Super Testnet's avatar
Super Testnet yesterday
It is about the Incognito case, the Columbian drug dealer case, the Finnish blackmailer case. In the first and third cases, the target got charged after they sent their monero to KYC'd exchanges. The authorities sent money to the target by making standard purchases using the interfaces provided by the target (a darknet market in the first case and ransomware software in the third), traced the target's monero to those exchanges, and obtained the target's information from those exchanges. There is nothing disingenuous about pointing out how these cases debunk the supposed "untraceability" of monero. The second case was significantly different. The authorities did not need to send money to the target themselves, instead they found out he used Morphtoken to swap non-monero currencies into monero, so they asked Morphtoken for a list of his to-monero swaps. Then they traced each payment to see if he "slipped up" and forgot to use a VPN at any step. And they found one. At 34:55 in the video (which is here: https://v.nostr.build/D4Nzp22vRF35IRnz.mp4), Chainalysis investigates a case where the “receive” tx – Morphtoken -> Target – happened on 2020-10-02 at 11:26 am, as seen from 34:03—34:15, and its txid is febcf2df049586a5b8c55e17f7627ce3751d19976f9f0c07dccd4836dbd7f3d1. This tx paid the target in output1, with this pubkey: 98c88d7d6cee177fdd675763a51c451f36a3de026607fa5d7d1ed1eded0f5a1d, though they confusingly call this output “change” even though it’s an exchange payout. The tx returns the change to morphtoken in output0. They follow the output that they call “change” (even though it’s a payout to the target, not change) to a tx with this txid: e4f525b214ef7310b53dd2e81be42801c7ee1a7c259ac0a093d813b493a788a8, and then – at 35:08 – they identify the above-mentioned pubkey (98c8...5a1d) as the sender. Chainalysis says that the target probably sent his money to one of two places: Exodus Wallet or a mining pool – in a transaction that occurred on 2020-10-02 at 12:15 pm. They follow his “change” output, output 1, with this pubkey: 838bdcee6c15000a259f9f58172794a1a1bd132750f29aee1ed33bd7de94c85b (at 36:36) to a tx with this txid: a5202cb022921d624d0e9a40a9d7e0cdc4d9cfeb0be11501414fe5a9c0cdd2a8. Then – at 36:51 – Chainalysis identifies the above-mentioned pubkey (838b...c85b) as the sender, and from this transaction -- which was sent without using a VPN -- they learn the target's ip address. Then they looked it up in another tool and found that it was also associated with prior usage of a Centralized Exchange or a Merchant POS (on 2020-10-02 at 12:50 pm), one of which confirmed that they had his identity info, which is how they nabbed him. Again, it is not disingenuous to point out that, in this case, monero's traceability was the target's downfall. It was due to tracing monero through several hops that they found the target broadcasting transaction a520...d2a8, where they obtained his ip address. Without the ability to trace monero, they wouldn't have learned he sent that transaction, and would not have gotten his ip address.
↑ Parent

Replies (3)

Hanshan's avatar
Hanshan hanshan@hanshan.io yesterday
Uh, let me remind you that your note was about fungibility. Not traceability. these are different things. but putting aside that you are unclear what point you're trying to make for the moment, as you obviously know, but refuse to acknowledge, the Monero community was aware of these problems with ring signatures BEFORE they were implemented. and were making videos to educate people about these problems AT LEAST 6 years ago. what is disingenuous is crowing about it as if it was some recent discovery of your own that people refuse to acknowledge. so another nothingburger from STN.
1 replies ↓
Default avatar
npub1ah3a...l76e yesterday
I do get your point. I like how deep you dig. This is necessary to improve the code base. It's not some unknown things, though. Those people got caught for better or worse because they did something that the current state couldn't ignore AND they didn't follow the protocol. Monero devs made and make clear that threcare certain ways to leak information. Some have to do directly with Monero and will only get fixed over time like ring signatures. Other things depend on difrent levels of opsec. If one operates outside the law one needs to put in the work. KYC is colloquially reference as KILL YOUR CUSTOMER. Any person is encouraged to learn about the dangers and mitigation strategies.
Super Testnet's avatar
Super Testnet 19 hours ago
I don't think I have ever said the ring sig store vulnerabilities are a new discovery. I frequently point to prior discussions of that vulnerability and other ones in the Breaking Monero series and on monero.com. I hereby acknowledge it in this very post, which adds one more acknowledgement to a long list. So you can no longer say I refuse to acknowledge it. Also, untraceability is a precondition for fungibility, because tracing X through a blockchain requires identifying X in a crowd. Monero can be traced through the blockchain, therefore an xmr token can be identified in a crowd of other xmr tokens, therefore it is not fungible.
1 replies ↓