Monero Transactions Are Usually Not Anonymous Says New Study

A new paper by Andrew Miller, Arvind Narayanan, Malte Moser and Kevin Lee, researchers from the University of Illinois and Princeton University, concludes that 80% of monero transactions are linkable. The study says:

“Among all the prior outputs referenced by a Monero transaction input, the real one is usually the newest one (the one that was committed most recently in the blockchain).”

The currency tries to obfuscate transactions by using mixing. In this specific case, they display real previous transactions alongside the actual transaction. However, since monero’s blockchain largely operates like bitcoin’s blockchain, transactions are usually included in the latest block. That means, the real transaction is the one with the largest block-number from which a time stamp can be derived.

We, here at Trustnodes, reached the same conclusion last year after an in-depth analysis of the currency regarding its anonymity claim following a sudden surge in monero’s popularity. Back then, after analyzing a random transaction, we said:

“Exact times of when these transactions occurred are not shown, but we have a block number, we should be able to get a time, at which point it should be relatively easy to tell what exactly is going on.

We can say, for example, with a fairly high level of certainty, that the fourth public key is the actual input to the three xmr transaction. We know this because it is the latest transaction and thus has the highest block number of the other four (as it must due to basic logic and fundamentals). As such, we know exactly what address is sending what to where.”

Our investigative findings are now scientifically confirmed with the paper further analyzing other ways monero’s transactions can be linked in a manner that makes them, for privacy purposes, little different from bitcoin transactions.

That means the quest for anonymity continues. A promise long made, starting with bitcoin itself which initially marketed the currency as fully anonymous, then mixers which tried to do the same, then monero and others, like dash, with all of them found to be not really that anonymous.

The latest one to claim full anonymity is Zcash. This is a currency that took years of development and was launched by researchers from Johns Hopkins University, therefore has some credibility. However, a potential, though very unlikely de-anonymization vector, is known due to a necessary weakness in the so called initiation process.

When Zcash was launched, there was an initiation ceremony which requires that at least one key was destroyed. That means we cannot have complete certainty this ceremony was not exploited in some way, but most of the attack vectors appear far-fetched and unlikely.

Beyond that, the currency hasn’t yet gone through any hype sessions (except for when it was launched, but at that time anonymous transactions were not yet operational) to draw attention and more careful analysis of how its transactions are actually linked. That means we can’t quite be sure, yet in any event, that it is actually anonymous, as it has not provided much incentive for very intense scrutiny.

In any event, currencies like bitcoin and ethereum are not quite transparent. Even in default use, they are pseudo-anonymous as someone needs to know your address to know it is you who is transacting. Afterwards, deductions can be made regarding who sent what to who, but for small amounts of 1 or 10 btc, such deductions are not easy.

On top, there are mechanisms which can obfuscate transactions further, including mixing as well as interchanging them for other currencies, therefore bitcoin and eth usually retain privacy to a sufficient degree.