Monero (XMR) is an open-source, peer-to-peer cryptocurrency launched in 2014 that prioritizes privacy by default. Its opaque blockchain conceals sender and recipient identities and transaction amounts using features like ring signatures, stealth addresses, and RingCT. ^{[1] [2]}

Overview

Monero is a privacy-centric cryptocurrency designed to ensure complete anonymity in digital transactions. Unlike transparent blockchains such as Bitcoin and Ethereum, Monero obscures the identities of senders and recipients and hides transaction amounts using technologies like ring signatures, stealth addresses, and RingCT (Ring Confidential Transactions). Every transaction is private by default, making Monero a rare example of a fully anonymous decentralized cryptocurrency. It runs on a proof-of-work consensus mechanism optimized with RandomX, which favors CPU mining and resists ASIC dominance, supporting a more decentralized and accessible network.

Monero employs features like bulletproofs to reduce transaction sizes and fees and enhance efficiency and scalability. It also offers tools like P2Pool for decentralized and smart mining, enabling low-impact background mining on regular devices. These design choices collectively make Monero a secure, energy-efficient alternative for anonymous digital payments. Unlike Bitcoin, which is transparent and heavily reliant on mining hardware, or Ethereum, which is oriented toward smart contracts and decentralized apps, Monero is built specifically for untraceable, private financial transactions. ^{[19] [29]}

History

Monero is a cryptocurrency that originated from Bytecoin, an application layer protocol created to address issues with Bitcoin, such as traceability, mining centralization, and irregular coin emission. Bytecoin was launched in March 2014 and subsequently forked by a Bitcointalk forum user known as thankful_for_today. This resulted in the new project BitMonero (coined from Bitcoin and Monero), with Monero meaning "coin" in Esperanto. ^[3]

The release of BitMonero was met with substantial criticism from the initial community backing it, resulting in a fork of the project to create Monero. Seven community members, led by Fluffypony (Riccardo Spagni), formed the first Monero Core team and launched the project in April 2014 without any premine. ^[3]

In December 2019, Riccardo Spagni, Monero's lead maintainer, stepped down from the project to decentralize it further. ^[16]

"I'm stepping back as lead maintainer, but continuing on as a maintainer, to further decentralise the project. I've been talking about doing this for two years, since I stepped back as lead maintainer on the Monero website and Monero GUI projects, so it should come as no surprise." - Riccardo Spagni told DeCrypt ^[16]

Technology

Privacy on Monero

Monero offers more privacy and anonymity than Bitcoin, as transaction details, user addresses, and wallet balances are encrypted. This has resulted in the cryptocurrency gaining a strong following among crypto-anarchists, cypherpunks, and privacy advocates. ^[14]

Monero utilizes Dandelion++, a protocol that obscures the IP address of devices initiating transactions. This is achieved through a transaction broadcast propagation method, wherein new transactions are initially passed to one node on Monero's peer-to-peer network, and a probabilistic protocol is employed to determine when the transaction should be sent to one node or broadcast to multiple nodes, a process called flooding. This protocol was developed in response to the emerging blockchain analysis market and the potential use of botnets for analysis. ^[20][21]

The Monero network has three basic mechanisms implemented to ensure complete anonymity when using its network:

Ring Signatures

Ring signatures are digital signatures that any member of a specific group of people with private keys can sign. Monero uses Ring Signatures to mix the digital signature of the individual making an XMR transaction with other users' signatures before recording it on the blockchain. To anyone observing, it’s impossible to tell whose key was used to sign, making the transaction anonymous. ^[4][5]

Stealth addresses

Stealth addresses require the sender to form a random, one-time address for every transaction so that different payments cannot be traced to the same payee. Using these stealth addresses enables concealing the actual destination address of a transaction, and it hides the identity of the receiving participant. ^[4]

Ring Confidential Transactions (Ring CT)

Most cryptocurrencies transmit transaction amounts in plain text, visible to any observer. Monero networks, however, employ cryptographic obligations that allow users to prove sufficient funds to send a certain amount without disclosing it. This makes it difficult to determine a "richest list" of users. ^[5]

Traceability Analysis

In April 2017, researchers identified three potential threats to Monero users' privacy. The first concern is using a ring signature size of zero and the ability to view output amounts. The second, "Leveraging Output Merging", entailed tracking transactions where two outputs belonged to the same user, such as when a user sent funds to themselves ("churning"). Finally, "Temporal Analysis" suggested that predicting the correct output in a ring signature could be easier. ^[22]

The Monero development team stated that RingCTs were implemented in January 2017, and a minimum size of ring signatures was mandated in March 2016. In 2018, researchers published the paper "An Empirical Analysis of Traceability in the Monero Blockchain", to which the Monero team responded in March 2018. ^[23]

The United States Internal Revenue Service's criminal investigation division (IRS-CI) posted a $625,000 bounty in September 2020 for contractors to develop tools for tracing privacy-enhanced cryptocurrencies, the Bitcoin Lightning Network, and other "layer 2" protocols. The contract was subsequently awarded to blockchain analysis groups Chainalysis and Integra FEC. ^[24]

Tokenomics

Monero uses a proof-of-work consensus mechanism – miners deploy their computer hardware to solve resource-intensive problems and receive a reward from XMR when they successfully add a new block to the Monero blockchain. Monero block times are 2 minutes on average.  There is no maximum limit set on how many XMR coins can exist. However, the XMR inflation is designed to slow down over time. ^[15][18]

