Skip to main content

A Traceability Analysis of Monero’s Blockchain

Part of the Lecture Notes in Computer Science book series (LNSC,volume 10493)

Abstract

Privacy and anonymity are important desiderata in the use of cryptocurrencies. Monero—a privacy centric cryptocurrency has rapidly gained popularity due to its unlinkability and untraceablity guarantees. It has a market capitalization of USD 290M. In this work, we quantify the efficacy of three attacks on Monero’s untraceability guarantee, which promises to make it hard to trace the origin of a received fund, by analyzing its blockchain data. To this end, we develop three attack routines and evaluate them on the Monero blockchain. Our results show that in 88% of cases, the origin of the funds can be easily determined with certainty. Moreover, we have compelling evidence that two of the attack routines also extend to Monero RingCTs—the second generation Monero that even hides the transaction amount. We further observe that over 98% of the results can in fact be obtained by a simple temporal analysis. In light of our findings, we discuss mitigations to strengthen Monero against these attacks. We shared our findings with the Monero development team and the general community. This has resulted into several discussions and proposals for fixes.

Keywords

  • Monero
  • Cryptocurrency
  • Blockchain
  • Traceability
  • Anonymity

This is a preview of subscription content, access via your institution.

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.
Fig. 9.
Fig. 10.
Fig. 11.

Notes

  1. 1.

    Transactions that do not create any new coin. The opposite of coinbase transactions that create new coins.

  2. 2.

    Height is defined as the number of blocks preceding a particular block on the blockchain.

References

  1. Ben-Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, 18–21 May 2014, pp. 459–474 (2014)

    Google Scholar 

  2. Meet the Best Performing Digital Currency of 2016: Monero. http://bit.ly/2pVnaJb. Accessed 22 Apr 2017

  3. Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology: Proceedings of CRYPTO 1982, Santa Barbara, California, USA, 23–25 August 1982, pp. 199–203. Plenum Press, New York (1982)

    Google Scholar 

  4. Dash (2017). https://www.dash.org/. Accessed 7 Apr 2017

  5. https://www.cryptonator.com/rates/XMR-USD. Accessed 23 Feb 2017

  6. Fleder, M., Kester, M.S., Pillai, S.: Bitcoin transaction graph analysis (2015). CoRR abs/1502.01657

    Google Scholar 

  7. Fujisaki, E., Suzuki, K.: Traceable ring signature. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 181–200. Springer, Heidelberg (2007). doi:10.1007/978-3-540-71677-8_13

    CrossRef  Google Scholar 

  8. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)

    MathSciNet  CrossRef  MATH  Google Scholar 

  9. Jedusor, T.E.: Mimblewimble (2016). Accessed 7 Apr 2017. https://download.wpsoftware.net/bitcoin/wizardry/mimblewimble.txt

  10. Jia, Y., Moataz, T., Tople, S., Saxena, P.: OblivP2P: an oblivious peer-to-peer content sharing system. In: 25th USENIX Security Symposium, USENIX Security 2016, Austin, TX, USA, 10–12 August 2016, pp. 945–962 (2016)

    Google Scholar 

  11. Mackenzie, A., Noether, S., Monero Core Team: Improving obfuscation in the CryptoNote protocol. Research Bulletin MRL-0004, Monero Research Lab, January 2015

    Google Scholar 

  12. https://coinmarketcap.com/currencies/monero/. Accessed 22 Apr 2017

  13. Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G.M., Savage, S.: A fistful of bitcoins: characterizing payments among men with no names. In: Proceedings of the 2013 Internet Measurement Conference, IMC 2013, Barcelona, Spain, 23–25 October 2013, pp. 127–140. ACM (2013)

    Google Scholar 

  14. Miller, A., Moeser, M., Lee, K., Narayanan, A.: An Empirical Analysis of Linkability in the Monero Blockchain (2017). https://arxiv.org/abs/1704.04299

  15. https://getmonero.org/knowledge-base/developer-guides/wallet-rpc. Accessed 22 Apr 2017

  16. Noether, S., Mackenzie, A.: Monero research lab: ring confidential transactions. Ledger 1, 1–18 (2016)

    CrossRef  Google Scholar 

  17. Noether, S., Noether, S., Mackenzie, A.: A note on chain reactions in traceability in CryptoNote 2.0. Research Bulletin MRL-0001, Monero Research Lab, September 2014

    Google Scholar 

  18. Poloniex. https://poloniex.com. Accessed 22 Apr 2017

  19. Reid, F., Harrigan, M.: An analysis of anonymity in the bitcoin system. In: 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third International Conference on Social Computing (SocialCom), PASSAT/SocialCom 2011, Boston, MA, USA, 9–11 October 2011, pp. 1318–1326. IEEE (2011)

    Google Scholar 

  20. Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001). doi:10.1007/3-540-45682-1_32

    CrossRef  Google Scholar 

  21. Ron, D., Shamir, A.: Quantitative analysis of the full bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39884-1_2

    CrossRef  Google Scholar 

  22. van Saberhagen, N.: CryptoNote v2.0. Technical report, CryptoNote, October 2013

    Google Scholar 

  23. https://github.com/monero-project/monero/commit/f2e8348be0c91c903e68ef582cee687c52411722. Accessed 14 Apr 2017

  24. Zerocoin Electric Coin Company: Zcash (2017). https://z.cash/. Accessed 7 Apr 2017

Download references

Acknowledgements

Authors would like to thank the anonymous reviewers for their feedback. Amrit Kumar was supported by the research grants R-252-000-560-112 and R-252-000-565-720 from MOE Singapore.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Amrit Kumar .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Kumar, A., Fischer, C., Tople, S., Saxena, P. (2017). A Traceability Analysis of Monero’s Blockchain. In: Foley, S., Gollmann, D., Snekkenes, E. (eds) Computer Security – ESORICS 2017. ESORICS 2017. Lecture Notes in Computer Science(), vol 10493. Springer, Cham. https://doi.org/10.1007/978-3-319-66399-9_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-66399-9_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-66398-2

  • Online ISBN: 978-3-319-66399-9

  • eBook Packages: Computer ScienceComputer Science (R0)