Monero (/məˈnɛr/; XMR) is a decentralized cryptocurrency. It uses a public distributed ledger with privacy-enhancing technologies that obfuscate transactions to achieve anonymity and fungibility. Observers cannot decipher addresses trading monero, transaction amounts, address balances, or transaction histories.

Monero
Monero-Logo.svg
CodeXMR
Development
Original author(s)Nicolas van Saberhagen
White paper"CryptoNote v 2.0"
Initial release18 April 2014 (8 years ago) (2014-04-18)
Latest release0.17.2.3 / 1 September 2021 (8 months ago) (2021-09-01)
Development statusActive
Source modelOpen source
LicenseMIT License
Websitegetmonero.org
Ledger
Timestamping schemeProof-of-work
Hash functionRandomX
Block reward0.67 XMR
Block time2 minutes
Circulating supply~18,105,666
Supply limitUnlimited

The protocol is open source and based on CryptoNote, a concept described in a 2013 white paper authored by Nicolas van Saberhagen. The cryptography community used this concept to design Monero, and deployed its mainnet in 2014. Monero uses ring signatures, zero-knowledge proofs, "stealth addresses", and IP address obscuring methods to obfuscate transaction details. These features are baked into the protocol, though users can optionally share view keys for third party auditing. Transactions are validated through a miner network running RandomX, a proof of work algorithm. The algorithm issues new coins to miners, and was designed to be resistant to ASIC mining.

Monero has the third largest developer community among cryptocurrencies, behind bitcoin and Ethereum. Its privacy features have attracted cypherpunks and users desiring privacy measures not provided in other cryptocurrencies. It is increasingly used in illicit activities such as money laundering, darknet markets, ransomware, and cryptojacking.[citation needed] The United States Internal Revenue Service (IRS) has posted bounties for contractors that can develop monero tracing technologies.[1]

Background

Monero's roots can be traced back to CryptoNote, a cryptocurrency protocol first described in a white paper published by Nicolas van Saberhagen (presumed pseudonymous) in October 2013.[2] The author described privacy and anonymity as "the most important aspects of electronic cash" and called bitcoin's traceability a "critical flaw".[3] A Bitcointalk forum user "thankful_for_today" coded these ideas into a coin they dubbed BitMonero. Other forum users disagreed with thankful_for_today's direction for BitMonero, so forked it in 2014 to create monero.[2] Monero translates to coin in Esperanto,[2] and the Esperanto moneroj is sometimes used for plural.[4] Both van Saberhagen and thankful_for_today remain anonymous.[2]

Monero has the third largest community of developers, behind bitcoin and Ethereum.[3] The protocol's lead maintainer was previously South African developer Riccardo Spagni.[5] Much of the core development team chooses to remain anonymous.[6]

Privacy

 
Ring signatures create ambiguity in blockchain analysis
 
Marketing material distributed by the Monero community[7] promoting crypto-anarchism

Monero's key features are those around privacy and anonymity.[8][2][6] Even though it is a public and decentralized ledger, all transaction details are obfuscated.[9] This contrasts to bitcoin, where all transaction details, user addresses, and wallet balances are public and transparent.[2][6] These features have given Monero a loyal following among crypto anarchists, cypherpunks, and privacy advocates.[3]

The addresses of users sending Monero are protected through ring signatures, which groups a sender's address with other addresses.[2] Encryption of transaction amounts began in 2017 with the implementation of ring confidential transactions (RingCTs).[2][10] Developers also implemented a zero-knowledge proof method, "Bulletproofs", which guarantee a transaction occurred without revealing its value.[11] Monero recipients are protected through "stealth addresses", addresses generated by users to receive funds, but untraceable to an owner by a network observer.[2] These privacy features are enforced on the network by default,[2] though users have the option to share a private view key to permit third party auditing of their wallet,[12] or a transaction key to audit a transaction.[13]

Monero uses Dandelion++, a protocol which obscures the IP address of devices producing transactions. This is done through a method of transaction broadcast propagation; new transactions are initially passed to one node on Monero's peer-to-peer network, and a repeated probabilistic method is used to determine when the transaction should be sent to just one node or broadcast to many nodes in a process called flooding.[14][15][16] This method was motivated by the growing blockchain analysis market and the potential use of botnets for analysis.[16]

