Monero Transactions Are Usually Not Anonymous Says New Study – Trustnodes

Monero Transactions Are Usually Not Anonymous Says New Study


A new paper by Andrew Miller, Arvind Narayanan, Malte Moser and Kevin Lee, researchers from the University of Illinois and Princeton University, concludes that 80% of monero transactions are linkable. The study says:

“Among all the prior outputs referenced by a Monero transaction input, the real one is usually the newest one (the one that was committed most recently in the blockchain).”

The currency tries to obfuscate transactions by using mixing. In this specific case, they display real previous transactions alongside the actual transaction. However, since monero’s blockchain largely operates like bitcoin’s blockchain, transactions are usually included in the latest block. That means, the real transaction is the one with the largest block-number from which a time stamp can be derived.

We, here at Trustnodes, reached the same conclusion last year after an in-depth analysis of the currency regarding its anonymity claim following a sudden surge in monero’s popularity. Back then, after analyzing a random transaction, we said:

“Exact times of when these transactions occurred are not shown, but we have a block number, we should be able to get a time, at which point it should be relatively easy to tell what exactly is going on.

We can say, for example, with a fairly high level of certainty, that the fourth public key is the actual input to the three xmr transaction. We know this because it is the latest transaction and thus has the highest block number of the other four (as it must due to basic logic and fundamentals). As such, we know exactly what address is sending what to where.”

Our investigative findings are now scientifically confirmed with the paper further analyzing other ways monero’s transactions can be linked in a manner that makes them, for privacy purposes, little different from bitcoin transactions.

That means the quest for anonymity continues. A promise long made, starting with bitcoin itself which initially marketed the currency as fully anonymous, then mixers which tried to do the same, then monero and others, like dash, with all of them found to be not really that anonymous.

The latest one to claim full anonymity is Zcash. This is a currency that took years of development and was launched by researchers from Johns Hopkins University, therefore has some credibility. However, a potential, though very unlikely de-anonymization vector, is known due to a necessary weakness in the so called initiation process.

When Zcash was launched, there was an initiation ceremony which requires that at least one key was destroyed. That means we cannot have complete certainty this ceremony was not exploited in some way, but most of the attack vectors appear far-fetched and unlikely.

Beyond that, the currency hasn’t yet gone through any hype sessions (except for when it was launched, but at that time anonymous transactions were not yet operational) to draw attention and more careful analysis of how its transactions are actually linked. That means we can’t quite be sure, yet in any event, that it is actually anonymous, as it has not provided much incentive for very intense scrutiny.

In any event, currencies like bitcoin and ethereum are not quite transparent. Even in default use, they are pseudo-anonymous as someone needs to know your address to know it is you who is transacting. Afterwards, deductions can be made regarding who sent what to who, but for small amounts of 1 or 10 btc, such deductions are not easy.

On top, there are mechanisms which can obfuscate transactions further, including mixing as well as interchanging them for other currencies, therefore bitcoin and eth usually retain privacy to a sufficient degree.

Comments (2)

  1. “As such, we know exactly what address is sending what to where.””
    Your report is wrong. block explorer doesn’t have addresses shown on blockchain. I suspect both you and the paper did little research into how Monero works and just assumed what you saw were addresses. Perfect distributions of mixins in were not the goal originally as anonymity is provided by stealth addresses which make any connections guessed or made on explorer useless. stealth addresses are generated for single one time only. Since all of the addresses are private and all tx are forced to use RingCT, your technical anonymity set who is doing the transactions is literally every account ever made. However, the distributions have been improved dramatically as well.

  2. Monero has offered several bounties over the years to anyone who can provide proof that X address sent n Monero to Y address

    They recently offered $1,100 worth of XMR, provided the address it was sent from and announced the amount of monero sent. Contest participants had to find the address where the 23 Monero landed and nobody submitted any results. They are now raising a significantly higher contest prize for the “monero tracking challenge #2”

    My money is on nobody solving this one either. Another side note, monero block explorer is not like bitcoin, the addresses you think your looking at are not what you think they are. You should do some more research into how monero works

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>