This is by no means a comprehensive analysis. This analysis misses the most major limitation with Monero's decoy based approach to transaction obfuscation: Eve-Alice-Eve attacks (also known as ABA attacks). It also misses an analysis of the possible insecurity of churning and a significant history of randomness implementation errors and flooding attacks specific to Monero. The exact consequences of some of these attacks remain an open question, but worthy of mention.

A simple and surprising limitation of Monero and any other decoy-based approach is that if you repeatedly withdraw money from one exchange and then deposit it to another, those transactions are not private (edit: even if we ignore payment value). This is a form of Eve-Alice-Eve attack.

Monero uses decoy transactions to obscure the transaction history on-chain, but it does not remove the history. There's a reason every other major privacy protocol (Zcash, Tornado Cash, Railgun, Aleo, Penumbra, etc.) does not use Monero's decoy-based approach, and even the Monero developers are moving to the standard zero-knowledge proof over an accumulator (IIRC a merkle tree like everyone else) based approach that they call Full Chain Anonymity Proofs.

As a meta-comment, this is one of a genre of Monero "privacy" analysis documents that are circulated as a way to claim there are no known actively used exploits. This is little better than the classic "my scheme is secure; here's a bounty for anyone who breaks it" form of cryptographic analysis we often see with flawed encryption schemes. Breaks will not always be public.

Fun fact: After some $330m of BTC were stolen last month, Monero spiked 40%+, presumably because the proceeds of that theft were laundered.

https://x.com/zachxbt/status/1916756932763046273

All I know is that if the government is trying to ban it, the tech probably works.

Great article, and I'm glad to see privacy being a focus in a cryptocurrency, but I would like to see some other sources that aren't also promoting the token.

That said, I do think it's got the brightest future of any coin besides BTC for the very reason.

The recent ByBit hack and subsequent takedown of the exchange that was used to convert the USDT and BTC to Monero essentially proves that XMR is private from even western governments.

What is the least amount of effort to setup a Monero address like a tip jar, deferring transfers and if necessary even checking the balance until setting up something more full-blown later?

I can’t find a date on this article. And this is exactly the type of content that needs a date.

I was interested to see some AI providers support crypto as their payment. I think we are entering a future where AI regulation puts more people on the darknet.

https://www.getmonero.org/2024/04/27/fcmps.html

After this is implemented, it will really strengthen its privacy. It will take a few years of development, iteration and planning. Move slow and... don't break things?

> Conclusion: Monero’s Privacy Remains Resilient

tl;dr every method from the private sector and the state has resulted in nothing, or an upgrade to the Monero network

for anyone interested in using Monero, consider using Feather Wallet. This wallet implements some better best practices than the community's wallet.

Feather Wallet does initial syncing over clearnet for speed, and then connects to TOR and then only connects to other nodes hosted over Onion network. So you aren't even needing to connect to exit nodes.

It also hides the root address which starts with 4, and only shows you subaddresses that starts with 8. I always felt it was important that nobody ever could distinguish between a root address and subaddress.

It ensures you don't re-use addresses, which is an ancient and still relevant best practice that most cryptocurrencies and wallet have avoided for user experience. Feather Wallet makes it easy though.

Timing attacks are still relevant. For anyone aiming to use Monero as merely a conduit, wait 1 week or 2 before moving funds out, and move them out in different denominations than you put in. (In comparison, if you put $50,000 of XMR in, and a couple ours later moved $50,000 of XMR out in one transaction, this could realistically deanonymize you.)

The more people using Monero for benign but equally as private purposes, the more it improves the utility of Monero for everyone.

I don't have a link but I vaguely recall some criminal being tracked down because they cashed out the exact same value of Monero they received for their crime in a single transaction. I believe this falls under item 1 in the article but the reference link does not even discuss Monero.

I am interested in any references to tracking Monero in criminal court cases. So far it seems to be one of the most effective ways to "keep getting away with it".

I work in applied cryptography and XMR is my preferred cryptocurrency.

Given EU is going to ban all privacy-preserving cryptocurrencies in 2027, what are the options for EU citizens?

If the US debt problem leads to capital controls, using Monero will become a federal offence overnight. Might as well call it money-laundering coin.

DERO could be an alternative with their full encryption of user balances and transactions