Every transaction on the Fuego network is private by default. You do not opt in to privacy — it is enforced at the protocol level for every send. Both the sender and the receiver remain anonymous, and the blockchain is designed to resist the kind of chain-analysis techniques that can de-anonymize users on transparent networks like Bitcoin. This is achieved through two complementary cryptographic mechanisms inherited from the CryptoNote protocol: ring signatures and stealth addresses.
Ring signatures
When you send XFG, your transaction does not simply reference your own outputs as the source of funds. Instead, the protocol bundles your real output with several other outputs from the blockchain — called “decoys” or “mixins” — and produces a ring signature that proves one member of the group authorized the transaction, without revealing which one.
The mixin level controls how many decoys are included alongside your real input:
| Setting | Mixin value | Decoys in ring |
|---|
| Minimum | 8 | 8 decoys + your output |
| Maximum | 18 | 18 decoys + your output |
A higher mixin value means more decoys in your ring signature, making it harder for an observer to identify your actual input. If privacy is a priority, use a mixin value closer to 18.
Stealth addresses (one-time addresses)
On transparent blockchains, every payment to an address is publicly visible. On Fuego, the sender derives a one-time address for each transaction using the recipient’s public keys and a random value. This one-time address appears on-chain and is different every time, even for payments to the same recipient. Only the recipient — using their private view key — can identify which outputs belong to them. No external observer can link two payments to the same wallet.
Sender and receiver anonymity
The combination of ring signatures and stealth addresses means:
- The sender is hidden among the ring members. An outside observer cannot tell which ring participant actually signed.
- The receiver is hidden behind a unique one-time address that cannot be linked back to their published wallet address.
- Transaction amounts are not publicly visible in the same way as on transparent chains, preventing balance inference.
Resistance to blockchain analysis
The Fuego blockchain is designed to be resistant to analysis. Because every transaction uses ring signatures and one-time addresses, standard chain-analysis heuristics — like clustering addresses by common inputs or tracing payment flows — do not apply. There are no IP-linked identities baked into the protocol, though your own network setup (VPN usage, Tor, etc.) determines how much your IP address is exposed when you broadcast transactions.
Encrypted on-chain messaging
Fuego also supports encrypted messages attached to transactions. These messages are stored on-chain but are readable only by the intended recipient, providing censorship-resistant communication without relying on any central messaging server.
What privacy does not cover
The protocol protects on-chain data. It does not protect information you expose off-chain — for example, sharing your address publicly, using an exchange that has your identity on file, or running a node without a VPN. The strength of your privacy depends on how you use the network, not just the protocol itself.