As the most effective of the so-called privacy coins, Monero is designed specifically to make it impossible for anyone to trace by breaking the chain connecting one transaction to another. But now, it’s facing a potential crisis on its home front as a growing concentration of power calls into question just how secure those transactions are.
While blockchain transactions are said to be immutable, there is one big asterisk next to that statement: A 51% attack, which allows anyone who gains control of more than half of the computing power used to mine rewards by adding a new block of transactions to a blockchain to seize control. This would let them double-spend funds used in transactions, making payments via Monero untrustworthy.
The problem is that one of the Monero mining pools — individual miners who pool computing power and rewards — has grown to control 44% of that computing power, known as hash power, putting it far too close to a majority stake for comfort.
That is especially worrisome for a cryptocurrency whose sole strength is the trust of users who want their financial transactions protected. That user list potentially includes criminals or others with something to hide. Still, in the libertarian-minded crypto community, it also has a lot of people who aren’t laundering money, evading taxes or hiding it.
There have been calls for a boycott of the pool, MineXMR, on Reddit’s r/MoneroMining community, with more than 62,000 members.
A Matter of Trust
While we’ve gone into the mechanics of 51% attacks elsewhere, they are rare, and even then, they usually only happen to small blockchains. Ethereum Classic, for example, suffered a trio of them in 2020. But the more prominent blockchains like bitcoin and Ethereum are considered safe because there are too many miners spread around the world for anyone to be able to afford to take control — that’s the decentralized part of blockchain.
See also: The 51% Attack: Crypto’s Double-Spending Achilles Heel
Also, it’s argued that it would make no sense for a mining pool successful enough to gain 51% of the hash rate to kill the golden goose by double-spending it. That said, the point of decentralizing mining is so that no government can interfere with or censor a blockchain.
But a mining pool, almost by definition, is centralized. There’s someone running it, and that someone lives somewhere. This means there’s someone who a bad actor could conceivably coerce. But again, that remains theoretical.
That said, monero does a good job of hiding funds’ sources.
Most blockchains publicize everything about a transaction — the sending and receiving digital wallet addresses, the amount of the transaction — except the identity of the two parties, which are hidden behind encryption key codes. Monero obscures all of that.
And unlike Dash and Zcash, its privacy features cannot be turned on and off by the user.
Unlike a few years ago, when Monero wasn’t large enough to handle the volume of cryptocurrency that big criminal syndicates would require, it now has a market capitalization of $3.1 billion and a 24-hour transaction volume, at this writing, of $110 million. That makes it the 45th-largest cryptocurrency by market cap.
Complete Distrust
Law enforcement is convinced monero has no good uses. Ilya Lichtenstein and Heather Morgan, the couple arrested last week on federal charges of stealing $4.5 billion from the Bitfinex cryptocurrency, allegedly “cleaned” some of it through monero. Although not all, or the Department of Justice wouldn’t have been able to get its hands on $3.6 billion of the funds it alleges is connected to the couple.
Considering that the Internal Revenue Service (IRS) said it tracked Lichtenstein and Morgan via bitcoin transactions until allegedly finding a connection between the stolen funds and the couple, it’s worth noting that the IRS has spent more than $1 million on contracts with blockchain intelligence firms to finance attempts to find a way to track monero transactions.
And governments have been banning cryptocurrency exchanges within their borders from listing monero and other privacy coins like dash (DASH) and Zcash (ZEC). In many ways, monero works like a mixing service, which uses various techniques to obscure ownership of a specific crypto coin.
See also: PYMNTS Crypto Crime Series: When Privacy Counts, Crypto Users Turn to Mixing Services
Read more: What South Korea’s Delisting Of Private Altcoins Means For Crypto
However, that doesn’t mean it’s easy to use. Governments have been banning exchanges operating within their borders for years, so it’s harder to off-ramp monero into fiat currency than bitcoin.
That said, with the growth of decentralized finance, or DeFi, the number of decentralized exchanges, or DEXs, with no one for governments to pressure have been growing. So, the number of exchanges willing to let users turn bitcoin’s BTC into monero’s XMR and back has gotten larger and easier to find.