Why is Monero (XMR) being compared to the “perfect Bitcoin”?

Key Information

• Monero was created in April 2014 with the primary goal of ensuring user privacy in every transaction.
• Monero uses advanced technologies such as Ring Signatures, RingCT, and Stealth Addresses to guarantee security and anonymity.
• Unlike Bitcoin, Monero is considered fully fungible because each unit of XMR is interchangeable, without its transaction history being traceable.

---

Quick Overview of Monero

Monero is a digital payment network focused on anonymity, where transactions cannot be traced. The native cryptocurrency, XMR, is used for transactions and is fungible, meaning that no one coin can be distinguished from another.

Monero’s founding principle is simple: privacy and confidentiality must be guaranteed by default. Unlike Bitcoin, whose blockchain is public and transparent, Monero was designed to hide all transaction details, such as the sender, recipient, and amount transferred. It’s an open-source project relying on contributions from anonymous developers and an engaged global community.

From a technical perspective, Monero's blockchain operates on a Proof of Work consensus, with mining activity specifically designed to be hard to optimize. Therefore, it is possible to contribute to Monero's security using a simple CPU or GPU.

---

How is Monero Untraceable?

Monero relies on a set of cryptographic technologies to guarantee absolute anonymity in network transactions. Specifically, the sender’s identity, the transferred amount, and the recipient's address are systematically hidden, making any tracing attempts impossible. These three key components are Ring Signatures, RingCT, and Stealth Addresses.

Ring Signatures

For each Monero transaction, the network mixes the sender's real address with other randomly chosen addresses from the Monero blockchain (three in 2016, up to 16 in 2022). These serve as decoys to obscure the transaction trail.

The public key of one of these addresses is then used to sign with the user’s private key, making it computationally impossible to determine which of the group’s addresses initiated the transaction. To prevent double-spending, a unique key image is included in every transaction.

One of the strengths of Ring Signatures is their improvisation—they require no prior preparation and are irreversible, meaning no one can later retrace how they were used.

RingCT (Confidential Transactions)

Introduced in 2017 and soon made mandatory for all Monero transactions, RingCT technology hides transaction amounts. Before its introduction, transactions were broken into smaller amounts to make tracking harder. With RingCT, Monero has taken a further step by directly masking the exchanged sums.

Now, each transaction must include:

• A Pedersen commitment, which ties XMR to the recipient’s public key without revealing the amount or the receiver’s identity.
• A range proof (Zero-Knowledge Proof) that ensures the amount is valid and correct while maintaining secrecy about the exact value.

RingCT thus ensures full confidentiality of sent amounts, the origins of funds, and their recipients, further enhancing network anonymity.

Stealth Addresses

Stealth Addresses are one-time addresses generated for each transaction, preventing outsiders from linking transactions together. These addresses are created from the recipient’s two public keys: the public view key and the public spend key.

In other words, when sending XMR, the sender generates a one-time address using the recipient’s two public keys. They then send the funds to this address, recording the public transaction key on the blockchain.

Only the recipient, using their two public keys, can retrieve and access the transferred funds. This means that even though an address appears on the blockchain, it reveals no information about the receiver's identity.

Thanks to Stealth Addresses, Monero transactions remain entirely untraceable, as each operation uses a unique address that cannot be linked to the sender or the recipient, preventing any external surveillance.

---

Has Anyone Ever Managed to Trace Monero?

The Vastaamo Hacker Case

One of the most publicized cases involves the Vastaamo hacker, who attacked a psychotherapy clinic in Finland in 2022, stealing the data of tens of thousands of patients. The hacker demanded ransom payments in Bitcoin, which were immediately converted to Monero to cover the tracks.

However, Finnish authorities claimed to have traced the hacker’s transactions using undisclosed methods. In reality, the hacker himself made several mistakes leading to his downfall.

First, he boasted about his exploits on Finnish forums, revealing his location. Additionally, when releasing an 11 GB file of stolen data, he accidentally included personal files linking him to other cyberattacks.

Thus, Monero’s use wasn’t the reason for his capture; it was his poor operational security that allowed authorities to track him down. The police used Bitcoin transaction analysis rather than directly tracing Monero.

The Lazarus Case and Wannacry 2.0 Ransomware

The infamous North Korean hacker group Lazarus used Monero during the 2017 Wannacry 2.0 ransomware attack. Although Monero was chosen for its anonymity, errors made when converting Bitcoin to Monero via the ShapeShift exchange allowed for tracking.

