Monero Fork MoneroV Could Harm User Privacy
A hard fork of the privacy-centric cryptocurrency Monero (XMR) could essentially be a trap to erode the privacy of Monero users. The hard fork of Monero, called MoneroV (XMV), is set to split from the Monero blockchain just a couple of weeks into the month of March. Users of the original Monero will receive the 10 times the balance they have in their original Monero accounts in MoneroV, in what is commonly known as an airdrop. Normally airdrops are just seen as “free money”, but it is very foolish for anyone who is holding Monero at the time of the hard fork to ever claim and use the MoneroV obtained in the airdrop. Not only would using the MoneroV from the airdrop harm the individual Monero user’s privacy, it could harm the privacy of other Monero users. One of the methods that makes Monero unique is that it protects the privacy of all user transactions. What makes this hard fork different from other hard forks you may be familiar with, such as Bitcoin Cash and Bitcoin Gold which forked from Bitcoin, is that those coins did not feature privacy protections like ring signatures and stealth addresses.
Widespread use of MoneroV could essentially exploit a vulnerability in cryptocurrencies which uses ring signatures, and in particular, those which run on the CryptoNote 2.0 protocol, such as Monero. This vulnerability in ring signatures was discussed in the very first research bulletin released by Monero Research Labs, in a 2014 paper titled, “A Note on Chain Reactions in Traceability in CryptoNote 2.0.” If a user spends the same transaction in MoneroV that they have spent on Monero, the untraceability provided by the mixing accomplished with ring signatures could be harmed. This attack weakens the ability of Monero transactions to be hidden through ring signatures and makes blockchain analysis and surveillance easier to accomplish. Those who claim their coins from the MoneroV airdrop will expose their key image and make it easier to identify which inputs have been spent. Although according to at least one Monero dev, it would take at least 1/3 of all recent outputs to cause a “significant impact.”
If Monero users do begin to spend the MoneroV coins received from the airdrop, the privacy protection of Monero could be strengthened through a process called churning. Churning is where you send your balance to yourself to increase the privacy and make it much harder for an attacker to conduct blockchain analysis and surveillance. However, as one Monero developer warned, churning should only be done if you “possess full control over the wallet” and that you don’t churn using exchanges or “in a wallet that holds your private key and/or view key.”
“After MoneroV, it’s hard to say how much churning will help them. However, it will increase the proportion of “good” outputs to “bad” outputs on the network, thus making the network as a whole [more] robust. I would not count on churning providing significant protection for these individual users until everything settles down, but it will increase the health of the overall network,” Monero developer Justin Ehrenhofer told BTCManager.
Ehrenhofer went on to warn that users should wait as people will likely be creating a lot of bad outputs as soon as it is possible to claim MoneroV, and that after these transactions settle down, possibly within a few days, there will be less risk. An increase in bad outputs is also likely to occur when the price of MoneroV reaches new highs or lows. The creators of MoneroV are all anonymous, or more accurately, pseudonymous. This makes it more difficult to determine how competent the creators are and what their motivations are for forking the Monero blockchain. MoneroV doesn’t even seem to be all that radically different from Monero and the wisdom in forking the Monero blockchain, instead of simply forking the Monero code and starting a new blockchain, has been widely criticized. Some of the differences between Monero and MoneroV, according to the MoneroV web site, are that MoneroV will have lower transaction fees and will cap the supply of MoneroV coins that can be mined to a total of 256 million coins. The promoters of MoneroV argue that having a fixed and finite total supply of coins is in keeping with the vision of the pseudonymous creator of Bitcoin, Satoshi Nakamoto.
There is no certainty as to exactly how users, miners, and traders of cryptocurrencies will react once all of the coins that can be mined have been mined in a cryptocurrency that has a finite supply of coins. It is possible that transaction fees could explode, or that there could be less incentive for people to process transactions. Monero aimed to avoid some of these possible issues that could exist with a finite supply, while also avoiding the issue of hyperinflation, by creating an indefinite continuation of block rewards, or coins that can be mined, through Monero’s tail emission. The ability to continue earning block rewards may be an additional incentive for people to participate.
On March 14th the Monero hard fork will occur, and all holders of Monero at block 1529810 will also hold the same number of MoneroV coins as they hold in Monero. If users of these privacy cryptocurrencies are actually serious about privacy, then they should absolutely reject the airdrop and hard fork of the Monero blockchain. While there may be arguments in favor of some of the features that are expected to be found in MoneroV, it would make more sense from a privacy perspective to not fork the Monero blockchain and to instead create their own blockchain and build on just the code from Monero. According to the MoneroV site, the project aims to eventually move away from using the CryptoNote protocol. Monero dev Justin Ehrenhofer believes that most Monero users will not fall into the trap and that this potential attack on Monero’s privacy will be unsuccessful. Future changes to Monero to make it more resilient to such fork attacks could involve increasing the default ring size from 5 to 8 or more.