A Traceability Analysis of Monero's Blockchain

Privacy and anonymity are important desiderata in the use of cryptocurrencies. Monero—a privacy centric cryptocurrency has rapidly gained popularity due to its unlinkability and untraceablity guarantees. It has a market capitalization of USD 290M. In this work, we quantify the efficacy of three attacks on Monero’s untraceability guarantee, which promises to make it hard to trace the origin of a received fund, by analyzing its blockchain data. To this end, we develop three attack routines and evaluate them on the Monero blockchain. Our results show that in 88% of cases, the origin of the funds can be easily determined with certainty. Moreover, we have compelling evidence that two of the attack routines also extend to Monero RingCTs—the second generation Monero that even hides the transaction amount. We further observe that over 98% of the results can in fact be obtained by a simple temporal analysis. In light of our findings, we discuss mitigations to strengthen Monero against these attacks. We shared our findings with the Monero development team and the general community. This has resulted into several discussions and proposals for fixes.

[1]  Fergal Reid,et al.  An Analysis of Anonymity in the Bitcoin System , 2011, PASSAT 2011.

[2]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[3]  Adam Mackenzie,et al.  MRL-0004 Improving Obfuscation in the CryptoNote Protocol , 2015 .

[4]  Shen Noether,et al.  Ring Confidential Transactions , 2016, Ledger.

[5]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[6]  Koutarou Suzuki,et al.  Traceable Ring Signature , 2007, Public Key Cryptography.

[7]  Adi Shamir,et al.  Quantitative Analysis of the Full Bitcoin Transaction Graph , 2013, Financial Cryptography.

[8]  Kevin Lee,et al.  An Empirical Analysis of Linkability in the Monero Blockchain , 2017, ArXiv.

[9]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[10]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[11]  Prateek Saxena,et al.  OblivP2P: An Oblivious Peer-to-Peer Content Sharing System , 2016, USENIX Security Symposium.

[12]  Nicolas van Saberhagen CryptoNote v 2.0 , 2013 .

[13]  Michael S. Kester,et al.  Bitcoin Transaction Graph Analysis , 2015, ArXiv.

[14]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[15]  Ethan Heilman,et al.  An Empirical Analysis of Traceability in the Monero Blockchain , 2017, Proc. Priv. Enhancing Technol..