A Traceability Analysis of Monero’s Blockchain

  • Amrit KumarEmail author
  • Clément Fischer
  • Shruti Tople
  • Prateek Saxena
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10493)


Privacy and anonymity are important desiderata in the use of cryptocurrencies. Monero—a privacy centric cryptocurrency has rapidly gained popularity due to its unlinkability and untraceablity guarantees. It has a market capitalization of USD 290M. In this work, we quantify the efficacy of three attacks on Monero’s untraceability guarantee, which promises to make it hard to trace the origin of a received fund, by analyzing its blockchain data. To this end, we develop three attack routines and evaluate them on the Monero blockchain. Our results show that in 88% of cases, the origin of the funds can be easily determined with certainty. Moreover, we have compelling evidence that two of the attack routines also extend to Monero RingCTs—the second generation Monero that even hides the transaction amount. We further observe that over 98% of the results can in fact be obtained by a simple temporal analysis. In light of our findings, we discuss mitigations to strengthen Monero against these attacks. We shared our findings with the Monero development team and the general community. This has resulted into several discussions and proposals for fixes.


Monero Cryptocurrency Blockchain Traceability Anonymity 



Authors would like to thank the anonymous reviewers for their feedback. Amrit Kumar was supported by the research grants R-252-000-560-112 and R-252-000-565-720 from MOE Singapore.


  1. 1.
    Ben-Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, 18–21 May 2014, pp. 459–474 (2014)Google Scholar
  2. 2.
    Meet the Best Performing Digital Currency of 2016: Monero. Accessed 22 Apr 2017
  3. 3.
    Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology: Proceedings of CRYPTO 1982, Santa Barbara, California, USA, 23–25 August 1982, pp. 199–203. Plenum Press, New York (1982)Google Scholar
  4. 4.
    Dash (2017). Accessed 7 Apr 2017
  5. 5.
  6. 6.
    Fleder, M., Kester, M.S., Pillai, S.: Bitcoin transaction graph analysis (2015). CoRR abs/1502.01657Google Scholar
  7. 7.
    Fujisaki, E., Suzuki, K.: Traceable ring signature. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 181–200. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-71677-8_13CrossRefGoogle Scholar
  8. 8.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Jedusor, T.E.: Mimblewimble (2016). Accessed 7 Apr 2017.
  10. 10.
    Jia, Y., Moataz, T., Tople, S., Saxena, P.: OblivP2P: an oblivious peer-to-peer content sharing system. In: 25th USENIX Security Symposium, USENIX Security 2016, Austin, TX, USA, 10–12 August 2016, pp. 945–962 (2016)Google Scholar
  11. 11.
    Mackenzie, A., Noether, S., Monero Core Team: Improving obfuscation in the CryptoNote protocol. Research Bulletin MRL-0004, Monero Research Lab, January 2015Google Scholar
  12. 12.
  13. 13.
    Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G.M., Savage, S.: A fistful of bitcoins: characterizing payments among men with no names. In: Proceedings of the 2013 Internet Measurement Conference, IMC 2013, Barcelona, Spain, 23–25 October 2013, pp. 127–140. ACM (2013)Google Scholar
  14. 14.
    Miller, A., Moeser, M., Lee, K., Narayanan, A.: An Empirical Analysis of Linkability in the Monero Blockchain (2017).
  15. 15.
  16. 16.
    Noether, S., Mackenzie, A.: Monero research lab: ring confidential transactions. Ledger 1, 1–18 (2016)CrossRefGoogle Scholar
  17. 17.
    Noether, S., Noether, S., Mackenzie, A.: A note on chain reactions in traceability in CryptoNote 2.0. Research Bulletin MRL-0001, Monero Research Lab, September 2014Google Scholar
  18. 18.
    Poloniex. Accessed 22 Apr 2017
  19. 19.
    Reid, F., Harrigan, M.: An analysis of anonymity in the bitcoin system. In: 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third International Conference on Social Computing (SocialCom), PASSAT/SocialCom 2011, Boston, MA, USA, 9–11 October 2011, pp. 1318–1326. IEEE (2011)Google Scholar
  20. 20.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001). doi: 10.1007/3-540-45682-1_32CrossRefGoogle Scholar
  21. 21.
    Ron, D., Shamir, A.: Quantitative analysis of the full bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39884-1_2CrossRefGoogle Scholar
  22. 22.
    van Saberhagen, N.: CryptoNote v2.0. Technical report, CryptoNote, October 2013Google Scholar
  23. 23.
  24. 24.
    Zerocoin Electric Coin Company: Zcash (2017). Accessed 7 Apr 2017

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Amrit Kumar
    • 1
    Email author
  • Clément Fischer
    • 1
  • Shruti Tople
    • 1
  • Prateek Saxena
    • 1
  1. 1.National University of SingaporeSingaporeSingapore

Personalised recommendations