|Original author(s)||Nicolas van Saberhagen|
|White paper||"CryptoNote v 2.0"|
|Initial release||18 April 2014|
|Latest release||0.17.2.0 / 11 April 2021|
|Operating system||Android, Windows, Linux, macOS, FreeBSD, Solaris|
|Source model||Open source|
|Timestamping scheme||Proof of work|
|Block reward||1.26 XMR|
|Block time||2 minutes|
Monero (//; XMR) is a privacy-focused cryptocurrency released in 2014. It is an open-source protocol based on the CryptoNote application layer. It uses an obfuscated public ledger, meaning anyone can send or broadcast transactions, but no outside observer can tell the source, amount, or destination. A proof of work mechanism using the hash function RandomX is used to issue new coins and incentivize miners to secure the network and validate transactions.
Monero uses various privacy-enhancing technologies to achieve anonymity and fungibility. It has attracted users desiring privacy measures that are not provided in more popular cryptocurrencies. It has also gained publicity for its illicit use in darknet markets.
In 2014, Bitcointalk forum user thankful_for_today forked the codebase of Bytecoin into the name BitMonero, which is a compound of bit (as in Bitcoin) and monero (literally meaning "coin" in Esperanto). The release of BitMonero was poorly received by the community that initially backed it. Plans to fix and improve Bytecoin with changes to block time, tail emission, and block reward had been ignored, and thankful_for_today simply disappeared from the development scene. A group of users led by Johnny Mnemonic decided that the community should take over the project, and five days later they did, changing the name to Monero at the same time.
Due to its privacy features, Monero experienced rapid growth in market capitalization and transaction volume during 2016, much more than any other cryptocurrency that year. This growth was driven by its uptake on darknet markets, where people used it to buy various illicit or otherwise illegal items. Since its inception, Monero has been used by people holding other cryptocurrencies such as Bitcoin to break the link between transactions, with the other cryptocurrencies being first converted to Monero, then after some delay converted back and sent to an address unrelated to those used before.
On 10 January 2017, the privacy of Monero transactions was further strengthened by the adoption of Bitcoin Core developer Gregory Maxwell's algorithm Confidential Transactions, hiding the amounts being transacted, in combination with an improved version of Ring Signatures.
After many online payment platforms shut down access for white nationalists following the Unite the Right rally in 2017, some of them, including Christopher Cantwell and Andrew Auernheimer ("weev"), started using and promoting Monero.
The operators behind the May 2017 global ransomware incident WannaCry converted their proceeds into Monero. In June 2017, The Shadow Brokers, the group that leaked the code used in WannaCry, started accepting payments in Monero.
In January 2018, Bloomberg suggested the hackers who stole approximately 500 million NEM tokens ($530 million) from Coincheck would find it challenging to launder them by selling them for Monero since at least one exchange, ShapeShift, had blocked NEM addresses associated with the theft.
Monero enforces privacy by default. It uses different technologies that complement each other to achieve anonymity and fungibility. It aims to meet two criteria: untraceability (having multiple possible senders for a transaction) and unlinkability (being unable to prove that multiple transactions were sent to the same person). Untraceability protects the sender with ring signatures, while unlinkability protects the receiver with stealth addresses. Monero's v0.15.0 release introduced optional integration with the I2P or Tor networks for transaction relays over its "Carbon Chamaeleon" software.
Monero was based on the CryptoNote protocol, which deploys one-time ring signatures as the core cryptographic primitive to provide anonymity and is now based on RandomX which penalizes GPU and ASIC mining. Ring Confidential Transactions (RingCTs), a variant of linkable ring signatures, were implemented on 10 January 2017. RingCTs have two components. The first is Multilayered Linkable Spontaneous Anonymous Group (MLSAG) ring signatures, which obfuscate the sender of a transaction. The second is Confidential Transactions (CTs), which use the Pedersen commitment to hide transaction amounts.
Monero generates one-time stealth addresses to hide the address of the recipient using the Dual-Key Stealth Address Protocol (DKSAP). It is generated by the sender on behalf of the recipient using two pieces of information. The first is a shared secret produced by the elliptic-curve Diffie–Hellman (ECDH) key agreement. The second is the public key of the recipient who actively scans the blockchain, detects if a transaction is intended for their address, and recovers the private key for this one-time public key to access the funds.
