Uncovering Stegos with Joel Reymont
This article was originally published on The Daily Chain, 17th March 2020.
“Apps will be published to the Stegos blockchain, so they must follow the rules outlined by network consensus. Similarly to Ethereum dapps accessed through the likes of Metamask, you will interact with Stegos apps through the mobile application.”
Joel Reymont, Stegos Founder and CEO, March 2020
Stegos is not just a privacy currency, it is a privacy ecosystem. The vision offers not just an app, but an App Store. It is entirely unique, and built from scratch with some unique technology: a sophisticated mixing technology, anonymous messaging, mobile staking, and gamified proof-of-stake (with the possibility of huge rewards) to name just a few.
The full vision of Stegos (STG) is even more ambitious, and goes way beyond most coins and currencies. Those who created it are veterans in their respective fields of expertise, which are diverse and eclectic.
I’ve never seen anything quite like Stegos. Named after the Ancient Greek steganos (the root of steganography), meaning “to cover”, it will now be revealed here on The Daily Chain.
Questions have been answered by Joel Reymont, CEO and Founder, in collaboration with other team members.
“The Stegos Privacy Platform (Stegos) combines a unique blockchain and token design to implement the first cryptocurrency that’s absolutely private, secure, efficient and environmentally sustainable. Stegos uses the UTXO (coin) model and gPoS (gamified Proof- of-stake) consensus, combining existing privacy coin ideas and the latest cryptographic research to create a fully scalable and prunable privacy blockchain and application plat- form.”
The whitepaper: A long and detailed document which mentions everything and more you might expect of a privacy coin.
Sharding for scalability, pruning and data compaction, fast data messaging, the Stegos mobile app, privacy applications, private p2p marketplaces, and even an App Store.
But was has actually been implemented?
GM: Mainnet launched earlier this year. Please discuss which of the features mentioned in the whitepaper have already been implemented, and which others we will see in 2020.
JR: “All of the core features, such as Snowball, messaging bus, and the validator service award are live on mainnet, which launched late last year. Per our updated roadmap, the next blockchain features include the gossip protocol and pruning. The gossip protocol will allow nodes to communicate with each other, making the network even faster and more secure. Pruning will keep the blockchain compact — never beyond 1–2 GB, which will greatly increase the accessibility of mobile nodes.”
“Beyond that, the focus of current and future development is on creating user-friendly private applications and services that will make Stegos easy to use and worthwhile for people worldwide. This is best reflected in the development of our mobile application (the first version of which will be released next month) and will further be reflected by the private marketplace, app store, and decentralized exchange, and other initiatives.”
Stegos is not a fork, and as such is written from scratch. I will introduce the impressive team who created Stegos shortly. But first let’s examine some of the technology, starting with private transactions.
Payment and data transactions in Stegos are unlinkable, untraceable, and completely confidential thanks to Stegos’ Snowball protocol (see Appendix B). Every Stegos transaction is directed to a new and unique stealth address, making it impossible to identify the recipients. Snowball also makes it impossible to trace Stegos transaction history, since individual transactions are first joined together to form a supertransaction before being submitted to blockchain validators. This is all done in a secure and privacy-preserving way, while ensuring that Stegos coins remain fully fungible.
CoinJoin and Supertransactions
The above excerpt from the Stegos whitepaper describes “Snowball”, the technology which makes Stegos transactions private. The name articulates the technique for joining all transaction into a “supertransaction”.
CoinJoin is a trustless method for combining multiple Bitcoin payments from multiple spenders into a single transaction to make it more difficult for outside parties to determine which spender paid which recipient or recipients
Put simply by its creator Gregory Maxwell:
When you want to make a payment, find someone else who also wants to make a payment and make a joint payment together.
Gregory Maxwell [bitcointalk]
On reading the whitepaper the similarities of the two protocols are duly explained. Snowball is an implementation of ValueShuffle with some improvements. In turn, ValueShuffle is an extension of CoinShuffle, an enhanced version of the CoinJoin protocol.
ValueShuffle ensures the anonymity of mixing participants as well as the confidentiality of their payment values, even against malicious mixing participants.
“ValueShuffle: Mixing Confidential Transactions for Comprehensive Transaction Privacy in Bitcoin” 
A Bitcoin Cash implementation of CoinShuffle
In their 2017 paper Pedro Moreno-Sanchez and Tim Ruffing explain the principles of ValueShuffle.