ShapeShift limited the amount of cryptocurrency that could be converted in one transaction, so Lazarus had to make multiple small conversions, increasing the number of transaction outputs (TXOs). This created an identifiable pattern that linked the various transactions. Moreover, Lazarus made the mistake of sending all the converted XMR to a single Bitcoin Cash (BCH) address, simplifying the tracking of funds.

Since then, Monero has made the old 32-byte transparent payment IDs obsolete, which allowed such analysis. Monero now uses encrypted payment IDs or sub-addresses, making tracing impossible. Additionally, Monero has made it mandatory for all transactions to use exactly 16 decoys, reducing the certainty of identifying real transactions compared to those using fewer decoys.

In most known Monero tracing cases, it’s the user's errors that lead to their de-anonymization. Despite this, there are known weaknesses in the Monero system, and the community has even created a YouTube channel summarizing these limitations in multiple videos, as the next section discusses.

The Chainalysis Incident

In 2024, a video mistakenly published (and later deleted) by Chainalysis, a U.S.-based blockchain analysis company, revealed that Monero transactions might not be as anonymous as believed.

In this video, republished by community members, it was revealed that Chainalysis had been able to trace Monero transactions since 2021. The company used “malicious” nodes to capture users' IP addresses, linking them to transaction dates and times. This allowed Chainalysis to map the network and trace certain transactions.

In conclusion, most cases of Monero de-anonymization stem from human error rather than protocol flaws. Poor operational security (opsec) and careless use of cryptocurrencies can easily compromise the anonymity of a transaction, even with a tool as sophisticated as Monero.

To ensure complete confidentiality, users must adopt rigorous security practices and be aware of the risks associated with every step of the transaction process. Monero offers a high level of anonymity, but this can be compromised if users fail to adhere to strict security standards.

---

Key Events in Monero’s History

2021 – 2022

The year 2021 marked a pivotal shift towards decentralizing Monero’s hashrate. At the time, the mining pool MineXMR controlled nearly 50% of the network’s computing power, raising concerns in the community about the potential risk of a 51% attack (where a single actor controlling over half of the hashrate could theoretically rewrite transaction history).

In response, the community quickly launched the P2Pool protocol in October 2021. This solution helped further decentralize the hashrate by distributing it among miners, making the network more resilient. As a result, MineXMR's dominance dropped to 38%.

Simultaneously, in April 2022, there was an attempted bank run on several centralized exchanges after many users reported withdrawal issues with their Monero funds, particularly during price drops. This situation heightened users' distrust of centralized platforms and reinforced the appeal of self-custody solutions and decentralized exchanges, which the Monero community actively promotes.

2022 – 2023

Early 2022 was marked by global economic sanctions, mainly due to the Russia-Ukraine conflict and the Canadian trucker protests. During these periods, the number of transactions on Monero notably increased.

In a different context, the dark web marketplace AlphaBay 2.0 decided to accept only Monero as a payment method, abandoning Bitcoin due to its transparency, which was deemed too high-risk for illegal transactions.

2023 – 2024

BitMain, a company that designs specialized machines for cryptocurrency mining, attempted to release an ASIC specifically for mining Monero. However, it proved less efficient than a modern CPU (e.g., AMD EPYC). This demonstrates the success of the RandomX algorithm, designed to prevent ASIC dominance in Monero mining and thus avoid centralization of the hashrate.

Nonetheless, the last few years haven’t been entirely positive for Monero, as the XMR cryptocurrency has been delisted from several major exchanges, including Bittrex, OKX, Kraken, and Binance. The reason for this is the increasing global regulations concerning privacy coins.

In response, the community has shifted its support towards alternatives, such as AtomicSwaps, which allow users to exchange XMR for BTC or other cryptocurrencies without intermediaries. There’s also HavenoDEX, a decentralized exchange specific to Monero, using peer-to-peer technology to enable direct, anonymous user trades.

---

Monero or Bitcoin?

To address the central question of this thread, we reached out to “@obitor_null” and “@0upsec,” two cybersecurity and cypherpunk experts. Here are their insights on the debate between Bitcoin and Monero.

