This week two potential flaws in Monero’s code suggested the blockchain-based cryptocurrency might’ve been traceable. Monero is a cryptocurrency built on the premise that cryptocurrency should be anonymous – completely anonymous – and as such, it depends on that anonymity to survive, and to retain value in the open marketplace VS Bitcoin and USDT. It would appear that these flaws might not matter as much as initially feared.
A new research paper was released this week that suggests Monero might not be as completely anonymous as its creators suggested. The research paper was written by researchers from Princeton, Carnegie Mellon, Boston University, MIT, and the University of Illinois at Urbana-Champaign. In said paper, Monero’s mixing of mixins in each transaction is under the microscope.
Before the paper was published, Monero’s mixing method showed a rather well-tested method of guessing the real coin in the bunch. As the real coin was almost always the coin that was moved most recently – just before the transaction – it was almost always a simple matter of seeking timing to guess. Since the paper was published, Monero coders updated their source code to reduce the chances of this sort of guesswork to 45%. At that range, the guesswork is again nullified.
The other relatively major flaw also had to do with mixins, and the opt-out feature Monero had at inception. Because Monero’s first release did not require mixins, tracing coins back to their non-mixin trades made for easy identification. Once one coin is identified, the rest of the card tower falls.
If one real coin is identified, it can potentially continue to be used as an identifier of other coins through the future. Even if that coin is used as a mixin, it can increase the chances that later transactions could be identified. In an interview with Wired, Monero core developer Riccardo Spagni suggested that the flaws weren’t as bad as they seemed.
“Privacy isn’t a thing you achieve, it’s a constant cat-and-mouse battle,” said Spagni. “There are steps we can take to continue to improve the sampling, but the reality is that this isn’t a solvable problem by just pecking away at it.”
You can read more about the research done this year in the paper “An Empirical Analysis of Traceability in the Monero Blockchain” as published by ARXIV, in Proceedings on Privacy Enhancing Technologies. This paper was authored by Malte Möser, Kyle Soska, Ethan Heilman, Kevin Lee, Henry Heffan, Shashvat Srivastava, Kyle Hogan, Jason Hennessey, Andrew Miller, Arvind Narayanan, and Nicolas Christin.