ValueShuffle ensures the anonymity of mixing participants as well as the confidentiality of their payment values even against other possibly malicious mixing participants. By combining CoinJoin with Confidential Transactions and additionally Stealth Addresses, ValueShuffle provides comprehensive privacy (payer anonymity, payee anonymity, and payment value privacy) without breaking with fundamental design principles or features of the current Bitcoin system.
ValueShuffle improves on CoinShuffle by also obfuscating the amounts sent by anonymized parties. Stealth addresses obfuscate the identities, and Blockstream’s “Confidential Transactions” innovation conceal the amounts. Tim and Pedro designed both protocols, and as Tim says in a 2017 interview with Bitcoin Magazine:
The combination of these two privacy-enhancing technologies, while not requiring any trusted third party, is what makes ValueShuffle unique.
One criticism of ValueShuffle is that it is vulnerable to Sybil attacks, particularly while a small anonymity set (the coins in the ValueShuffle system). Tim confirms this himself in a Bitcointalk forum post:
It’s true that all solutions with a limited anonymity set somehow suffer from sybil attacks. However, if the possible anonymity set is large enough, and the system is indeed used regularly, then it’s quite probably that there will be some honest users in it.
For Stegos this limitation has been lifted by making every single transaction anonymous, and thusly providing a large anonymity set.
GM: What are the differences between Snowball and CoinJoin, and with consideration of metadata leaks in Monero and ZCash, is it really “impossible to trace Stegos transaction history”, as your whitepaper claims?
JR: “Snowball is our implementation of CoinJoin, with various changes and improvements on top of the core protocol. So it’s an improvement on standard CoinJoin. Further details can be found in the appendixes of the white paper.”
“Other privacy coins such as Monero and ZCash have two classes of vulnerability: when information pertaining to the transaction needs to be transmitted via a non-secure roue, and when on-chain activity is contextualized to recognize patterns and infer identities. Stegos recognizes that these issues permeate privacy coins across the board, and is actively built to prevent them.”
“This is best reflected in our comprehensive approach of providing messaging and applications packaged alongside currency transactions. A lot of the vulnerabilities are linked to insecure third party applications that are necessary to use with XMR or ZEC. In contrast, Stegos is an all-in-one privacy ecosystem: you aren’t tied to those third parties any more.”
“Stegos is also fully unlinkable. Although we currently have public transactions (a temporary necessary evil for integrating with exchanges), these outputs cannot be sent to other users. They can only be cloaked.”
“Additionally, the lightweight nature of Stegos makes it feasible to run a node through a VPS, rather than on a local machine. We highly encourage this practice, and it works to further increase anonymity. Long story short: it really is impossible, and anyone who thinks otherwise is welcome to try their luck!”
Gamified Proof-of-Stake (gPoS)
Stegos secures its chain by staking coins. In many ways gPoS is very similar to ordinary Proof-of-Stake (PoS) and the number of coins you stake directly correlates to your chance of minting the next block and collecting the reward. But crucially they don’t earn all the rewards.
Validator Service Award
The gamification is introduced by allocating a third of the block rewards to the Validator Service Award (VSA). This award is given to a randomly chosen node every month, like a lottery. The only requirement for selection is that the node be operational 100% of the time since the last VSA lottery.
The Validator Service Award is a massive, winner-take-all jackpot only available to active, persistent stakers. You need to be staking for 100% of all blocks since the last award to be eligible, but crucially that’s the only consideration.
How it Works: Gamified Proof-of-Stake (gPoS) 
GM: Can you please elaborate on “verifiable distributed randomness” and the concept of a cryptographic lottery?
JR: “Verifiable distributed randomness is an implementation of a verifiable random function (VRF), which is a pretty standard concept in crypto. Functions of a private key can produce a random outcome without exposing the key. The VRF ensures that the result can be trusted to be truly random: even malicious actors can’t inject bias into the result.”
“On Stegos, we use a VRF to produce a binary string at every macro block. If it leads with 10 zeros (a 1 in 1024 chance), the VSA is triggered and awarded to a single eligible validator.”
“A macro block occurs once every 60 blocks, and with an average block time of 8 seconds, this means the VSA will activate, on average, roughly once every six days. Another VRF is used to choose the winner from every participant who has been active throughout the entire cycle, with each node having an equal chance of winning. It’s a “cryptographic” lottery, because it uses a blockchain to passively build the award: kind of like a progressive jackpot from a slot machine. However, unlike a progressive jackpot, there is no entry fee or cost to participate: just remain an active staker!”
This provides a powerful incentive to run a node, yet being online 24/7 seems like a big ask for future users of the Stegos Mobile App with staking, due for release later this month.
Community manager and marketing advisor jeffthebaker confirmed this in Telegram, stating that “staking nodes become invalidated for VSA jackpot if they go offline during the duration of the cycle.”
