We love Monero. It’s our favorite and number one recommended cryptocurrency. However, it does not offer completely perfect anonymity under all circumstances because there are some vulnerabilities (which we will discuss one of in this article). We will discuss not only how this particular vulnerability works, but also what you can do to avoid it. You would get a lot out of subscribing for free to our new content by email, by Session messenger, via RSS feed, uncensored Ethereum push notifications, or on Nostr.
Ring Signatures
Monero’s privacy works by having many other random parties sign off on all transactions. This process called Ring signatures offers plausible deniability because you might not have sent the funds if it was really one of the other random signers. However, an adversary can still track the probability of funds originating from a particular wallet.
In order for Monero to be sent, the wallet that contains the funds must cryptographically “sign off” or approve of it with its private key. At the time of writing this article, Monero has a ring signature size of 16. This means that for a transaction to be sent and signed, the protocol signs it with the real sender and 15 other random participants’ outputs. This offers the real sender plausible deniability, since there’s only a 1 in 16 chance that he or she is true sender of the funds.
Colluding Adversaries
However, Monero’s privacy was meant to be for peer-to-peer trades and not on centralized “Know Your Customer” (KYC) exchanges. There is a huge issue if a user receives from and sends to colluding adversaries. And this problem gets worse if it’s done multiple times.
Let’s use a fictitious hypothetical example. Let’s suppose John wants to sell US flags in Iran, despite that doing so is illegal. He sells US flags anonymously online for Monero and cashes them out at a local KYC exchange cooperating with the Iranian government. Now this information alone isn’t enough to expose John, because the Monero could have come from any source, such as from the seller of Iranian approved flags.
However, John becomes vulnerable to being potentially identified through the blockchain should the Iranian government become a buyer of John’s US flags because they would see both the start and end destinations for the trail of funds. The potential flow of funds would go like this:
Government Buyer → John → KYC exchange
The first time this transaction happens, there’s a 1 in 16 probability that the Monero John is selling on the KYC exchange is originally from that Iranian government buyer’s wallet. But if the government continues to buy US flags from John on multiple occasions, each time that they do, it narrows down the probability that this flow of funds occurred from John purely by chance.
At some point, John would no longer be able to plausibly deny that he was the one selling US flags.
One way John could try to obscure this is to send funds to himself on a different wallet first, before going to the KYC exchange afterwards. Some people nickname this “churning.” While churning offers some limited protection for some time, ultimately after enough repeated transactions with the same buyer and KYC destination, it will suffer from the same probabilistic analysis.
How to Solve this Issue
There are a few different ways that this vulnerability in Monero can be solved. First John could avoid using KYC exchanges and cash out directly into real world items. For more about this, see our article on No KYC vendors that accept cryptocurrency here.
Another way John could keep his privacy is to swap Monero for Bitcoin or any other cryptocurrency before going to the exchange. These cross chain transactions facilitated by non-blockchain actors are impossible to track through probabilistic analysis without additional collusion on the part of the swapping parties.
IP addresses: Second vulnerability
There is another vulnerability of Monero in which your IP address can be tracked across multiple transactions by malicious nodes. This can be avoided by using your own node. We will discuss this further in a future article. Join the Monero community by subscribing for free to our new content by email, by Session messenger, via RSS feed, uncensored Ethereum push notifications, or on Nostr.
How We Can Help
Simplified Privacy does NOT offer custodial mixing services. We do offer free speech educational consultations, using publicly available knowledge, to teach you how to effectively use cryptocurrency on your own. Your personal consultation would be on easy to download and use apps like Signal, Session, Matrix, or XMPP.
We are unable to assist clients engaged in illegal activity in any country. All consultations are subject to our terms of service agreement.