Hexforensic

How Does Monero Tracing Work? Is it Really Untraceable? A Case Study on Monero Transaction Tracing

by
In this topic we’re diving into the intriguing world of Monero tracing. We’ll explore how Monero tracing works and Monero transaction analysis methodologies. Also we will talk about the privacy features of Monero, discuss the challenges they pose, and examine real-world tracing techniques.

What is Monero?

Monero is a cryptocurrency that, like Bitcoin, uses cryptography and distributed ledgers for secure, verifiable value transfers. However, as a privacy coin, it incorporates advanced cryptography to enhance privacy on the public blockchain. Monero is at the forefront of the ongoing “arms race” between cryptographers and investigators. Its development team is proactive in strengthening its privacy protocols. Monero originated from the CryptoNote white paper, aiming for privacy and decentralization. CryptoNote was first implemented in Bytecoin, often called the first privacy coin. Monero emerged from the Bytecoin community due to controversies surrounding Bytecoin’s anonymous development team. In this article we will explore how Monero tracing works with a hypothetical case study.

Monero is now the most prominent privacy coin. Others include Zcash and Dash. A key difference is that Monero’s privacy features are enabled by default. In Zcash, privacy is optional. First we’ll focus on Monero’s privacy features.

Is Monero “Better” Than Bitcoin?

“Better” is subjective, but for privacy advocates, Monero is objectively superior. Bitcoin, once thought anonymous, is pseudonymous. Transactions are linkable and traceable, and everything is visible on the blockchain. Monero addresses these privacy gaps. Monero’s globally decentralized network is crucial. Some countries, like Japan and the UAE, have outlawed privacy coins, and the EU has considered similar measures. However, Monero’s decentralization makes it difficult for any single government to shut down the network. Users can transact with various wallets, ranging from less intuitive but highly private to more user-friendly but less private, potentially exposing IP addresses or private keys.

How Is Monero Private?

Monero offers three main privacy features:

  1. Unlinkability: Transactions cannot be linked to the same identity.
  2. Untraceability: Transaction origins cannot be uniquely determined.
  3. Confidentiality: Transaction amounts are hidden.

Technical Underpinnings

  • Ring Confidential Transactions (RingCTs): Monero transactions hide the real output among decoys from previous transactions. Initially optional, rings are now mandatory in Monero Transactions. The current ring size is 16 (one real output, 15 decoys), and there’s discussion of increasing it further.
  • Peterson Commitments: Cryptographic techniques that obscure transaction amounts while ensuring they balance out in the Monero network.
  • Zero-Knowledge Proofs: These are a quite interesting cryptographic technology which is gaining more and more popularity in cryptocurrency projects. It’s main purpose is to prove that a transaction or many other kinds data are valid without revealing some important and sensitive details. In Monero, zero-knowledge proofs allow outputs to be spent without revealing the sender or the amount.
  • Stealth Addresses: Stealth addresses, created automatically for each transaction, further obfuscate identities. This is like using different payphones for each call, making it harder to track.

Other Privacy Features

  • Bulletproofs: Improve network speed and reduce transaction fees.
  • Dandelion: Hides IP addresses by splitting transaction transmission into an anonymity phase and a spreading phase. This makes it harder to trace transactions to their origin. Dandelion was implemented in October 2020. IP observations before then are more reliable.

Bitcoin vs. Monero: Comparative Analysis of Traceability

Bitcoin and Monero differ fundamentally in how transaction tracing works due to their respective privacy architectures.

Bitcoin Tracing: Transparency and Linkability

Bitcoin’s blockchain operates as a fully transparent ledger where:

  • Public Addresses: Every transaction is tied to a visible address, which can be linked to an entity if there is an off-chain connection (e.g., an exchange requiring KYC).
  • Linkable Transactions: Inputs and outputs are explicitly associated with addresses, making transaction flows easy to trace.
  • Visible Amounts: The exact amounts in each transaction are publicly recorded.
  • Infinite Traceability: Because all transactions are permanently recorded in a transparent manner, investigators can trace funds indefinitely.

Bitcoin tracing typically involves:

  1. Cluster Analysis – Grouping addresses controlled by the same entity based on spending patterns.
  2. Heuristic Methods – Identifying common wallet behaviors (e.g., change addresses).
  3. Subpoenaing Exchanges – Linking addresses to real-world identities via regulated exchanges.
  4. Transaction Graphing – Mapping the movement of funds across the network.

Monero Tracing: Obfuscation and Limited Data

Monero, in contrast, is designed to hide transaction details through several privacy-enhancing techniques:

  • Stealth Addresses: The recipient’s address is never visible on-chain, preventing address reuse and public tracking.
  • Ring Signatures: Inputs are mixed with decoys, making it difficult to determine the actual spender.
  • RingCT (Ring Confidential Transactions): Hides transaction amounts.
  • Dandelion++ (or similar relay obfuscation techniques): Helps obscure IP addresses used to broadcast transactions.