GM: VSA is a powerful incentive in gPoS. But how effective can it be in incentivizing mobile stakers who will be disconnecting and reconnecting from the network frequently (e.g. driving through a tunnel), and therefor disqualifying themselves from the lottery?
JR: “This is something we’ve grappled with ourselves. We are shifting our strategy slightly, and instead plan to first offer exposure to staking and the VSA through staking pools that can be accessed through the app. This is more beneficial as the pools will remain online and can participate in the award. Mobile staking may be incorporated at a later time, but as you’ve identified, those who choose to utilize it likely won’t meet connectivity requirements for the VSA.”
“The VSA is still important: as we release lighter and lighter versions of our nodes that are able to stake, it’s crucial to incentivize people to run full nodes that are always online to promote network stability. The VSA is the perfect way to do this.”
Mobile staking will not be available on the launch of the mainnet. However, we are making it a priority to implement mobile staking as soon as possible. Mobile staking will drastically increases the number of validator nodes, increasing the resilience and throughput of the network. Combined with gPoS, this will help prevent the stagnation and centralization witnessed by many blockchain projects.
STEGOS -A Platform for Privacy Applications- 
GM: Can drastically increasing the number of validator nodes, especially to mobile devices, increase block propagation times and reduce transaction throughput? Are any possible downsides outweighed by benefits from increased decentralization and censorship resistance?
JR: “More nodes means more traffic, so in an extreme scenario this is a real concern. As of now, validators are restricted to 1,000 per epoch, which prevents any noticeable slowdown. Given the minimum staking of requirement of 50,000 STG, it would be very unlikely for this constraint to ever activate. The network improvements listed in our roadmap will reduce reliance on the Stegos seed nodes, improving network speeds and stability.”
“Once sharding is implemented, the network burden will be eliminated and the 1000 validator restriction will be lifted.”
Later this month Stegos will be releasing its mobile app. This will be a landmark event for the team and community.
Stegos has a strong focus on mobile privacy, and the app won’t only be a staking wallet. The mobile app will be the gateway to the App Store, to private messaging, and to the Stegos ecosystem.
Quoting from The Daily Hodl:
In the same capacity that an amount of tokens can be sent, users can similarly send messages, like Opal, alongside media, data, and whatever else. The team is looking to create a one-stop mobile app that will allow users to participate in encrypted, on-chain messaging, and interact with network dapps. This is only possible because the network is lightweight enough for smartphones to act as full nodes, which enables them to whichever functionalities are available for desktop alternatives.
The Daily Hodl 
The Stegos Privacy Platform
The Stegos Privacy Platform builds on top of our fast message bus (Section 4.6) and makes developing mobile privacy apps a breeze. The Stegos mobile app is the primary window to the platform. It integrates the trusted application container (TAC) with one-on-one and group chat as well as the Privacy App Store and red packet feature.
In designing its privacy platform, Stegos has taken inspiration from WeChat , the Chinese multi-purpose messaging, social media and mobile payment app with well over one billion daily users.
In fact the whitepaper mentions WeChat several times, and does so because of its shared vision:
The solution is clear: In order to thrive, blockchain platforms must emulate the mass appeal and usability of platforms such as WeChat and Facebook while maintaining strong privacy, anonymity, and decentralization.
The first step is getting the Mobile App released, and that’s happening at the end of the month.
The Stegos mobile app is the portal into the Stegos ecosystem and a showcase of the potential of our platform. The app integrates a wallet with a secure environment for running privacy-focused applications. In this way, Stegos can provide all the functionality of existing centralized multipurpose apps such as WeChat, but in a fully private and decentralized manner.
In the updated roadmap for 2020, we are presented with the vision for the privacy platform and app store. Apps themselves are not stored on the blockchain, but instead the manifests of those apps, together with hashes of the app bundle are stored on-chain.
The App Store will provide a searchable index of all those apps whose manifests have been uploaded to the blockchain. Users will also be able to “rate their usefulness.”
Users need a way to easily discover and install applications. The Stegos Privacy App Store will provide an on-chain mechanism to search and install privacy applications, developed to run in the TAC, as well as rate their usefulness.
GM: Will the Privacy App Store require active curation and moderation? Is there a danger that combating malicious code could prove too time-consuming and resource-intensive to be manageable?
JR: “Apps will be published to the Stegos blockchain, so they must follow the rules outlined by network consensus. Similarly to Ethereum dapps accessed through the likes of Metamask, you will interact with Stegos apps through the mobile application. Listing details for the apps will be parsed from the blockchain and displayed in the store. This same process allows users to provide feedback, reviews and warnings and developers to provide updates (defunct versions can be removed thanks to pruning).”
