News

Transaction Privacy of Monero in Jeopardy Due to Several Flaws

Georgi Georgiev | Mar 29, 2018 | 04:00

---

Researchers from a broad collection of renowned institutions point to serious flaws in Monero’s privacy protections. The faults suggest that, while still better than Bitcoin, the privacy features of Monero are far from being the cloak of invisibility they might seem like.

Jeopardizing Privacy

Monero’s main designation is to mix up any given Monero “coin” with funds of random multiple users. The result is that anyone who’s scouring its blockchain won’t be able to link it to any identity or any previous transaction coming from the same source – in a nutshell.

However, researchers from MIT, Boston University, Carnegie Mellon, Princeton, and the University of Illinois at Urbana-Campaign recently published a paper pointing out at least two reasons for which Monero’s touted feature might not be as untraceable as it seems.

“Mixins are sampled from a distribution that does not resemble real spending behavior, and thus the real inputs can usually be identified,” reads the paper referring to one of the flaws in Monero’s blockchain. The paper continues:

In any mix of one real coin and a set of fake coins bundled up in a transaction, the real one is very likely to have been the most recent coin to have moved prior to that transaction.

A ‘mixin’ refers to the number of other signatures besides yours allocated in Monero’s ring signatures.

Going further, timing analysis has managed to correctly identify the “real coin more than 90 percent of the time,” which virtually nullifies the privacy safeguards of the blockchain.

It’s worth noting that Monero has since been updated and the chances of the successful identification of the real coin have been cut in half, using the same timing analysis method.

Causing Issues in Retrospect

The second flaw might be more alarming. As the paper points out:

Most Monero transaction inputs prior to February 2017 contain deducible mixins, and can be traced to prior transactions via analysis.

Coins that were used in transactions where the user opted out of privacy protection can be identified if later used as a mixin, which could then be used to identify other coins. The researchers also estimate that about 25% of the transactions carried out with Monero are for “illicit use.” And while the flaws don’t necessarily suggest that all of these transactions can be traced, they seriously undermine the security safeguards of the network.

Monero’s lead developer, Riccardo Spagni addressed the flaws, saying:

Privacy isn’t a thing you achieve, it’s a constant cat-and-mouse battle. There are steps we can take to continue to improve the sampling, but the reality is that this isn’t a solvable problem by just pecking away at it.

Do you think that the cited flaws undermine Monero’s security? Could the leading “private” coin be far less private than it seems? Let us know what you think in the comments below!

Images courtesy of Pexels, Bitcoinist archives, and Pixabay.