Monero, the most questioned cryptocurrency in the industry due to its high level of privacy, shows a vulnerability that can risk the privacy of users.
The developers of Monero (XMR)a whirlpool bath, cryptocurrency focused on protecting the privacy of users and one of the most questioned for this reason, it faces a vulnerability that can risk its level of anonymity and privacy. Through Twitter, the cryptocurrency developers reported a newly discovered error in their decoy algorithm, responsible for hiding the addresses and transactions made by users among a group of previous random transactions.
As they explain, if users spend the funds immediately after the blocking time in the first 2 blocks, approximately 20 minutes after receiving the funds, there is a high probability that the real transactions can be easily identified, regardless of the number of decoys created. . This is because Monero's decoy algorithm ignores recent outputs, so there is a probability of almost 0 that this algorithm will choose “extremely new” outputs as decoys, allowing observers to identify real transactions.
The bug was spotted in the current Monero wallet by software developer Justin Berman. Monero notes that this bug is quite significant and can significantly affect the privacy of transactions. However, the developers also explained that the error does not put the security of the funds at risk.
It may interest you: CipherTrace continues its quest to trace Monero
Monero and privacy in cryptocurrencies
The high technology developed by Monero allows it to provide its users with an extremely high level of privacy, anonymity and security, so much so that forensic analysis service companies in blockchain and several financial regulators have focused, without any success so far, on creating tools that break this level of privacy, considering it high risk.
Monero implements a privacy algorithm called Ring Signatures or signature rings, which hides the trace of transactions and the addresses involved in said transactions, mixing the address of an issuer among a group of addresses chosen at random.
Triptych, privacy improvements
At the end of 2020, Monero developers introduced a new version of their privacy algorithm, called Triptych, designed to expand the size of ring signatures logarithmically, so that the number of honeypots hiding addresses and transactions made by the sender grows to improve privacy.
However, despite these significant improvements in its algorithm, the error discovered allows other users or observers to identify real transactions among a group of newly created decoy transactions, in a period of approximately 20 minutes; although, as mentioned, the error does not affect the privacy of the addresses or the amounts involved in the transactions, nor does it affect the security of the funds.
Monero Recommendations
For users who want to protect their right to privacy, Monero developers recommend waiting at least 1 hour to move their funds, to mitigate the risk of being detected, while they develop a software update.
Currently, the team reported that it has begun working on the development of this new version of the wallet of Monero to patch the vulnerability found and continue to guarantee a high level of privacy for users.
Controversies over privacy
Monero is one of the few cryptocurrencies in the industry that truly guarantees user privacy, which is why it has become a challenge for regulators. In the opinion of some, the privacy and anonymity in this cryptocurrency transactions makes it easier for cybercriminals and malicious actors to carry out financial crimes and other illicit activities.
In September of last year, ciphertra by, United States Department of Homeland Security (DHS) and the Internal Revenue Service (IRS) They began working on creating a tool that allows XMR transactions to be tracked, to fight cases of financial crimes and other illicit activities. However, so far they have not been successful, while developers have focused on creating new tools to defend the security and right to privacy of users in their transactions.
Continue reading: Cybersecurity company Avast discovers malware that mines Monero through video games