Efforts to trace transactions

In April 2017, researchers highlighted three major threats to Monero users' privacy. The first relies on leveraging the ring signature size of zero, and ability to see the output amounts. The second, "Leveraging Output Merging", involves tracking transactions where two outputs belong to the same user, such as when they send funds to themselves ("churning"). Finally, "Temporal Analysis", shows that predicting the right output in a ring signature could potentially be easier than previously thought.[17] The monero development team responded that they had already addressed the first concern with the introduction of RingCTs in January 2017, as well as mandating a minimum size of ring signatures in March 2016.[18] In 2018, researchers presented possible vulnerabilities in a paper titled "An Empirical Analysis of Traceability in the Monero Blockchain".[19] The monero team responded in March 2018.[20]

In September 2020, the United States Internal Revenue Service's criminal investigation division (IRS-CI), posted a $625,000 bounty for contractors who could develop tools to help trace Monero, other privacy-enhanced cryptocurrencies, the bitcoin Lightning Network, or other "layer 2" protocols.[1][3] The contract was awarded to blockchain analysis groups Chainalysis and Integra FEC.[3]

Mining

 
Monero GUI running on a remote node

Monero uses a proof of work algorithm, RandomX, to validate transactions. The method was introduced in November 2019 to replace the former algorithm CryptoNightR.[21][22] Both algorithms were designed to be resistant to ASIC mining, which is commonly used to mine other cryptocurrencies such as Bitcoin.[23][24] Monero can be mined somewhat efficiently on consumer grade hardware such as x86, x86-64, ARM and GPUs, a design decision which was based on Monero project's opposition to mining centralisation which ASIC mining creates,[25] but has also resulted in Monero's popularity among malware-based non-consensual miners.[26][27]

Illicit use

Monero's privacy features have made it popular for illicit purposes.[9][28][29]

Darknet markets

Monero is a common medium of exchange on darknet markets.[2] In August 2016, dark market AlphaBay permitted its vendors to start accepting Monero as an alternative to bitcoin.[2] The site was taken offline by law enforcement in 2017,[30] but it was relaunched in 2021 with monero as the sole permitted currency.[31] Reuters reported in 2019 that three of the five largest darknet markets accepted Monero, though bitcoin was still the most widely used form of payment in those markets.[9]

Mining malware

Hackers have embedded malware into websites and applications that hijack victim CPUs to mine Monero (sometimes called cryptojacking).[5][32] In late 2017, malware and antivirus service providers blocked Coinhive, a JavaScript implementation of a Monero miner that was embedded in websites and apps, in some cases by hackers. Coinhive generated the script as an alternative to advertisements; a website or app could embed it, and use website visitor's CPU to mine the cryptocurrency while the visitor is consuming the content of the webpage, with the site or app owner getting a percentage of the mined coins.[33] Some websites and apps did this without informing visitors, and some hackers implemented it in way that drained visitors' CPUs. As a result, the script was blocked by companies offering ad blocking subscription lists, antivirus services, and antimalware services.[34][32] Coinhive had been previously found hidden in Showtime-owned streaming platforms,[35] as well as Starbucks Wi-Fi hotspots in Argentina.[5][36] Researchers in 2018 found similar malware that mines Monero and sends it to Kim Il-sung University in North Korea.[37]

Ransomware

 
Ransomware deployed in 2021 by REvil. The hackers are demanding payment in Monero.[38]

Monero is sometimes used by ransomware groups. According to CNBC, in the first half of 2018, Monero was used in 44% of cryptocurrency ransomware attacks.[39]

One group behind the 2017 WannaCry ransomware attack, the Shadow Brokers, attempted to exchange the ransom they collected in bitcoin to Monero. Ars Technica and Fast Company reported that the exchange was successful,[40][5] but BBC News reported that the service the criminal attempted to use, ShapeShift, denied any such transfer.[41] The Shadow Brokers began accepting monero as payment later in 2017.[40]

