Monero to Emergency PoW Hardfork Over ASICs, Its Privacy on Trial

0

A coin focused on privacy that seemingly has Edward Snowden as a fan, appears to be facing some disquieting times over a big decision the Monero community has to face on April 6th 2018.

“We strongly believe that it’s beneficial to preserve our ASIC resistance. Therefore, we will perform an emergency hard fork to curb any potential threat from ASICs if needed.

Furthermore, in order to maintain its goal of decentralization and to provide a deterrent for ASIC development and to protect against unknown or undetectable ASIC development, the Monero team proposes modifying the Cryptonight PoW hash every scheduled fork.”

Thus suddenly announced the Monero project in a fairly quick response to Bitmain’s announcement they were soon to ship¬†application-specific integrated circuits (ASICs).

The fork is to occur in just days on April the 6th and was generally planned, but the Proof of Work (PoW) change was a new addition, with the hardfork client now released.

Monero’s mining is designed to work primarily on CPUs, allowing for such functionalities as mining XMR through your website, as Salon seems to be doing.

ASICs would make that impossible and can further provide added security by protecting against CPU farms better known as botnets where an army of computers is hijacked under the command of one individual or group.

But ASICs also have the ability to increase mining centralization into the hands of very few, at least in the short and medium term.

The Monero project has come out against them, but there appears to be a division, with some leaders of sorts in their community resorting to censorship.

Around two months ago, a Monero fork project called MoneroV came out with the aim of chain-split forking the currency on April 30th.

They say HitBTC will list them, so it appears they will have a market. Something that for any other somewhat small coin like Monero would be a non event as the ecosystem more widely is now used to such chain-split forks.

What usually happens, and is planned in Monero’s case too, is that the blockchain basically splits into two chains, both having their own nodes, miners, while both share the exact same amount of holders.

In the case of MoneroV, everyone who holds the private keys of Monero gets 10x MoneroV, thus 10 XMV for each XMR.

Free money, holders might have shouted in other coins, but for Monero it has seemingly revealed a fundamental flaw or benefit depending on your view, because the currency can not chain-split fork without undermining privacy.

“Using your keys to spend the same outputs twice on different forked blockchains will damage your privacy, and others’, as both spends will bear the same key image, but different rings, with only your spent output in common (this does not impact stealth addresses nor confidential transactions, just ring signatures),” the Monero project says.

To simplify, Monero uses a built-in mixer to obfuscate transactions by bundling many transactions together in such a way you can’t easily tell who is paying who and how much.

The monero devs are however saying that if you do claim XMV, you might reveal not only your transaction, bust also those of others as the bundle becomes less of a bundle, so potentially allowing for easy connections of what address sent what to who.

It is probable most Monero holders are just profit motivated investors, traders or speculators, so it’s unclear just how much they care about privacy.

That potentially makes the design a problem in itself because apparently a number of somewhat small exchanges will provide XMR holders with XMV.

But taking the other extreme in assuming all Monero holders so strongly value privacy they won’t ever touch another chain-split XMR coin, then that says the project in effect can not be forked.

In such instances there can be significant implications because the owner of Monero’s github, which as far as we are aware can only be one person, in effect single-handedly decides what goes into the client.

If many disagree with whatever decision, but some don’t, then the Monero holders would have to choose between privacy or whatever they might see as the wrong decision.

In effect, at a practical level, the overall design seems to suggest the attack vector against Monero’s privacy features is not 51%, but potentially as low as 5% or whatever is the level needed for the chain-split coins to deobfuscate.

That being 5% of transactions or users rather than miners as in a chain-split fork miners almost don’t matter at all, especially when it’s primarily reliant on CPU mining which can easily be sybiled.

If that is indeed the case, and of course we’ll leave full studies to academics, then the threshold does appear to be so low that if Monero does really become the DarkNet currency where billions are traded, even a small agency could potentially deobfuscate.

 

Leave a Reply

Be the First to Comment!

100000
  Subscribe  
Notify of