Is there a cut and paste response we can give on threads for people who are looking for anonymity? There's one over on r/bitcoin now and some are recommending mixers--pointed out the single point of failure inherent with mixers, but don't have the technical expertise to explain why Monero is a better means to anonymity.
www.reddit.com/r/Bitcoin/comments/2gl4ua/quick_question_dont_upvote/I'll take a stab at it. I'll just take the whitepaper and try to cut out anything that isnt absolutely necessary for satisfying your request. Maybe we can bounce it around and crowd edit/redraft it. Ok so thats just a super rough draft. Please be tactful.
Monero in a nutshellInorder for an electronic cash to be private and anonymous it must satisfy two requirements. Untraceability: for each incoming transaction all possible senders are equiprobable. Unlinkability: for any two outgoing transactions it is impossible to prove they were sent to the same person.
Unfortunately, Bitcoin does not satisfy the untraceability requirement since all the transactions that take place between the network's participants are public. It is also suspected that Bitcoin does not satisfy the second property. A careful blockchain analysis may reveal connections between the users of the Bitcoin network and their transactions thus it fails the unlinkability requirement as well. We offer a solution that fully satisfies both untraceability and unlinkability conditions.
Inorder to satisfy the requirement of untracability, monero utilizes the concept of
one time ring signatures. After signing a transaction the user provides, for the purpose of verification, not his own single public key, but the keys of all of the members of a group of users. An observer is able to then verify that the real signer is a member of the group, but cannot exclusively identify the signer. So long as all of the other participants in your group are valid signatures, and linked to valid ring signature groups, and all of the participants in those transactions are valid and link back to still valid ring signature groups... ect all the way back to the genesis block, than no doublespend is possible because for each and every ring signature group in the signatures progeny there is an equal number of inputs and outputs. All of this is accomplished without any need for trust, without any denial of service attack vectors, and without the need for any form of centralization. All members of a ring signature group are equal.
Inorder to satisfy the requirement of unlinkability monero utilizes a scheme which allows a user to publish a single address from which, in addition to some random data from the sender, a one time use public keys may be derived. Hence, there is no such issue as "address reuse" by design and no observer can determine if any transactions were sent to a specific address or link two addresses together.