In 2021, CNBC, the Financial Times, and Newsweek reported that demand for Monero was increasing following the recovery of a bitcoin ransom paid in the Colonial Pipeline cyber attack.[6][3][42] The May 2021 hack forced the pipeline to pay a $4.4M ransom in bitcoin, though a large portion was recovered by the United States federal government the following month.[42] The group behind the attack, DarkSide, normally requests payment in either bitcoin or Monero, but charge a 10-20% premium for payments made in bitcoin due to its increased traceability risk.[3] Ransomware group REvil removed the option of paying ransom in bitcoin in 2021, demanding only Monero.[3] Ransomware negotiators, groups that help victims pay ransoms, have contacted Monero developers to understand the technology.[3] Despite this, CNBC reported that bitcoin was still the currency of choice demanded in most ransomware attacks, as insurers refuse to pay Monero ransom payments because of traceability concerns.[6]

Regulatory responses

The attribution of Monero to illicit markets has influenced some exchanges to forgo listing it. This has made it more difficult for users to exchange Monero for fiat currencies or other cryptocurrencies.[6] Exchanges in South Korea and Australia have delisted Monero and other privacy coins due to regulatory pressure.[43]

In 2018, Europol and its director Rob Wainwright wrote that the year would see criminals shift from using bitcoin to using Monero, as well as Ethereum, dash, and zcash.[44] Bloomberg and CNN reported that this demand for Monero was because authorities were becoming better at monitoring the bitcoin blockchain.[45][44]

Publicity

  • After many online payment platforms shut down access for white nationalists following the Unite the Right rally in 2017, some of them, including Christopher Cantwell and Andrew Auernheimer ("weev"), started using and promoting Monero.[46][47]
  • In December 2017, The Monero team announced a partnership with 45 musicians and several online stores for Monero to be used as a form of payment for their merchandise.[5]
  • In November 2018, Bail Bloc released a mobile app that mines Monero to raise funds for low-income defendants who cannot otherwise cover their own bail.[48][49]

