After its inception, Bitcoin’s first proper use-case came from the depths of the dark web, a sprawling cesspool of illegal and unregulated services. Its use as an untraceable medium of exchange for online criminal activity was popular, but while the blockchain doesn’t record any personal information, Bitcoin was still very much traceable.
As blockchain technology has become more widespread, blockchain security firms have started using more advanced ways of tracking cryptocurrencies. Bitcoin’s immutable nature means the addresses involved in every transaction are recorded permanently on the blockchain, and while mixers can sometimes be used to throw analysts off the trail, trackers are getting a lot better.
Privacy is a complicated topic in the cryptocurrency space. On the one hand, Bitcoin was created to overthrow the established centralized financial system, bringing power back to the people by enabling trustless transactions that cannot be censored. On the other, the established financial system presents market anomalies and criminal activity far more plainly.
Regulation is still leagues behind innovation in blockchain, and this gap has caused a lot of uncertainty and hindered development in the industry. However, the law has been able to clamp down on tracking Bitcoin transactions on the dark web.
What is Monero?
The beauty of open-source software is that anyone can contribute to development, help fix bugs, and even fork the codebase. In 2014, the Bytecoin project was forked to create BitMonero, a compound of Bitcoin and Monero, which means ‘coin’ in the international auxiliary language, Esperanto. While BitMonero didn’t receive the response it expected, the project was soon taken over by the community and has developed into the Monero we know and love today.
The CryptoNote-based open-source protocol uses an obfuscated public ledger, allowing any participant to send, receive, or otherwise broadcast transactions without letting outside observers know more information about the transaction’s source, destination, or amount. While security firms like CipherTrace have been finding new ways around Monero’s privacy-enabling features, through updates and more recent implementations, XMR has managed to remain the top dog in the privacy coin game, and for a good reason.
The Invisible Network
Anonymity of Monero
Launched in 2014, Monero operates around the concept of user privacy. In general, blockchains publicly store transaction data, but Monero’s blockchain is intentionally less transparent. By disguising participant addresses, transactions can be made by anyone on the network without being visible to external observers.
Monero’s mining process
Besides anonymity, Monero’s mining process is also relatively egalitarian. Unlike most projects, Monero’s developers did not keep any stake of the supply for themselves, banking on contributions from community members and other network participants to develop the platform.
Between January 2020 and 2021, Monero’s market capitalization grew by nearly 140%, from $1.14 billion last year to $2.8 billion today. Monero allows senders to blur the exact addresses that sent or received transactions using a combination of ring signatures, stealth addresses, and other privacy-focused features.
Ring signatures convey which group of members signed a transaction but obscures the exact addresses involved within it. These signatures are generated using a combination of the sender’s address and other public keys in the ring, making it computationally impractical to figure out who among them did it.
Stealth addresses bring additional privacy by utilizing randomly generated one-time addresses created on behalf of the recipient. This conceals the transaction’s destination and hides the identity of the person receiving the tokens.
Additionally, RingCT, or Ring Confidential Transactions, enables hiding the amount being sent or received. This feature was added in 2017 and made mandatory for all executed transactions on Monero. While cryptocurrencies were being used less and less for criminal activity, Monero’s dedication to its core focus — privacy — places it above all competing privacy tokens in the blockchain space.
Monero’s rampant growth in 2016 was driven mainly by its use on darknet markets, and various exchanges have delisted the token from their platforms to comply with global financial regulations. In June 2019, the Financial Action Task Force (FATF) published the ‘Travel Rule,’ which established that cryptocurrency exchanges needed to provide KYC information on all transactions taking place on their platform.
Since Monero was fundamentally built on hiding this information, exchanges were forced to delist the coin. However, supporting privacy-focused cryptocurrencies and complying with regulatory requirements aren’t mutually exclusive, and exchanges like Bittrex have even delisted the token for undisclosed reasons. The benefits of privacy coins are substantially higher than its risks, and existing anti-money laundering efforts and regulations adequately cover those risks.
Over the years, Monero has mostly been used by people hodling other cryptocurrencies to break the link between two addresses in a transaction. While other privacy coins like Dash and Zcash are significantly less anonymous, succumbing to regulatory requirements over the years, Monero is practically untouchable and could become far more used in the years to come, even if we don’t get to know about it.
The Cost of Anonymity
Possibly the most dangerous threat to your assets’ security is something no amount of programming or consensus can protect against. Smart investors don’t brag about their holdings, and it takes a reserved tongue to prevent the infamous ‘$5 Wrench Attack.’ Monero holders are proponents of privacy, and while the network is secure enough to protect your assets in most cases, it’s best to keep information on your holdings to yourself.
