New empirical traceability analysis of CryptoNote-style blockchains

Zuoxia Yu, Man Ho Au, Jiangshan Yu, Rupeng Yang, Qiuliang Xu, Wang Fat Lau

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

23 Citations (Scopus)


The cascade effect attacks (PETS’ 18) on the untraceability of Monero are circumvented by two approaches. The first one is to increase the minimum ring size of each input, from 3 (version 0.9.0) to 7 in the latest update (version 0.12.0). The second approach is introducing the ring confidential transactions with enhanced privacy guarantee. However, so far, no formal analysis has been conducted on the level of anonymity provided by the new countermeasures in Monero. In addition, since Monero is only an example of leading CryptoNote-style blockchains, the actual privacy guarantee provided by other similar blockchains in the wild remains unknown.
In this paper, we propose a more sophisticated statistical analysis on CryptoNote-style cryptocurrencies. In particular, we introduce a new attack on the transaction untraceability called closed set attack. We prove that our attack is optimal assuming that no additional information is given. In other words, in terms of the result, closed set attack is
equivalent to brute-force attack, which exhausts all possible input choices and removes those that are impossible given the constraints imposed by the mixins of each transaction. To verify the impact of our attack in reality, we conduct experiments on the top 3 CryptoNote-style cryptocurrencies, namely, Monero, Bytecoin and DigitalNote, according to their market capitalization. Since the computational cost of performing closed set attack is prohibitively expensive, we propose an efficient algorithm, called clustering algorithm, to (approximately) implement our attack. By combining our clustering method with the cascade attack, we are able to identify the real coin
being spent in 70.52% Monero inputs, 74.25% Bytecoin inputs, and in 91.56% DigitalNote inputs.
In addition, we provide a theoretical analysis on the identified closed set attack, i.e., if every input in a CryptoNote-style blockchain has 3 mixins, and all mixins are sampled uniformly from all existing coins, the success rate of this attack is very small (about 2−19). Given that closed set attack is equivalent to the best possible statistical attack, our findings provide two key insights. First, the current system configuration of Monero secure against statistical attacks, as the minimum number of mixin is 6. Second, we identify a new factor in improving anonymity, that is, the number of unspent keys. Our analysis indicates that the number of mixins in an input does not need to be very large, if the percentage of unspent keys is high.
Original languageEnglish
Title of host publicationFinancial Cryptography and Data Security
Subtitle of host publication23rd International Conference, FC 2019 Frigate Bay, St. Kitts and Nevis, February 18–22, 2019 Revised Selected Papers
EditorsIan Goldberg, Tyler Moore
Place of PublicationCham Switzerland
Number of pages17
Volume11598 LNCS
ISBN (Electronic)9783030321017
ISBN (Print)9783030321000
Publication statusPublished - 2019
EventFinancial Cryptography and Data Security Conference 2019 - St Kitts, St Kitts and Nevis
Duration: 18 Feb 201922 Feb 2019
Conference number: 23rd (Website) (Proceedings)

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceFinancial Cryptography and Data Security Conference 2019
Abbreviated titleFC 2019
Country/TerritorySt Kitts and Nevis
CitySt Kitts
Internet address

Cite this