References

  1. ^ a b Franceschi-Bicchierai, Lorenzo (2020-09-12). "The IRS Wants to Buy Tools to Trace Privacy-Focused Cryptocurrency Monero Archived 2020-12-02 at the Wayback Machine". Motherboard. Retrieved 2020-12-17.
  2. ^ a b c d e f g h i j k l "Monero, the Drug Dealer's Cryptocurrency of Choice, Is on Fire". WIRED. Archived from the original on 10 December 2018. Retrieved 22 November 2017.
  3. ^ a b c d e f g h i Murphy, Hannah (22 June 2021). "Inside monero, emerging crypto of choice for cybercriminals". Financial Times. Retrieved 22 June 2021.{{cite web}}: CS1 maint: url-status (link)
  4. ^ "Moneropedia: Mnemonic Seed". getmonero.org, The Monero Project. Retrieved 25 August 2021.
  5. ^ a b c d e Melendez, Steven (18 December 2017). "Highly Anonymized Cryptocurrency Monero Peeks Out Of The Shadows". Fast Company. Retrieved 22 June 2021.
  6. ^ a b c d e f Sigalos, MacKenzie (13 June 2021). "Why some cyber criminals are ditching bitcoin for a cryptocurrency called monero". CNBC. Retrieved 22 June 2021.
  7. ^ "Press Kit". getmonero.org, The Monero Project. Retrieved 9 September 2021.
  8. ^ Hern, Alex (11 December 2017). "Missed the bitcoin boom? Five more baffling cryptocurrencies to blow your savings on". The Guardian. ISSN 0261-3077. Archived from the original on 15 December 2018. Retrieved 11 December 2018.
  9. ^ a b c Wilson, Tom (15 May 2019). "Explainer: 'Privacy coin' Monero offers near total anonymity". Reuters. Retrieved 11 June 2021.
  10. ^ "Bittercoin: true blockchain believers versus the trough of disillusionment". TechCrunch. Archived from the original on 20 December 2018. Retrieved 19 December 2018.
  11. ^ Alsalami, Nasser; Zhang, Bingsheng (2019). "SoK: A Systematic Study of Anonymity in Cryptocurrencies". 2019 IEEE Conference on Dependable and Secure Computing (DSC). pp. 1–6. doi:10.1109/DSC47296.2019.8937681.
  12. ^ "How to Verify Your Funds with a Private View Key". monero.how. Archived from the original on 9 March 2021. Retrieved 18 May 2021.
  13. ^ "How to Prove Payment". getmonero.org. Archived from the original on 18 May 2021. Retrieved 18 May 2021.
  14. ^ Bojja Venkatakrishnan, Shaileshh; Fanti, Giulia; Viswanath, Pramod (13 June 2017). "Dandelion: Redesigning the Bitcoin Network for Anonymity". Proceedings of the ACM on Measurement and Analysis of Computing Systems. 1 (1): 22:1–22:34. arXiv:1701.04439. doi:10.1145/3084459.
  15. ^ Fanti, Giulia; Venkatakrishnan, Shaileshh Bojja; Bakshi, Surya; Denby, Bradley; Bhargava, Shruti; Miller, Andrew; Viswanath, Pramod (13 June 2018). "Dandelion++: Lightweight Cryptocurrency Networking with Formal Anonymity Guarantees". Proceedings of the ACM on Measurement and Analysis of Computing Systems. 2 (2): 29:1–29:35. arXiv:1805.11060. doi:10.1145/3224424.
  16. ^ a b "Dandelion for Monero". www.monerooutreach.org. 3 March 2020. Archived from the original on 27 January 2021. Retrieved 8 May 2021.
  17. ^ Kumar, Amrit et al. (2017). "A Traceability Analysis of Monero's Blockchain Archived 2017-07-10 at the Wayback Machine". Cryptology ePrint Archive. Retrieved 2020-12-20.
  18. ^ "An Unofficial Response to 'An Empirical Analysis of Linkability in the Monero Blockchain' Archived 2020-11-24 at the Wayback Machine". GetMonero.org. Retrieved 2020-12-20.
  19. ^ Moser, Malte et al. (2018). "An Empirical Analysis of Traceability in the Monero Blockchain". Proceedings on Privacy Enhancing Technologies. 2018 (3): 143. doi:10.1515/popets-2018-0025.
  20. ^ "Response to "An Empirical Analysis of Traceability in the Monero Blockchain", Version 2 Archived 2021-01-24 at the Wayback Machine". GetMonero.org. Retrieved 2020-12-20.
  21. ^ "RandomX is a new Proof-of-Work (PoW) algorithm used where decentralisation matters". www.monerooutreach.org. 5 June 2019. Archived from the original on 13 August 2019. Retrieved 13 August 2019.
  22. ^ ErCiccione. "Monero 0.15.0.0 "Carbon Chamaeleon" released". Monero. Archived from the original on 8 December 2019. Retrieved 16 January 2020.
  23. ^ "How a few companies are bitcoining it". The Economist. 19 May 2018. ISSN 0013-0613. Archived from the original on 9 December 2018. Retrieved 11 December 2018.
  24. ^ Gibbs, Samuel (13 December 2017). "Billions of video site visitors unwittingly mine cryptocurrency as they watch". The Guardian. ISSN 0261-3077. Archived from the original on 13 November 2020. Retrieved 11 December 2018.