Monero tracing attempts rely on:

  1. Payment IDs – Some older transactions used optional payment IDs, which can be used to correlate transactions.
  2. Fee Analysis – Certain transactions might have unique fee structures that could make them stand out.
  3. Mix-in Counts – While ring signatures provide decoy inputs, statistical analysis may help identify the real input.
  4. Unlock Times – Some transactions have delayed unlock times that might reveal patterns.
  5. External Data Sources – Investigators rely on external network information, such as IP addresses from Monero relaying nodes, traffic correlation with other blockchain projects, and metadata leaks from wallets.

An Investigative Approach to Monero Transactions

The intrinsic privacy features of Monero present a unique challenge for investigators. Unlike Bitcoin, where transactional data is transparent and readily accessible through public block explorers, Monero obfuscates key details, rendering traditional tracing methods ineffective. This article delves into the nuances of Monero transaction analysis, illustrating how investigators can navigate these complexities using specialized tools and techniques, particularly focusing on the application of Monero specific blockchain investigations tools that exist at the hands of specific blockchain analysis companies.

A fundamental distinction between Bitcoin and Monero lies in their respective data disclosure. A cursory examination of a public Bitcoin block explorer reveals a clear, traceable trail of transactions. Addresses are publicly visible, allowing for the linkage of senders and receivers, and transaction amounts are readily available. This transparency, while beneficial for network verification, poses significant privacy concerns. Conversely, Monero transactions, as observed through a public block explorer, exhibit a stark contrast. Stealth addresses conceal user identities, preventing direct association with real-world entities. The inputs are masked among decoys, a result of Monero’s ring signature technology, and transaction amounts remain undisclosed. In a transaction with a ring size of 11, for instance, each input is accompanied by 10 decoy inputs, effectively concealing the true origin of the funds.

Despite these privacy measures, Monero transactions do leave subtle traces. These “breadcrumbs,” when meticulously analyzed, can reveal patterns and behaviors. For instance, the payment ID field, though optional, can contain arbitrary transaction attachments. The transaction fee, another crucial indicator, reflects user prioritization. Users often employ consistent fee structures, potentially linked to specific wallet software or services. A Monero blockchain Investigation tool can analyze these tools as multipliers of the standard fee, facilitating pattern recognition. Additionally, the number of mix-ins, representing decoy inputs, and the unlock time, the duration before funds become spendable, provide further analytical dimensions. The default minimum unlock time of 10 blocks ensures that recent outputs are not used as inputs in new blocks. Analyzing fee rate multipliers, as displayed in our tool, reveals that while most users opt for the default fee, significant deviations, such as 5, 25, or 1000 times the standard fee, may indicate service-specific behaviors.

A Monero blockchain investigation tool can provide a comprehensive platform for Monero transaction analysis. When opening a transaction, the tool displays the transaction hash and highlights key features. Transaction attributes analysis, or transaction fingerprinting, encapsulates the number of inputs, outputs, and the fee structure. These features, despite Monero’s privacy mechanisms, can aid in user identification. Extra data fields offer additional avenues for fingerprinting.

The IP address broadcasting the transaction is also collected by blockchain analysis firms and can be displayed as additional data that may prove useful in certain cases, especially when directly relayed to IP-collecting nodes in the network. However, it is crucial to note that after the Dandelion implementation, IP addresses may not be as reliable as before.

Potential decoys can be analyzed and ruled out automatically by the tool using fingerprinting and attribute analysis, streamlining the process by highlighting relevant data. The tool can also highlight direct connections and IPs to the IP-collecting nodes, as they could provide useful leads for further investigation. While these IPs may still be masked by proxies or VPNs, they offer a higher confidence level in source identification.

Analyzing the block height at which an output is claimed as an input is another fingerprinting method that helps rule out decoys. The transaction date and millisecond timestamp between broadcasts provide additional data points for pattern recognition.

To illustrate this in practice, consider an investigation into a darknet marketplace administrator suspected of operating from Thailand. A list of Monero transactions, representing Bitcoin-to-Monero swaps through Entity, provides the initial data. By inputting these transaction hashes into a Monero investigation tool, a summary of the transactions is generated. The tool identifies Entity swaps and highlights transactions with identical fingerprints, confirming the service’s consistent behavior. Any significant data points, such as the input transactions and IP addresses associated with known services will be highlighted.

Tracing transactions forward involves identifying co-spends, where multiple inputs from the target transactions are used in a subsequent transaction. These co-spends indicate common control and provide crucial leads. Examining a co-spend transaction reveals its fingerprint, inputs, outputs, and IP addresses.

Further analysis of co-spends may reveal outputs associated with other wallet software or entities which can be subpoenaed for more external data. If it’s not possible to subpoena a certain entity, still it will be useful information because it provides insights into the target’s behavior.

Assume that tracing a transaction revealed an output with all decoys ruled out and an IP address associated with Thailand, aligning with the investigation’s focus. This clean IP address, not hidden behind a VPN or Tor, will be cross-referenced with IP-collecting nodes from other cryptocurrency projects and network. It may reveal clusters linked to centralized entities. These entities, if subpoenaed, can provide records identifying the target in Thailand.

Read More of our Research

Leave a Comment