Monero (XMR) is an open-source, peer-to-peer, and privacy-oriented cryptocurrency that provides a high degree of anonymity for users and their transactions and it was launched in 2014. ^[1]

Monero's blockchain is designed to be opaque, obscuring the identity of senders and recipients, as well as the amount of each transaction, through the use of disguised addresses. ^[2]

History

Monero is a cryptocurrency that originated from Bytecoin, an application layer protocol created to address issues with Bitcoin, such as traceability, mining centralization, and irregular coin emission. Bytecoin was launched in March 2014 and subsequently forked by a Bitcointalk forum user known as thankful_for_today, resulting in the new project BitMonero (coined from Bitcoin and Monero) with Monero meaning "coin" in Esperanto. ^[3]

The release of BitMonero was met with substantial criticism from the initial community backing it, resulting in a fork of the project to create Monero. Seven community members, led by Fluffypony (Riccardo Spagni), formed the first Monero Core team and launched the project in April 2014 without any premine. ^[3]

In December 2019, Riccardo Spagni, Monero's lead maintainer stepped down from the project in an effort to further decentralize the project. ^[16]

"I'm stepping back as lead maintainer, but continuing on as a maintainer, to further decentralise the project. I've been talking about doing this for two years, since I stepped back as lead maintainer on the Monero website and Monero GUI projects, so it should come as no surprise." - Riccardo Spagni told DeCrypt ^[16]

Technology

Privacy on Monero

Monero offers increased privacy and anonymity compared to Bitcoin, as transaction details, user addresses, and wallet balances are encrypted. This has resulted in the cryptocurrency gaining a strong following among crypto-anarchists, cypherpunks, and privacy advocates. ^[14]

Monero utilizes Dandelion++, a protocol that obscures the IP address of devices initiating transactions. This is achieved through a transaction broadcast propagation method, wherein new transactions are initially passed to one node on Monero's peer-to-peer network, and a probabilistic protocol is employed to determine when the transaction should be sent to one node or broadcast to multiple nodes, a process called flooding. This protocol was developed in response to the emerging blockchain analysis market and the potential use of botnets for analysis. ^[20][21]

The Monero network has three basic mechanisms implemented to ensure complete anonymity when using its network:

Ring Signatures

This is a digital signature that can be signed by any member of a specific group of people with private keys. Monero uses Ring Signatures to mix the digital signature of the individual making an XMR transaction with other users' signatures before recording it on the blockchain. To anyone observing, it’s impossible to tell whose key was used to sign, making the transaction anonymous. ^[4][5]

Stealth addresses

Stealth addresses require the sender to form a random, one-time address for every transaction so that different payments cannot be traced to the same payee. The use of these stealth addresses enables concealing the actual destination address of a transaction, and it hides the identity of the receiving participant. ^[4]

Ring confidential transactions (Ring CT)

Most cryptocurrencies transmit transaction amounts in plain text, visible to any observer. Monero networks, however, employ cryptographic obligations that allow users to prove sufficient funds to send a certain amount without disclosing it. This makes it difficult to determine a "richest list" of users. ^[5]

Traceability Analysis of Monero's Blockchain

In April 2017, researchers identified three potential threats to Monero users' privacy. The first concerned the use of a ring signature size of zero, and the ability to view output amounts. The second, "Leveraging Output Merging", entailed tracking transactions where two outputs belonged to the same user, such as when a user sent funds to themselves ("churning"). Finally, "Temporal Analysis" suggested that it could potentially be easier than previously thought to predict the correct output in a ring signature. ^[22]

The Monero development team stated that RingCTs were implemented in January 2017, and a minimum size of ring signatures was mandated in March 2016. In 2018, researchers published the paper "An Empirical Analysis of Traceability in the Monero Blockchain", to which the Monero team responded in March 2018. ^[23]

The United States Internal Revenue Service's criminal investigation division (IRS-CI) posted a $625,000 bounty in September 2020 for contractors to develop tools for tracing privacy-enhanced cryptocurrencies, the Bitcoin Lightning Network, and other "layer 2" protocols. The contract was subsequently awarded to blockchain analysis groups Chainalysis and Integra FEC. ^[24]

Tokenomics

Monero uses a proof-of-work consensus mechanism – miners deploy their computer hardware to solve resource-intensive problems and receive a reward in the form of XMR when they successfully add a new block to the Monero blockchain. Monero block times are 2 minutes on average.  There is no maximum limit set on how many XMR coins can exist. However, the XMR inflation is designed to slow down over time. ^[15][18]

The initial total supply of XMR was capped at 18,300,000 XMR. However, once this cap is reached, it will trigger the emission of XMR at the rate of 0.3XMR per minute. The idea behind the proposed "tail emission" is to incentivize miners to continue to validate transactions on the Monero blockchain. ^[19]

Mining on Monero

Monero uses a PoW algorithm, RandomX, to validate transactions. The method was introduced in November 2019 to replace the former algorithm CryptoNightR. Both were designed to be ASIC-resistant. ^[6]

