Transitioning RingCT Accounts: From Classical to Post-Quantum Security

Ring confidential transactions (RingCT) is a classical protocol that enhances transaction privacy within blockchain technology. It is primarily utilized in anonymous cryptocurrencies such as Monero. In recent years, to counter the security threats posed by quantum computing to classical RingCT (C-RCT), several post-quantum RingCT (P-RCT) protocols were proposed. However, prior studies do not address the account transition from C-RCT to P-RCT, which is essential to ensure the quantum resistance and usability of user accounts following the upgrade from C-RCT to P-RCT. In this article, we introduce a RingCT account transition protocol (RAT), which allows users to migrate their accounts from the blockchain with C-RCT to that with P-RCT. The protocol consists of two cryptographic components: 1) a zero-knowledge proof scheme used to prove that two group generators correspond to the same witness and 2) a cross-cryptosystems commitment transition protocol. RAT is fully decentralized and does not require any trusted third parties. Additionally, the transition process does not disclose the account balance and maintains both atomicity and consistency. The security of our protocol relies on the cryptographic components within RingCT, without the need for additional security assumptions, such as a trusted setup. The experimental results demonstrate the effectiveness of our protocol in practice.