Zero to Monero

Zero to Monero (v2.0.0) is the canonical technical reference for understanding how Monero actually works — written by Koe with contributions from Sarang Noether, Justin Berman, and other Monero Research Lab members. Free PDF, ~250 pages, hosted on getmonero.org as the project's official deep-dive document.

What it is: a rigorous, self-contained walkthrough of Monero's cryptographic stack — RingCT, ring signatures (CLSAG), stealth addresses, Pedersen commitments, bulletproofs, the dual-key stealth address scheme, view keys, transaction construction, mempool behavior, hard-fork history. The book is mathematically rigorous but pedagogically structured: every concept builds on prior ones, every primitive is motivated before introduced, every protocol step is justified before specified.

What it isn't: not a 'getting started with Monero' guide. Not a wallet tutorial. Not a price speculation document. If you want 'how do I send my first XMR' read Mastering Monero (Serhack) instead. Zero to Monero assumes you can read mathematical notation, follow elliptic-curve operations, and want to understand WHY the protocol makes the choices it does.

Why it earns A grade in /educational:

• Author credentials: Koe is a long-time MRL researcher; Sarang Noether is the architect of bulletproofs and a co-author of CLSAG; Justin Berman is also from MRL. This isn't third-party explanation, it's primary-source material from the people who designed and reviewed the protocol.
• Open source: source repository at `github.com/UkoeHB/Monero-RCT-report` (the project name reflects v1's narrower RCT focus; v2 expanded coverage). Anyone can audit the explanations, file errata, contribute.
• Free: no purchase, no signup, no email required. PDF served directly from the official Monero website. Distribution friction is zero.
• Maintained: v2.0.0 reflects the major rewrite that brought it current with CLSAG (2020), Bulletproofs+ (2022), and the view-tag protocol changes. Earlier versions (v1.0.0, v1.x) are still floating around in cached form — make sure you're reading v2.0.0 unless you have a specific reason to study the older RCT design.

What you actually learn: by chapter end you can answer questions like 'why does Monero use ring signatures instead of zk-SNARKs', 'how does a view key let you scan for incoming transactions without being able to spend them', 'what's the difference between the deposit address and the stealth address that actually gets written to the chain', 'why does the protocol require 16 decoys per ring not 8 or 32'. The book treats every design choice as a tradeoff to justify, not a magic incantation to accept.

Useful when you're a developer integrating Monero (you'll need to understand subaddress derivation, view-key APIs, mempool semantics), OR you're a security researcher wanting to audit the protocol claims, OR you're an advanced user trying to evaluate post-quantum migration arguments or Seraphis transition proposals on their merits, OR you're learning cryptography and want a real-world large-scale protocol case study.

Reading order in the /educational stack:

1. Mastering Monero (Serhack, free PDF) — start here if you're new to Monero. Conceptual + non-technical. 2. Breaking Monero (Justin Ehrenhofer YouTube series) — the threat-model and historical-attack education layer. Watch in parallel with reading. 3. Zero to Monero v2 — the deep technical layer. Read after the above so you have the conceptual scaffolding for the math. 4. Monero Research Lab papers (MRL technical notes on getmonero.org/library) — for current research frontier (Seraphis, FCMPs, etc.) after you've finished ZtM.

Caveats:

• Dense reading. Budget 30+ hours for a careful first pass; faster on re-read.
• Math notation assumes comfort with elliptic curves, modular arithmetic, group theory basics. The book reviews concepts but doesn't teach them from scratch.
• v2.0.0 is current as of late 2022/2023; subsequent protocol changes (e.g. mandatory view-tag adoption, ring-size-16 transition) are documented in MRL notes rather than book updates.

Verdict: if you're going to take Monero seriously as a developer, researcher, auditor, or principled long-term holder, Zero to Monero is the document to read. It's free, official, written by the people who built the thing, and the only material at its depth that's also at its accessibility. The fact that Monero ships its own self-documentation at this quality is itself one of the strongest signals about the project's culture.