In October 2018, Monero implemented bulletproofs, a non-interactive zero-knowledge proof (NIZKP) protocol. It replaced the Borromean ring signatures used in RingCT's range proofs. Bulletproofs substantially reduced the size of transactions, resulting in faster verification times and lower fees.
Monero uses a method of transaction broadcast propagation to obscure the IP address of the device producing a transaction. A new signed transaction is initially passed to only one other node on Monero's peer-to-peer communication network and a repeated probabilistic method is used to determine when the new signed transaction should be sent to just one node or broadcast to many nodes in a process called flooding. This privacy-improving propagation method was motivated by the growing market for wide-area cryptocurrency analysis and the potential use of botnets for this analysis.
Due to the way that Monero was created, by default third parties are unable to observe or verify transactions, but it is possible for transaction participants to provide cryptographic information to a third party and allow auditing. A wallet owner can share the private view key. The private view key allows observation of funds that are sent to the wallet, at the corresponding wallet address, but cannot be used to spend those funds. It is also possible for a Monero sender to prove to others that a payment was made. This is done by providing a string called the transaction key. The transaction key makes the destinations of all the funds moved in one transaction visible.
Monero is designed to be resistant to application-specific integrated circuit (ASIC) mining, which is commonly used to mine other cryptocurrencies such as Bitcoin. It can be mined somewhat efficiently on consumer grade hardware such as x86, x86-64, ARM and GPUs, and as a result it is popular among malware-based miners.
In April 2017, researchers highlighted three major threats to Monero users' privacy. The first relies on leveraging the ring signature size of zero, and ability to see the output amounts. The second, "Leveraging Output Merging", involves tracking transactions where two outputs belong to the same user, such as when they send funds to themselves ("churning"). Finally, "Temporal Analysis", shows that predicting the right output in a ring signature could potentially be easier than previously thought. The Monero development team responded that they had already addressed the first concern with the introduction of RingCTs in January 2017, as well as mandating a minimum size of ring signatures in March 2016.
Monero and other privacy-oriented currencies have concerned regulators targeting illicit activities and money laundering. Exchanges in South Korea and Australia have delisted Monero and other privacy coins due to regulatory pressure. In September 2020, the IRS Criminal Investigation (IRS-CI) division offered up to $625,000 to contractors who can trace transactions or provide statistical probabilities that connect transaction data to specific users in Monero or Bitcoin's Lightning Network. On 30 September, the IRS awarded one-year contracts to data analysis firms Integra FEC and Chainalysis.
- "Monero (XMR) overview: is it really anonymous?". Archived from the original on 2021-04-28. Retrieved 2021-03-24.
- Hern, Alex (2017-12-11). "Missed the bitcoin boom? Five more baffling cryptocurrencies to blow your savings on". The Guardian. ISSN 0261-3077. Archived from the original on 2018-12-15. Retrieved 2018-12-11.
- "RandomX is a new Proof-of-Work (PoW) algorithm used where decentralisation matters". www.monerooutreach.org. 2019-06-05. Archived from the original on 2019-08-13. Retrieved 2019-08-13.
- Moser, Malte et al. (2018). "An Empirical Analysis of Traceability in the Monero Blockchain". Proceedings on Privacy Enhancing Technologies. 2018 (3): 143. doi:10.1515/popets-2018-0025.
- "Meet Monero, the Currency Dark Net Dealers Hope Is More Anonymous Than Bitcoin". Motherboard. 2016-08-23. Archived from the original on 2018-11-18. Retrieved 2018-11-18.
- "Monero, the Drug Dealer's Cryptocurrency of Choice, Is on Fire". WIRED. Archived from the original on 2018-12-10. Retrieved 2017-11-22.
- "Bittercoin: true blockchain believers versus the trough of disillusionment". TechCrunch. Archived from the original on 2018-12-20. Retrieved 2018-12-19.