  25. ^ Oberhaus, Daniel. "What Is an ASIC Miner and Is It the Future of Cryptocurrency?". www.vice.com. Vice Media. Retrieved 8 January 2022.
  26. ^ Brandom, Russell (19 December 2017). "Backdoor coin-mining hacks are spreading as prices rise". The Verge. Archived from the original on 11 December 2018. Retrieved 11 December 2018.
  27. ^ Palmer, Danny. "Cyber attackers are cashing in on cryptocurrency mining - but here's why they're avoiding bitcoin". ZDNet. Archived from the original on 26 March 2019. Retrieved 11 December 2018.
  28. ^ Kshetri, Nir (2018). "Cryptocurrencies: Transparency Versus Privacy". Computer. IEEE Computer Society. 51 (11): 99–111. doi:10.1109/MC.2018.2876182.
  29. ^ "Meet Monero, the Currency Dark Net Dealers Hope Is More Anonymous Than Bitcoin". Motherboard. 23 August 2016. Archived from the original on 18 November 2018. Retrieved 18 November 2018.
  30. ^ Statt, Nick (14 July 2017). "Dark Web drug marketplace AlphaBay was shut down by law enforcement". The Verge. Vox Media. Archived from the original on 15 July 2017.
  31. ^ Greenberg, Andy (23 September 2021). "He Escaped the Dark Web's Biggest Bust. Now He's Back". Wired. Condé Nast Publications. Archived from the original on 23 September 2021.
  32. ^ a b Tung, Liam. "Android security: Coin miners show up in apps and sites to wear out your CPU | ZDNet". ZDNet. Archived from the original on 5 December 2017. Retrieved 22 November 2017.
  33. ^ Thomson, Iain (19 October 2017). "Stealth web crypto-cash miner Coinhive back to the drawing board as blockers move in". The Register. Archived from the original on 7 November 2017. Retrieved 3 November 2017.
  34. ^ Goodin, Dan (30 October 2017). "A surge of sites and apps are exhausting your CPU to mine cryptocurrency". Ars Technica. Archived from the original on 3 November 2017. Retrieved 3 November 2017.
  35. ^ "Showtime's Websites May Have Used Your CPU to Mine Cryptocoin While You Binged on Twin Peaks". Gizmodo. Retrieved 22 June 2021.
  36. ^ "Hackers Hijacked an Internet Provider to Mine Cryptocurrency with Laptops In Starbucks". www.vice.com. Retrieved 22 June 2021.
  37. ^ Kharpal, Arjun (9 January 2018). "Hackers have found a way to mine cryptocurrency and send it to North Korea". CNBC. Retrieved 22 June 2021.
  38. ^ Barrett, Brian (2 July 2021). "A New Kind of Ransomware Tsunami Hits Hundreds of Companies". WIRED. Archived from the original on 3 July 2021.
  39. ^ Rooney, Kate (7 June 2018). "$1.1 billion in cryptocurrency has been stolen this year, and it was apparently easy to do". CNBC. Archived from the original on 6 September 2018. Retrieved 6 September 2018.
  40. ^ a b Gallagher, Sean (4 August 2017). "Researchers say WannaCry operator moved bitcoins to "untraceable" Monero". Ars Technica. Retrieved 22 June 2021.
  41. ^ "Wannacry money laundering attempt thwarted". BBC News. 4 August 2017. Retrieved 22 June 2021.
  42. ^ a b Browne, Ed (15 June 2021). "Monero developer expects more criminal groups to use the crypto for ransoms". Newsweek. Retrieved 22 June 2021.{{cite web}}: CS1 maint: url-status (link)
  43. ^ Ikeda, Scott (2020-11-17). "South Korea's New Crypto AML Law Bans Trading of "Privacy Coins" (Monero, Zcash) Archived 2020-12-16 at the Wayback Machine". CPO magazine. Retrieved 2020-12-17.
  44. ^ a b Kottasová, Ivana (3 January 2018). "Bitcoin is too hot for criminals. They're using monero instead". CNNMoney. Retrieved 22 June 2021.
  45. ^ Kharif, Olga (2 January 2018). "The Criminal Underworld Is Dropping Bitcoin for Another Currency". Bloomberg. Archived from the original on 4 June 2021. Retrieved 4 June 2021.
  46. ^ Hayden, Michael Edison (27 March 2018). "White supremacists are investing in a cryptocurrency that promises to be completely untraceable". Newsweek. Archived from the original on 7 April 2019. Retrieved 6 September 2018.
  47. ^ Cox, Joseph (5 March 2018). "Neo-Nazis Turn to Privacy-Focused Cryptocurrency Monero". Motherboard. Archived from the original on 6 September 2018. Retrieved 6 September 2018.
  48. ^ "Mining cryptocurrency helps raise bail for those who can't | CBC Radio". CBC. Archived from the original on 28 September 2018. Retrieved 18 November 2018.
  49. ^ "You Can Now Mine Cryptocurrency to Bail People Out of Jail". Motherboard. 15 November 2017. Archived from the original on 18 November 2018. Retrieved 18 November 2018.

External links