Monero, the privacy-oriented decentralized cryptocurrency project, underwent a planned hard fork event on Saturday, introducing new features to boost its privacy and security.
The network upgrade was delayed from July 13, when it was first planned for release, due to multi-sig security fixes, critical security patches, and more time needed to resolve hardware wallet incompatibility issues.
Completed at block 2,688,888, the hard fork now features a larger ring size (from 11 to 16), an improved ‘Bulletproofs’ algorithm for faster transactions, a revamped multisig mechanism, and performance upgrades that reduce wallet sync times by 30-40%.
This upgrade is a hard fork sitting on 0.18 ‘Fluorine Fermi’, so the new version isn’t backward compatible with older ones. Hence, those who want to continue using Monero will have to upgrade their software (monerod, monero-wallet-cli, monero-wallet-gui).
Users of hardware wallets will need a firmware update from the device vendor to continue using them.
Larger rings, more anonymity
Monero is considered to have superior privacy over other cryptocurrency projects because of its “ring signature” transaction obfuscation mechanism.
When a transaction requires signing, the user performing it has their signature merged with those of other users to create ambiguity in blockchain analysis and make trace-back practically challenging.
In the previous version, Monero supported a fixed number of 11 co-signers who all had their IP addresses hidden behind a special protocol called ‘Dandelion++’, all built into the network.
The new Monero upgrade takes the ring size up to 16, which is the largest absolute increase in the project’s history, significantly improving the anonymity sets.
Of course, going even higher would be mean stronger obfuscation but the developers deemed 16 as the ideal number, for now, considering the increase of the blockchain size and additional burden on the network.
The choice of cybercriminals
Monero is used by cryptocurrency investors who cherish their privacy and anonymity, but the coin is also used for illicit affairs.
As it’s nearly impossible to trace, retrieve, or unmask those behind specific transactions, Monero is used by ransomware gangs, cryptomining groups, and it is also offered as a standard payment option on darknet markets.
While the coin isn’t illegal, regulators and law enforcement agencies don’t like its untraceable nature, so they apply pressure on the largest legal cryptocurrency exchanges not to list it.
In 2020, the IRS offered $1,000,000 to anyone who develops a system for tracking Monero transactions, but no cryptocurrency experts answered the call for proposals with a convincing project.
Monero’s latest network update further boosts transaction source and privacy on an already uncracked system, making it a real challenge for deciphering efforts.
Together with the recent law enforcement crack-down on the Tornado Cash mixing service, hackers may be drawn more towards blockchains like Monero that are built with anonymity in mind.
Steve Walbroehl, co-founder of blockchain security firm Halborn, told BleepingComputer the following on the topic:
Monero is unlike Tornado cash in many ways, but primarily because there are no “Smart contracts” that have functions to implement “freeze” or “blacklist” type of features.
If law enforcement has struggled with getting a grasp on deciphering Monero illicit activity, then the struggle is about to become even more difficult with the latest upgrade. With the ring size increased from 11 to 16 to create an authorized transaction, this makes it much more cryptographically hardened and difficult to reverse.
Zero Knowledge proofs are gaining publicity with more projects underway using the technology, but Monero has incorporated this to create privacy preserving transactions for a very long time.
Now, with the upgrade to using “Bulletproofs”, not only are they increasing the cryptographic integrity of transactions, but it is reducing the transaction size, and increasing the speed in which it can all be done.
And because Monero already does not use a traditional public ledger, but has several keys like “view keys” to see transactions published on the blockchain, tracing funds from one address to another is already a near impossible task.