Cryptocurrency Privacy Part 2: Monero (XMR)

If you haven’t read last week’s post on Bitcoin’s Privacy, I’d highly recommend starting there. In that post, we covered how Bitcoin (BTC) can seem like magical internet money that’s totally anonymous, but that really isn’t the case at all. Bitcoin uses blockchain to form a digital, decentralized, and public ledger which tracks all transactions ever made since the cryptocurrency’s inception. Since a specific private key corresponds directly to a specific BTC wallet, it is possible to have many different addresses and even to never use the same one twice. Though individual wallet addresses are anonymous in the sense that they do not directly link to a person’s identity, they can be linked to a specific entity via forensic accounting, effectively deanonymizing them.

Let’s stop for a second and ask the hypothetical question, “What if wallet addresses could be obfuscated somehow, effectively breaking the link between sender and receiver of a transaction?” This concept of “untraceability” would change things significantly, and, indeed it has. Monero was one of, if not the, first cryptocurrencies to focus on the delivery of transaction privacy as a main goal. With Monero, each user has a “public” address, to which other users can send XMR, in much the same way as BTC. This is where the similarities end.

When you send a transaction with BTC, it is written in the blockchain as a straight move of BTC from one wallet directly to another. When you send a transaction with XMR, your client actually sends the funds to a specially generated one-time use “stealth address”. This practice means that the sender’s address cannot be linked with the recipient’s address via XMR’s public blockchain. When the recipient boots up their Monero wallet, it will scan each transaction on the blockchain to determine if its “secret view key” can be used to decrypt any of the transactions. If a transaction can be decrypted with the wallet’s secret view key, then that transaction was destined for this wallet.

This is really neat tech, for sure, but it only solves one piece of the privacy puzzle. A sharp observer could still send precise amounts of XMR from one wallet to another then follow the trail of that transaction to possible determine wallet ownership. This is handled in Monero by way of transaction mixing, often referred to as “ring signatures” in Monero lingo. Transaction mixing is a method for moving XMR across different wallets which involves many different wallets each appearing to have sent a piece of the total transaction, with no method available to determine which wallet was the original source of the transaction. The number of other wallets included in the transaction is referred to as the “mixin level”, with higher mixin levels costing more per transaction due to the larger amount of processing necessary on the blockchain to facilitate them.

Again, that’s super neat tech, but it still leaves raw amounts posted on the blockchain for all to see, which could be a potential vulnerability. In 2017, Monero launched Ring Confidential Transactions, or “RingCT”, which expanded on the previous Ring Transactions model by adding a mathematical function to all fund numbers in order to allow the public to determine a transaction was genuine, but not what the sender’s address, recipient’s address, or transaction amount was. This securely locks the proverbial loophole surrounding public transaction amounts.

Monero’s next evolutionary step is to encrypt and conduct all its blockchain transactions across the Invisible Internet Project (I2P), which is a very strong internet system purpose built to defeat various methods of tracking its users. Though this technology is not live yet, it promises an entirely new layer of security for what is already a strong, privacy-focused cryptocurrency.

Stay safe out there!

— cdchris12

Leave a Reply