Monero Developers Disclose ‘Significant’ Bug in Privacy Algorithm
The developers of privacy-focused cryptocurrency Monero (XMR) have disclosed a “rather significant” bug that could impact the privacy of users’ transactions.
“If users spend funds immediately following the lock time in the first 2 blocks allowable by consensus rules (~20 minutes after receiving funds), then there is a good probability that the output can be identified as the true spend,” Monero developers tweeted today.
A rather significant bug has been spotted in Monero's decoy selection algorithm that may impact your transaction's privacy. Please read this whole thread carefully. Thanks @justinberman95 for investigating this bug.
1/6
— Monero || #xmr (@monero) July 27, 2021
The bug, initially investigated by software developer Justin Berman, was discovered in Monero’s decoy selection algorithm and results in “next to 0 chance of selecting extremely recent outputs as decoys.”
Essentially, this means that if a user spends their XMR tokens within roughly 20 minutes after receiving them, it is highly probable that their transaction can be identified as the real one among numerous fake transactions.
“Today, if a user spends an output right in the block that it unlocks, and the output was originally created in a block that has fewer than 100 outputs total in it, their real output would be clearly identifiable in the ring,” Berman said.
He further explained that Monero’s current yearly average is around 63 outputs per block, therefore “outputs that are spent immediately when they unlock are likely identifiable in rings today.”
Monero funds not ‘at risk’
According to the developers, the bug is currently present in Monero’s official wallet “until a fix can be added in a future wallet software update.” However, a potential fix would not require a hard fork—a full network upgrade—of Monero’s blockchain, they pointed out.
Additionally, the bug reportedly poses no threat to users’ funds.
“This does not reveal anything about addresses or transaction amounts. Funds are never at risk of being stolen,” developers explained.
Meanwhile, users who don’t want to compromise their privacy should just wait at least an hour before transacting the XMR they have recently received.
“The Monero Research Lab and Monero developers take this matter very seriously. We will provide an update when wallet fixes are available,” the developers concluded.
27 July 2021 09:38