- Hayden, Michael Edison (27 March 2018). "White supremacists are investing in a cryptocurrency that promises to be completely untraceable". Newsweek. Archived from the original on 7 April 2019. Retrieved 6 September 2018.
- Cox, Joseph (5 March 2018). "Neo-Nazis Turn to Privacy-Focused Cryptocurrency Monero". Motherboard. Archived from the original on 6 September 2018. Retrieved 6 September 2018.
- Gallagher, Sean (4 August 2017). "Researchers say WannaCry operator moved bitcoins to "untraceable" Monero". Ars Technica. Archived from the original on 22 July 2018. Retrieved 17 September 2017.
- Tung, Liam. "Android security: Coin miners show up in apps and sites to wear out your CPU | ZDNet". ZDNet. Archived from the original on 2017-12-05. Retrieved 2017-11-22.
- Thomson, Iain (October 19, 2017). "Stealth web crypto-cash miner Coinhive back to the drawing board as blockers move in". The Register. Archived from the original on November 7, 2017. Retrieved November 3, 2017.
- Goodin, Dan (October 30, 2017). "A surge of sites and apps are exhausting your CPU to mine cryptocurrency". Ars Technica. Archived from the original on November 3, 2017. Retrieved November 3, 2017.
- Rooney, Kate (2018-06-07). "$1.1 billion in cryptocurrency has been stolen this year, and it was apparently easy to do". CNBC. Archived from the original on 2018-09-06. Retrieved 2018-09-06.
- "Mining cryptocurrency helps raise bail for those who can't | CBC Radio". CBC. Archived from the original on 2018-09-28. Retrieved 2018-11-18.
- "You Can Now Mine Cryptocurrency to Bail People Out of Jail". Motherboard. 2017-11-15. Archived from the original on 2018-11-18. Retrieved 2018-11-18.
- Marciante, Sergio; Herrero, Alvaro (2020). "The Evolution of Privacy in the Blockchain: A Historical Survey". In 13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020). pp. 29–30. doi:10.1007/978-3-030-57805-3_3.
- Bambrough, Billy. "Just One Major Cryptocurrency Is Outperforming Bitcoin Right Now And It's Climbing Fast". Forbes. Archived from the original on 2021-01-12. Retrieved 2021-03-13.
- "Blog: Monero 0.15.0.0". getmonero.org, The Monero Project. Archived from the original on 2021-01-18. Retrieved 2021-03-13.
- "Archived copy". Archived from the original on 2021-02-26. Retrieved 2021-03-24.CS1 maint: archived copy as title (link)
- Sun, Shi-Feng et al. (2017). "RingCT 2.0: A Compact Accumulator-Based (Linkable Ring Signature) Protocol for Blockchain Cryptocurrency Monero". In Computer Security – ESORICS 2017. p. 456. doi:10.1007/978-3-319-66399-9_25.
- Han, Runchao et al. (2019). "Evaluating CryptoNote-Style Blockchains". In Information Security and Cryptology: 14th International Conference, Inscrypt 2018. p. 32. doi:10.1007/978-3-030-14234-6_2.
- Fan, Xinxin (2018). "Faster Dual-Key Stealth Addresses for Blockchain-Based Internet of Things Systems". In Blockchain – ICBC 2018. pp. 129–130. doi:10.1007/978-3-319-94478-4_9.
- Helal, Mohammad; Asghar, Muhammad (2020). "Towards Preserving Privacy and Security in Blockchain". In Essentials of Blockchain Technology. CRC Press. p. 111. ISBN 978-0-367-02771-1.
- Bunz, Benedikt et al. (2018). "Bulletproofs: Short Proofs for Confidential Transactions and More". 2018 IEEE Symposium on Security and Privacy (SP). p. 315. doi:10.1109/SP.2018.00020.
- "Signal Adds Payments—With a Privacy-Focused Cryptocurrency". Wired. ISSN 1059-1028. Archived from the original on 2021-04-08. Retrieved 2021-04-09.
- Alsalami, Nasser; Zhang, Bingsheng (2019). "SoK: A Systematic Study of Anonymity in Cryptocurrencies". 2019 IEEE Conference on Dependable and Secure Computing (DSC). pp. 1–6. doi:10.1109/DSC47296.2019.8937681.