Privacy

“Monero is designed to offer a high level of privacy by hiding the sender’s addresses, the recipient’s addresses, and the transaction amounts. Unlike Bitcoin, where all transactions are public and traceable on the blockchain, Monero uses privacy techniques like Ring Signatures that leverage other transaction outputs on the Monero blockchain to obscure your own. It also uses Stealth Addresses to guarantee user privacy.” - @0upsec

“The RingCT protocol hides the transmitted amounts through Zero-Knowledge proofs, meaning that on-chain, we only see unknown amounts (a transaction could carry thousands of XMR or insignificant dust).” - @obitor_null

Scalability

“Monero confirms a block every 1-2 minutes, with transaction fees costing fractions of a cent. This makes it very competitive as a means of transferring value quickly and without leaving traces, compared to Bitcoin, Ethereum, or Litecoin.” - @obitor_null

Fungibility

Fungibility is a significant advantage Monero holds over Bitcoin and most other cryptocurrencies, thanks to Monero’s inherently private blockchain and Bitcoin’s permanently traceable nature.

With Bitcoin, the path of every BTC can be traced back to its creation. Consequently, if a BTC has been used for illegal purposes in the past, that history remains permanently recorded on the blockchain. This lack of fungibility means that certain markets may refuse to accept BTC previously used in illegal activities or that fall outside their terms of use.

“Currently, centralized exchanges (CEX) block, suspend, or close accounts that receive Bitcoin linked to online gambling sites or other dubious activities.” - @0upsec

“Additionally, there are several sites such as Monerica.com and Cryptwerk.com that list hundreds of online merchants where you can spend your XMR.” - @obitor_null

Greater Decentralization

“Monero aims to maintain greater decentralization than Bitcoin through Bisq, a decentralized peer-to-peer exchange (secured with multisig during trades) that allows XMR to be bought and sold for BTC, as well as the upcoming DEX exchange Haveno and now the atomic swaps (ETH and BTC).” - @0upsec

“They also emphasize decentralization in mining through P2Pool and decentralized CPU mining.” - @obitor_null

Summary

“In conclusion, Bitcoin and Monero should coexist and be used together. Bitcoin remains the gold standard, and its liquidity is necessary and useful for Monero. Monero, in turn, is indispensable for the aspects that Bitcoin does not cover.” - @0upsec

---

Is Compliance Monero’s Achilles Heel?

This section was written by @EdDenoual, Core Contributor at OAK Research, focusing on compliance and a lawyer specializing in crypto-assets law.

What About French Law?

Currently, French law does not prohibit transactions involving “privacy coins” or “anonymity-enhanced cryptocurrencies” (as designated by the FATF), which includes XMR.

However, the two French regulators—the ACPR (Autorité de Contrôle Prudentiel et de Résolution, part of the Banque de France) and the AMF (Autorité des Marchés Financiers)—require crypto-asset service providers (PSANs) to implement enhanced monitoring of these transactions, notably using transaction analysis tools like Chainalysis:

“French regulation does not prohibit privacy-enhanced crypto-assets.”

PSANs wishing to buy or sell these types of crypto-assets must have sufficiently effective AML-CFT (anti-money laundering and counter-terrorism financing) systems in place to analyze and mitigate the risks associated with them (Fintech Forum ACPR-AMF, September 29, 2020).

However, this requirement for enhanced control entails significant human and material costs, which can be challenging to mobilize, especially for exchanges that must carry out this control for every privacy coin transaction to remain compliant, sometimes opting for the simpler solution of delisting.

What About the European Union?

The MiCA (Markets in Crypto-Assets) regulation prohibits the listing of these cryptocurrencies on future exchanges unless clients and their transaction histories can be identified:

“The platform's rules prevent the listing of crypto-assets with built-in anonymization features unless their holders and transaction histories can be identified by the crypto-asset service providers operating the trading platform.” (Article 76.3)

Moreover, a European regulation focused on anti-money laundering (AMLR) is currently under discussion in the European Parliament.

In its amended version, published on February 13, 2024, Article 58 outright prohibits future crypto-asset service providers (CASPs) from holding privacy coins for their clients, including XMR.

"Credit institutions, financial institutions, and crypto-asset service providers are prohibited from maintaining anonymous bank and payment accounts, anonymous passbooks, anonymous safe-deposit boxes, or anonymous crypto-asset accounts, as well as any accounts that allow anonymization or increased obfuscation of transactions, including through anonymity-enhancing coins."

The final vote on this regulation is scheduled for April 24th in the European Parliament.