect | DERO Wallet |
|---|---|
| Required | Query encrypted balance |
| Time | Seconds |
| Data | Minimal (one query) |
| Optional | Transaction history sync |
Advantage: Lightweight wallets with full privacy β
Privacy Guarantees
Naming note: "Ring signature" is the user-facing name DERO uses for what the source actually implements as an Anonymous Zether-style anonymity-set ZK proof (see cryptography/crypto/proof_generate.go and proof_verify.go). The user-facing term is colloquial; the construction is not a classical (Schnorr/LSAG/MLSAG) ring signature.
What Account Model Doesn't Compromise
| Privacy Aspect | DERO Account Privacy |
|---|---|
| Sender | β Anonymity-set proof (hidden among 8 potential senders at ring size 16) |
| Amount | β Encrypted (homomorphic operations) |
| Unlinkability | β Different rings per transaction |
| Smart Contracts | β οΈ Contract code and STORE/LOAD state are public; what's private is the token balances in user wallets that a contract can move homomorphically without seeing the amount (see Private Smart Contracts) |
Result: Strong privacy guarantees on transfers and balances; contract logic is openly auditable.
What a verified DERO-PROOF reveals
The privacy guarantees above are the defaults β what the chain hides from every observer. DERO also gives the sender a per-transaction escape hatch: the DERO-PROOF (a.k.a. DERO proof or transaction proof elsewhere in these docs β same thing, single canonical wire-format string). By sharing the proof string for one specific transaction, the sender lets a verifier confirm what was sent to whom β on-chain equivalent of handing someone a receipt.
A verified DERO-PROOF on the public explorer surfaces exactly three fields:
| Field | What it reveals |
|---|---|
| Receiver address | The dero1q... that was paid. The sender remains hidden in the ring. |
| Amount | Exact DERO transferred, in standard units |
| Memo / decoded payload | The optional comment field from the transfer, if one was attached |
The proof scheme is sender-driven: the sender holds the tx key, runs the proof tool, and hands the resulting string to whoever needs to verify the payment. The verifier resolves it against the on-chain transaction; the chain confirms that the named receiver was paid the named amount.
Source: proof/proof.go (Prove() returns receivers, amounts, payload_raw, payload_decoded); cmd/explorer/explorerlib/explorerlib.go wires the result into the explorer UI; cmd/explorer/explorerlib/templates/tx.tmpl renders the verified-proof block as {receiver} Received {amount} DERO.
Note: scope is one transaction at a time. A proof for tx-A reveals nothing about tx-B, even between the same parties.
Why DERO's Approach Works
The Account Model Advantage
| Feature | DERO Has |
|---|---|
| Privacy | β Built-in (homomorphic encryption) |
| Speed | β Target block time: 18 seconds |
| Smart Contracts | β Natural support with privacy |
| Balance Check | β No chain scanning required |
| Complexity | β Low (simple account model) |
| Wallet Sync | β Lightweight clients supported |
DERO proved: You CAN have account simplicity AND privacy!
What Makes DERO Unique
| Aspect | DERO |
|---|---|
| Privacy | β Built-in from architecture |
| Design | β Designed for encryption |
| Homomorphic | β Fundamental to the system |
| Status | β Proven in production |
Key Takeaways
What Account-Based Privacy Provides
| Feature | Benefit | Impact |
|---|---|---|
| β‘ Target Block Time | 18 seconds | Consensus target |
| π Encrypted Balance | Query encrypted balance | No sync needed |
| π Smart Contract Privacy | Contract state is public; wallet token balances stay encrypted across SC transfers | Unique to DERO |
| π¦ Simple Wallets | Lightweight clients | Easy adoption |
| π― Account Simplicity | One balance per account | Lower complexity |
| β Complete Privacy | All guarantees maintained | Best of both |
What It Enables
- β Private Smart Contracts - Unique to DERO
- β Encrypted Balance Queries - No blockchain scanning
- β Lightweight Wallets - No chain scanning required
- β Target Block Time - 18 seconds
- β Account Simplicity - Lower complexity
- β Proven in Production - Working system, not theoretical
Innovation: DERO demonstrated that privacy with accounts was possible through homomorphic encryption. Accounts can be just as private - while being simpler and faster.
Related Pages
Privacy Suite:
- Ring Signatures - Transaction anonymity
- Homomorphic Encryption - Balance privacy
- Transaction Privacy - Complete privacy model
Technical:
- DERO Wallets - Stealth address generation
- Wallet RPC API - Integrated addresses
Understanding DERO:
- DERO Tokens - Account-based asset model
- Privacy Features - Full privacy suite overview