- Bojja Venkatakrishnan, Shaileshh; Fanti, Giulia; Viswanath, Pramod (2017-06-13). "Dandelion: Redesigning the Bitcoin Network for Anonymity". Proceedings of the ACM on Measurement and Analysis of Computing Systems. 1 (1): 22:1–22:34. arXiv:1701.04439. doi:10.1145/3084459.
- Fanti, Giulia; Venkatakrishnan, Shaileshh Bojja; Bakshi, Surya; Denby, Bradley; Bhargava, Shruti; Miller, Andrew; Viswanath, Pramod (2018-06-13). "Dandelion++: Lightweight Cryptocurrency Networking with Formal Anonymity Guarantees". Proceedings of the ACM on Measurement and Analysis of Computing Systems. 2 (2): 29:1–29:35. arXiv:1805.11060. doi:10.1145/3224424.
- "Dandelion for Monero". www.monerooutreach.org. 2020-03-03. Archived from the original on 2021-01-27. Retrieved 2021-05-08.
- "How to Verify Your Funds with a Private View Key". monero.how. Archived from the original on 2021-03-09. Retrieved 2021-05-18.
- "How to Prove Payment". getmonero.org. Archived from the original on 2021-05-18. Retrieved 2021-05-18.
- "How a few companies are bitcoining it". The Economist. 2018-05-19. ISSN 0013-0613. Archived from the original on 2018-12-09. Retrieved 2018-12-11.
- Gibbs, Samuel (2017-12-13). "Billions of video site visitors unwittingly mine cryptocurrency as they watch". The Guardian. ISSN 0261-3077. Archived from the original on 2020-11-13. Retrieved 2018-12-11.
- Brandom, Russell (2017-12-19). "Backdoor coin-mining hacks are spreading as prices rise". The Verge. Archived from the original on 2018-12-11. Retrieved 2018-12-11.
- Palmer, Danny. "Cyber attackers are cashing in on cryptocurrency mining - but here's why they're avoiding bitcoin". ZDNet. Archived from the original on 2019-03-26. Retrieved 2018-12-11.
- Chu, Howard (2019-06-30). MoneroKon 2019 - ASIC-Resistant Proof of Work: Fact or Fantasy? (Howard Chu).
- ErCiccione. "Monero 0.15.0.0 "Carbon Chamaeleon" released". Monero. Archived from the original on 8 December 2019. Retrieved 16 January 2020.
- Kumar, Amrit et al. (2017). "A Traceability Analysis of Monero's Blockchain Archived 2017-07-10 at the Wayback Machine". Cryptology ePrint Archive. Retrieved 2020-12-20.
- "An Unofficial Response to 'An Empirical Analysis of Linkability in the Monero Blockchain' Archived 2020-11-24 at the Wayback Machine". GetMonero.org. Retrieved 2020-12-20.
- "Response to "An Empirical Analysis of Traceability in the Monero Blockchain", Version 2 Archived 2021-01-24 at the Wayback Machine". GetMonero.org. Retrieved 2020-12-20.
- Kshetri, Nir (2018). "Cryptocurrencies: Transparency Versus Privacy". Computer. IEEE Computer Society. 51 (11): 99–111. doi:10.1109/MC.2018.2876182.
- Ikeda, Scott (2020-11-17). "South Korea's New Crypto AML Law Bans Trading of "Privacy Coins" (Monero, Zcash) Archived 2020-12-16 at the Wayback Machine". CPO magazine. Retrieved 2020-12-17.
- "Pilot IRS Cryptocurrency Tracing Archived 2020-12-08 at the Wayback Machine". SAM.gov. Retrieved 2020-12-17.
- Franceschi-Bicchierai, Lorenzo (2020-09-12). "The IRS Wants to Buy Tools to Trace Privacy-Focused Cryptocurrency Monero Archived 2020-12-02 at the Wayback Machine". Motherboard. Retrieved 2020-12-17.
- "Pilot IRS Cryptocurrency Tracing Award Notice Archived 2020-11-25 at the Wayback Machine". SAM.gov. Retrieved 2020-12-20.