The initial total supply of XMR was capped at 18,300,000 XMR. However, once this cap is reached, it will trigger the emission of XMR at the rate of 0.3XMR per minute. The idea behind the proposed "tail emission" is to incentivize miners to continue to validate transactions on the Monero blockchain. ^[19]

Mining on Monero

Monero uses a PoW algorithm, RandomX, to validate transactions. The method was introduced in November 2019 to replace the former algorithm CryptoNightR. Both were designed to be ASIC-resistant. ^[6]

Monero can be mined somewhat efficiently on consumer-grade hardware, such as x86, x86-64, ARM, and GPUs, a design decision based on Monero's opposition to the mining centralization that ASIC mining creates. However, it has also increased Monero's popularity among malware-based non-consensual miners. ^[6]

In October 2021, the Monero project introduced P2Pool, a mining pool running on a sidechain that gives participants full control of their node as with solo mining configurations. ^[6][17]

Illicit Uses

Darknet markets

Monero is a common medium of exchange on darknet markets. In August 2016, dark market AlphaBay permitted vendors to accept Monero as an alternative to bitcoin. Law enforcement took the site offline in 2017, but it was relaunched in 2021 with Monero as the sole permitted currency. ^[7][8]

Mining malware

Hackers embedded malware into websites and applications that hijack victim CPUs to mine Monero (sometimes called cryptojacking). In late 2017, Coinhive, a JavaScript implementation of a Monero miner embedded in websites and apps, was blocked by malware and antivirus service providers, in some cases due to hackers. Coinhive was introduced as an alternative to advertisements, enabling websites or apps to embed a script that allows the website visitor's CPU to mine the cryptocurrency while consuming the webpage's content, with the site or app owner receiving a percentage of the mined coins.

Sometimes, this activity was conducted without informing visitors or using all available system resources. As a result, the script was subsequently blocked by companies providing ad-blocking subscription lists, antivirus services, and antimalware services. Coinhive was previously hidden in Argentina's Showtime-owned streaming platforms and Starbucks Wi-Fi hotspots. Researchers in 2018 identified similar malware that mined Monero and sent it to Kim Il-sung University in North Korea. ^[10][11][12]

Ransomware

Ransomware groups sometimes use Monero. According to CNBC, in the first half of 2018, Monero was used in 44% of cryptocurrency ransomware attacks. One group behind the 2017 WannaCry ransomware attack, the Shadow Brokers, attempted to exchange the ransom they collected in bitcoin for Monero. Ars Technica and Fast Company reported that the exchange was successful, but BBC News reported that the service the criminal attempted to use, ShapeShift, denied any such transfer. The Shadow Brokers began accepting Monero as payment later in 2017. ^[9][13]

In 2021, CNBC, the Financial Times, and Newsweek reported that demand for Monero increased following the recovery of a bitcoin ransom paid in the Colonial Pipeline cyber attack. The May 2021 hack forced the pipeline to pay a $4.4M ransom in bitcoin, though a large portion was recovered by the United States federal government the following month. The group behind the attack, DarkSide, normally requested payment in either bitcoin or Monero, but charges a 10–20% premium for payments made in bitcoin due to its increased traceability risk. Ransomware group REvil removed the option of paying ransom in bitcoin in 2021, demanding only Monero. ^[9][14]

Controversy

Monero Prohibition in Dubai

In Dubai, the issuance of, and all activities related to, anonymity-enhancing cryptocurrencies like Monero (XMR) are prohibited under new laws published on February 7, 2023. ^[26][25]

The jurisdiction in the United Arab Emirates (UAE) published its long-awaited crypto regulations, which set licensing and authorization requirements for virtual asset companies and issuers looking to operate in Dubai. ^[25]The rules define anonymity-enhancing crypto as:

"a type of Virtual Asset which prevents the tracing of transactions or record of ownership through distributed public ledgers and for which the [Virtual Asset Service Provider] has no mitigating technologies or mechanisms to allow traceability or identification of ownership."^[26]

Monero’s Security Breach

On September 1, 2023, an attack on Monero’s wallet was not revealed until November 2, 2023, on GitHub. The Monero community wallet was drained of all assets following a security breach described as shocking and a little sketchy. Monero’s developer, Luigi, explained that a total of 2,675.73 XMR, worth approximately $460,000, was stolen due to the incident.^[27]

“The CCS Wallet was drained of 2,675.73 XMR (the entire balance) on September 1, 2023, just before midnight. The hot wallet, used for payments to contributors, is untouched; its balance is ~244 XMR. We have thus far not been able to ascertain the source of the breach.” - Luigi tweeted^[28]

It was revealed that developers Luigi and Ricardo “Fluffypony” Spagni have access to the seed phase and have released a timeline of events and possible scenarios for the issue. On May 10, 2023, Luigi made the final transfer from the CSS wallet to the hot wallet, and between Sept 1 and Sept 2, a string of nine transactions led to all assets being wiped out. ^[27]

Luigi claims to have uncovered a hack when he checked the CSS wallet and found only 4.6 XMR, which Lovera donated. The incident was not widely publicized, and the CSS development team was surprised by the news. The team is working to uncover how the hack occurred and what it means for the future of CSS and its underlying structure. ^[27]

Fluffypony commented that the wider attacks might have caused it since April due to compromised keys adding that there might be a possibility that other wallets are at risk and the company has taken precautions. ^[27]