Privacy fuels Monero’s rapid development, but it also coughs up a few challenges. For one, its pursuit of privacy and non-traceability has made it the ideal currency to transact on darknet markets, promoting an unregulated form of business that could even impact national economies in the long-run. With how traceable Bitcoin has practically become, Monero’s existence is incentive enough for darknet markets to survive, especially considering how lackluster other privacy offerings in the space are.
According to CNBC reports, hackers have created malicious software to infect computers to mine Monero and send it to North Korea, providing funding to a country that is at war with the rest of the world. This is cause for concern, but with how easily Monero evades law enforcement, XMR remains outside of governmental control.
In 2017, the global WannaCry ransomware attack promptly converted their proceeds into Monero. Later that year, the group that leaked WannaCry’s code also started accepting payments in XMR. In the first half of 2018, Monero was used in 44% of ransomware attacks that demanded cryptocurrency.
Monero gets a lot of bad rep for its use in criminal circles, but the community is actually far less malicious users and more concerned citizens. And while XMR is near impossible to trace, it doesn’t always lend itself to the perfect crime.
In 2018, over $530 million in NEM tokens were stolen from Coincheck, but analysts at Bloomberg suggested the attackers would find it challenging to launder the money using Monero due to exchanges blocking NEM addresses associated with the theft. XMR has also been used to create some incredible systems, like the mobile app Bail Bloc, which mines Monero to raise funds for low-income defendants to afford bail.
Unlike other privacy coins like Dash and Zcash, Monero enforces privacy by default. Using different complementary technologies, Monero achieves both anonymity and fungibility. Monero’s RingCT makes transactions untraceable by showing there could be multiple potential senders for a given transaction.
Its one-time stealth addresses make it impossible to prove that multiple transactions were sent to an address. Using the Dual-Key Stealth Address Protocol, stealth addresses are generated by the sender on the recipient’s behalf using two pieces of information. The first is a shared secret derived from the Elliptic Curve Diffie-Hellman (ECDH) key agreement, and the second is the public key of the recipient actively scanning the blockchain for an intended transaction.
In November 2018, Monero implemented a non-interactive zero-knowledge proof (NIZKP) protocol to replace the ring signatures used in RingCT’s range proofs. These ‘bulletproofs’ considerably scaled down the size of transactions, resulting in much faster validation and lower transaction fees.
In October 2020, Monero underwent a network upgrade introducing its latest ring construction, CLSAG (Concise Linkable Ring Signatures and Forgery Against Adversarial Keys). Despite being a mouthful, the upgrade further reduced transaction sizes, improving network speed and improving XMR’s untraceability. As analysts and network security specialists keep finding ways to track private cryptocurrencies, Monero continues to loop around their tricks.
Privacy Paranoid On Monero
Monero has drawn the attention of financial regulators worldwide, targeting its money laundering capabilities and the use of the privacy-enabled cryptocurrency in criminal activity. Though it’s impossible to stop a truly decentralized system, especially one that hides itself so well, exchanges in various countries like Australia and South Korea have wholly delisted privacy coins, including XMR, from regulatory pressure.
Monero practically offers complete anonymity. In early 2020, Europol analyst, Jerek Jakubcek, stated that XMR was completely untraceable when routed using an onion network. Despite other privacy coins out there, Monero seems to be the only one regulators are worried about.
Security firm CipherTrace announced in August 2020 that they had designed the world’s first Monero tracking tool. They had purportedly developed the system in collaboration with the United States Department of Homeland Security, sparking a lot of debate and discussion within the Monero community about how the tool functioned.
CipherTrace claimed their patents would lay the groundwork for a future ‘entity transaction clustering’ implementation and could provide exchange attribution and wallet identification tools to help investigate criminal activity further. They also said that it could provide visual tools to trace stolen Monero, information about transactions routed through third-party nodes, and more.
During a discussion on the tool held online, Monero Research Lab researcher, Sarang Noether, questioned the math behind CipherTrace’s claims of tracing the token and stated that the metrics proposed seemed rather subjective. Soon after, the Monero development team announced the development of a new algorithm, Triptych, which would render CipherTrace’s tool obsolete.
With development ongoing for the proposed Triptych algorithm, Monero is dominating the privacy sector in the blockchain space with a market capitalization greater than Dash, Zcash, DigiByte, and Verge — its four closest competitors — combined. With so many privacy coins dropping in and out of relevance, Monero has continued to trudge forward with its original, bold vision.
Monero has regulators and financial watchdogs on its toes, and this feud between anonymity and regulation could escalate to new heights in the coming months and years. With a community as laser-focused on privacy and a development team this dedicated to its goal, the future of private payments is quite transparent.