Share this page!

Monero || #xmr Profile picture
Twitter logo
27 Jul, 6 tweets, 2 min read
A rather significant bug has been spotted in Monero's decoy selection algorithm that may impact your transaction's privacy. Please read this whole thread carefully. Thanks @justinberman95 for investigating this bug.

1/6
@justinberman95 If users spend funds immediately following the lock time in the first 2 blocks allowable by consensus rules (~20 minutes after receiving funds), then there is a good probability that the output can be identified as the true spend.

2/6
This does not reveal anything about addresses or transaction amounts. Funds are never at risk of being stolen. This bug persists in the official wallet code today.

3/6
Users can substantially mitigate the risk to their privacy by waiting 1 hour or longer before spending their newly-received Monero, until a fix can be added in a future wallet software update. A full network upgrade (hard fork) is not required to address this bug.

4/6
The Monero Research Lab and Monero developers take this matter very seriously. We will provide an update when wallet fixes are available.

5/6
GitHub issue: github.com/monero-project…

Discussion: forum.monero.space/d/94-privacy-b…

Reddit: reddit.com/r/Monero/comme…

6/6

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Monero || #xmr

Monero || #xmr Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @monero

Monero || #xmr Profile picture
15 Sep 20
The long-awaited Perkins Coie whitepaper is now available!

"Anti-Money Laundering Regulation of Privacy-Enabling Cryptocurrencies"

This 40 page report is the most comprehensive to-date on compliance and Monero and will greatly assist adoption of XMR!

perkinscoie.com/en/news-insigh…
Some top quotes from the whitepaper:

"Allowing VASPs to support privacy tokens under current, tested AML regulations strikes the appropriate policy balance between preventing money laundering and allowing beneficial, privacy-preserving technology to develop."
"Not only do privacy coins provide public benefits that substantially outweigh their risks, existing AML regulations properly and sufficiently cover those risks, providing a proven framework for combatting money laundering and related crimes."
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @monero has new unrolls!

Check out other threads from @monero!

Read all threads by @monero

:(