GM: Will developers have to publish a new app every time they push an update? How will users keep track of updates?
JR: “Initially, yes, but we plan to either build support for update checking, integrate with existing app stores, or both.”
Red packets are based on a wildly popular WeChat feature which is in turn based on the Chinese tradition of hongbao. The introduction of the Red Packet feature encouraged millions more users to sign up to WeChat, including revealing their personal banking details. Stegos intends to replicate the popularity of this feature without invading user privacy.
A shrewd move to include this feature, and it will help grow the community in a fun and inclusive way, and without compromising personal information.
All-in-all the Stegos Privacy Platform is hugely ambitious but has the advantage of emulating an already successful platform in WeChat.
A Brief History of Stegos
“Now, the Stegos mainnet is live, and encompasses the core privacy and scalability features necessary to deliver our ecosystem to the world. Other key developments like mobile staking nodes are right around the corner, which will make the various Stegos features easy-to-use for a global audience. The future is looking bright!”
Leader’s Speak : Joel Reymont, Lead Developer @ Stegos [Interview]
These are the spirited words of Joel Reymont, CEO of Stegos, taken from an interview published on Hackermoon last month.
Having served as CTO of Aeternity, disagreements over the project’s direction led to the launch of his own startup with an ICO. Emotiq was the result.
I knew that cryptocurrency was exactly where I needed to be, and I started my own project. Initially, I received $2 million from Aeternity investors. My startup was first introduced as Emotiq, and the project was marketed as yet another in an endless genre of “Ethereum killers”.
However, the markets turned sour, and a lack of direction or guiding values led to infighting from the team and a general lack of progress.
Confronted by this inauspicious start (“With a lack of direction, my work with Emotiq felt purposeless.”) Joel went on a retreat to reflect, and returned with a new purpose, and Emotiq became Stegos, with a focus on protecting user data, education and privacy.
In the interview Reymont mentions his roots in the Soviet Union, his abhorrence for the surveillance state, and its parallels to online surveillance. His extensive 25 years experience as a software developer coupled with his background in finance (Director of Prime Brokerage Technology at Deutsche Bank) and of course his time spent as CTO of Aeternity (AE) are also noteworthy.
In fact the entire team, as presented in the whitepaper, gather a remarkably diverse set of skills and experience. A range encompassing, but not limited to, distributed systems and database expertise, fintech, telecom and theoretical and observational astrophysics.
“David is literally a rocket scientist.”
GM: David McClain is a rocket scientist. Was he brought on board in preparation for a moon landing?
You don’t often see privacy coins with strategic partners. And you don’t often find privacy coins which aren’t forks of either ZCash or Monero. Yet Stegos is just such a coin.
Of the partners mentioned on the Stegos site, most are abstruse: Chinese entities which in many cases do not appear to even have websites. However, there exists one notable exception: HChain (Hive Chain Labs).
HChain is a blockchain research and investment firm. It is noteworthy due to its membership, comprising notable figures in the space, the best known of which is Erik Zhang, the brains behind NEO and Binance DEX.
GM: What can you tell us about your partners, especially HChain? What is the nature of your relationship with these companies?
JR: “HChain and other partners are mostly investors in Stegos, from our various funding rounds over the past two years. Stegos never held an ICO or anything similar.”
Project funds are running low. In the February interview Joel unequivocally states his commitment to the project for the foreseeable future. Not selling the crypto raised at ICO for fiat has been the greatest bear for the Stegos finances.
But tens of thousands of man hours were required to bring Stegos to mainnet, build a community around it, and develop additional features to aid adoption and utilization. This is where the funds were spent.
Fortunately they now have a product and a good exchange listing in Bithumb Global. More will be needed, but with the Mobile App, Joel and his team will finally be able to grow a community around a powerful set of lightweight privacy tools.
In the meantime, the mobile app, which will encompass full network perms including staking and on-chain messaging, is still due end of Q1. Beyond that, I’m going to give the community more control as to the further objectives- whether that be additional features like decentralized OTC markets or external services like additional exchange listings.
Huge efforts have gone into its design and code, and Stegos richly deserves more attention.
It is unique.
It was a pleasure to study the workings of such an original coin. With the imminent release of the mobile app containing so many great features ,it will not be long before others lift the hood on this technology.
Thanks to Joel Reymont and the Stegos team for taking time to answer so many questions.
Thanks to jeffthebaker for coordinating the interview.