Monero can be mined somewhat efficiently on consumer-grade hardware, such as x86, x86-64, ARM, and GPUs, a design decision that was based on Monero's opposition to mining centralization that ASIC mining creates. However, it has also resulted in Monero's popularity among malware-based non-consensual miners. ^[6]

In October 2021, the Monero project introduced P2Pool, a mining pool running on a sidechain that gives participants full control of their node as with solo mining configurations. ^[6][17]

Illicit Use

Darknet markets

Monero is a common medium of exchange on darknet markets. In August 2016, dark market AlphaBay permitted its vendors to start accepting Monero as an alternative to bitcoin. The site was taken offline by law enforcement in 2017, but it was relaunched in 2021 with Monero as the sole permitted currency. ^[7][8]

Mining malware

Hackers embedded malware into websites and applications that hijack victim CPUs to mine Monero (sometimes called cryptojacking). In late 2017, Coinhive, a JavaScript implementation of a Monero miner embedded in websites and apps, was blocked by malware and antivirus service providers, in some cases due to hackers. Coinhive was introduced as an alternative to advertisements, enabling websites or apps to embed a script that allows for the website visitor's CPU to mine the cryptocurrency while consuming the content of the webpage, with the site or app owner receiving a percentage of the mined coins. In some instances, this activity was conducted without informing visitors or using all available system resources. As a result, the script was subsequently blocked by companies providing ad-blocking subscription lists, antivirus services, and antimalware services. Coinhive had previously been found hidden in Showtime-owned streaming platforms and Starbucks Wi-Fi hotspots in Argentina. Researchers in 2018 identified similar malware that mined Monero and sent it to Kim Il-sung University in North Korea. ^[10][11][12]

Ransomware

Monero is sometimes used by ransomware groups. According to CNBC, in the first half of 2018, Monero was used in 44% of cryptocurrency ransomware attacks. One group behind the 2017 WannaCry ransomware attack, the Shadow Brokers, attempted to exchange the ransom they collected in bitcoin to Monero. Ars Technica and Fast Company reported that the exchange was successful, but BBC News reported that the service the criminal attempted to use, ShapeShift, denied any such transfer. The Shadow Brokers began accepting Monero as payment later in 2017. ^[9][13]

In 2021, CNBC, the Financial Times, and Newsweek reported that demand for Monero was increasing following the recovery of a bitcoin ransom paid in the Colonial Pipeline cyber attack. The May 2021 hack forced the pipeline to pay a $4.4M ransom in bitcoin, though a large portion was recovered by the United States federal government the following month. The group behind the attack, DarkSide, normally requested payment in either bitcoin or Monero, but charge a 10–20% premium for payments made in bitcoin due to its increased traceability risk. Ransomware group REvil removed the option of paying ransom in bitcoin in 2021, demanding only Monero. ^[9][14]

Monero Prohibition in Dubai

In Dubai, the issuance of, and all activities related to, anonymity-enhancing cryptocurrencies like Monero (XMR) are prohibited under new laws published on February 7, 2023. ^[26][25]

The jurisdiction in the United Arab Emirates (UAE) published its long-awaited crypto regulations, which sets licensing and authorization requirements for virtual asset companies and issuers looking to operate in Dubai. ^[25]
The rules define anonymity-enhancing crypto as:

"a type of Virtual Asset which prevents the tracing of transactions or record of ownership through distributed public ledgers and for which the [Virtual Asset Service Provider] has no mitigating technologies or mechanisms to allow traceability or identification of ownership."^[26]

Monero’s Security Breach

On September 1, 2023, there was an attack on Monero’s wallet which was not revealed until November 2, 2023, on GitHub. The Monero’s community wallet was drained of all assets following a security breach described as shocking and a little sketchy. Monero’s developer, Luigi explained that a total of 2,675.73 XMR worth approximately $460,000 was stolen as a result of the incident.^[27]

“The CCS Wallet was drained of 2,675.73 XMR (the entire balance) on September 1, 2023, just before midnight. The hot wallet, used for payments to contributors, is untouched; its balance is ~244 XMR. We have thus far not been able to ascertain the source of the breach.” - Luigi tweeted^[28]

It was revealed that developers Luigi and Ricardo “Fluffypony” Spagni are the two with access to the seed phase and have so far released a timeline of events and possible scenarios for the issue. On May 10, 2023, Luigi made the final transfer from the CSS wallet to the hot wallet and between Sept 1 and Sept 2, a string of nine transactions led to all assets being wiped out. ^[27]

Luigi claims to have uncovered a hack when he checked the CSS wallet and found only 4.6 XMR, which was donated by Lovera. The incident was not widely publicized, and the CSS development team was surprised by the news. The team is working to uncover how the hack occurred and what it means for the future of CSS and its underlying structure. ^[27]

Fluffypony commented that the wider attacks might have caused it since April due to compromised keys adding that there might be a possibility that other wallets are at risk and the company has taken precautions. ^[27]