MobileCoin is an encrypted-focused cryptocurrency designed for use in everyday transactions. MobileCoin addresses 4 fundamental issues: Security, Transaction Speed, Energy Consumption, and Optimization for Mobile devices. No one except for the sender and receiver can see the details of the transaction. The public blockchain is encrypted to ensure security. MobileCoin is an unrivaled cryptocurrency designed to be fast and secure enough to be used for mobile transactions.
We believe in fast, secure, and easy to use payments on mobile devices. MobileCoin is currently available for use with one of the world’s most secure messaging apps. By design, it’s easy to link a MobileCoin wallet to your phone so you can start sending funds to friends and family, receive funds from them, keep track of your balance, and review your transaction history with a simple interface. Since the goal is to keep your data in your hands, MobileCoin’s design means no third party has access to your balance, full transaction history, or funds. You can also transfer your funds at any time if you want to switch to another app or service.
MobileCoin Inc. was founded in 2017 by Josh Goldbard & Shane Glynn. It is a venture-backed company based in San Francisco, CA. The MobileCoin Protocol was open-sourced by the MobileCoin Foundation in 2020. The network went live on December 7, 2020.
MobileCoin is currently being used for payments in some of the world’s most secure messaging apps. MobileCoin is mobile-first and also works on desktop, offering both the speed and security expected for a payment system.
MobileCoin could be the foundation for an accessible, secure, and sustainable payments system for the world to use. The best way to create this technology is via a new cryptocurrency and encrypted blockchain. Currently, there is no cryptocurrency that is designed to offer both the security and speed expected for payments. The MobileCoin Foundation provides governance for the MobileCoin Protocol in order to help solve for the most important aspects of any modern payment system: Security, Transaction Speed, Energy Consumption, and Optimization for Mobile. Think of a simple, secure currency utility, like PayPal but encrypted.
While other blockchains take as much energy to run an entire country, you could power all of transactions on the MobileCoin Protocol with the same energy needed to power a few households. Since MobileCoin technology uses the Federated Byzantine Agreement instead of Proof of Work, node servers are mostly idle – they only wake up to do work when there is work to do, saving enormously on energy consumption. And now, thanks to the MobileCoin community, MobileCoin is the first carbon negative cryptocurrency.
People and entities misuse all types of financial platforms and instruments. Outside the US, MobileCoin can be purchased at www.buymobilecoin.com, which applies best practices of financial institutions around the world to prevent bad actors from obtaining MobileCoin. Any third-party entities that buy, sell, or trade MobileCoin apply their own standards and practices to vet persons or entities trying to purchase MobileCoin.
Secure enclaves can provide improved integrity and confidentiality while functioning as intended. Like most complex new technologies, we should anticipate that design flaws will inevitably be discovered. Several side channel attacks against secrets protected by Intel SGX have been published, and subsequently patched or otherwise mitigated. MobileCoin is designed to provide "defense in depth" in the event of an attack based on a secure enclave exploit. MobileCoin transactions use CryptoNote technology to ensure that, even in the clear, the recipient is concealed with a one-time address, the sender is concealed in a ring signature, and the amounts are concealed with Ring Confidential Transactions (RingCT).
In the event of an Intel SGX compromise, the attacker's view of the ledger inside the enclave would still be protected by both ring signatures and one-time addresses, and amounts would remain concealed with RingCT. These encryption mechanisms leave open the possibility of statistical attacks that rely on tracing the inputs in ring signatures to determine probabilistic relationships between transactions. This attack is only applicable to transactions made during the time that the secure enclave exploit is known, but not patched. Once the Intel SGX vulnerability is discovered and addressed, statistical attacks are no longer possible, therefore forward secrecy is preserved.
You can run the consensus-service using Intel SGX in simulation mode, however you will not be able to participate in consensus with other validator nodes. Your software measurement will be different from hardware-enabled Intel SGX peers and remote attestation will fail.
Yes, you can operate a watcher node and validate block signatures by running the mobilecoind daemon, which does not require Intel SGX.
Keys will never leave your mobile device. For more details on how this works, please see the MobileCoin Fog README.
Fog is a scalable service that helps users find their transactions, conduct balance checks, and build new transactions. Fog does so without requiring a local copy of the blockchain and without revealing a user's activities or giving away their private keys.
Fog is intended to be run by app providers to provide their users with a safe and positive mobile experience. Users need only trust the integrity of SGX, and not the service provider.
Fog is thus not a single, decentralized network, but can be deployed as needed by each party willing to offer this service. Fog can be treated as critical infrastructure for an app, and can be scaled to meet each party's needs.
The purpose of the hint field is to send an encrypted message to the Fog ingest enclave, which it finds when it post-processes the blockchain. A conforming client puts only an mc-crypto-box ciphertext of a specific size there. For non-fog transactions, a ciphertext encrypted for a random public key should be put there. Putting something in the hint field which is distinguishable from this may degrade security.
For troubleshooting help and other questions, please visit our community forum.
You may also open a technical support ticket via email