Get yourself a crypto tee or surprise a crypto enthusiast in your life with our festive Coin Bureau Merch!
Monero Forking Risk Airdrop
5 min read

Could Monero Forks and Airdrops Compromise User Privacy?

By Editorial Team

Hardforks and airdropped coins are always an attractive opportunity for cryptocurrency users. These are viewed as free giveaways and are often viewed as a bonus for the coin holder.

Users often make the assumption that using the forked coins is risk free and will not have any impact on the security of the legacy chain. This is often a misguided assumption and there are risks that come with claiming badly forked coins.

In the case of Monero, a Reddit user raised a valid concern around how a fork would impact user privacy on the main chain. Given that privacy is of utmost importance to Monero users, it had quite a few users slightly concerned.

Let’s take a deeper look.

Unsafe Forking

A potential risk that many may know about when forking a blockchain is that posed by replay attacks. This is essentially the risk that someone can use your transaction credentials on the separate chain to forge a similar payment.

This risk exists because the signature that you have on the one chain is valid on both. Hence, if you send a transaction on the forked chain to someone, they can use the same information in the legacy chain to repeat the payment.

Developers have usually been able to mitigate the risk posed by a replay attack through the use of replay protection. This replay protection, for example, was implemented in the Bitcoin Cash fork last year.

However, the risk that could potentially be posed by hardforking Monero has to do with the use of Key images and decoy transactions. These are the backbone of the Monero protocol and allow users to completely hide their transaction information.

If these terms are foreign to you, then we suggest you read more about it in our Monero overview.

Identical Key Images

Key Image Risk Monero
The “Key” to the Transaction

The question was first posed casually by a user on the the Monero subreddit. The OP was musing out loud about the possibility of taking part in the Monerov hard fork that was happening in March.

However, the question he posed was far more fundamental than many initially thought. This is because the similarities between transactions on the separate chains could weaken the privacy of the user on the original Monero chain.

More specifically, the Key image that is produced on the two different blockchains will be identical. In each of those Key images will be 4 decoy transactions together with the real transaction output. This is done to hide the transaction from public view.

Hence, someone could identify the actual transaction output by cross referencing the identical key images on the two chains. This means that you have already removed a layer of privacy from your transactions.

Many may then think that they can just ignore the fork, not spend on the forked chain and keep their privacy completely 100% secure on the Monero legacy chain.

This is unfortunately not the case and it could lead to the potential of all user’s privacy being compromised by the transactions of a user who has spent on both chains. This all has to with the decoy transactions.

Identifing the Decoys

User dnale0r was able to very comprehensively go over the risks that all users faced from transactions across the chains. He was able to effectively explain how users who spent on both chains compromised their privacy.

However, he also analysed the other “side of the coin” from the perspective of the decoy transactions being identified as decoys. If someone was able to identify the identical key images and then extract the actual transaction output, they would know that this was spent and hence could have been a decoy in a previous transaction.

This unmasking of the decoy transactions removes a layer of plausible deniability to the transaction that existed before. dnale0r was able to effectively summarise the threat posed as such:

So the fact that another user broadcasts a transaction on the XMR-chain, weakens the privacy of another user!

So, quite simply, the risk of deanonymization of transactions increases the more people choose to transact with the decoys across the two separate chains.

Potential Solutions Proposed

It is clear that this threat is created by users who decide to transact on chains that are identical after the hardfork. Hence, the ecosystem is much safer when all Monero users choose not to claim their coins or, at the very least, not transact regularly.

However, given the allure of “free coins” this may be too hard to pass up especially for many of the newer users who were not aware of the threat it posed. Similarly, no one can police how often other users spend their coins and where.

One can only hope that the highly capable Monero core team is working on a potential solution that will reinforce the protection of the main chain in the face of these forks.

Images via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Related Posts

FTX Exchange
Withdrawals not Halted at FTX: Instead Binance will Buy FTX
FTX Exchange

Withdrawals not Halted at FTX: Instead Binance will Buy FTX

November 9th, 2022 3 min read
crypto gifts
Top 10 Best Crypto Gifts in 2022
crypto gifts

Top 10 Best Crypto Gifts in 2022

December 2nd, 2022 25 min read
OKX invests in WAX
OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX
OKX invests in WAX

OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX

June 3, 2022 2 min read
Binance partners with the weekend
Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour
Binance partners with the weekend

Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour

June 3, 2022 2 min read
21Shares Releases Sixth State of Crypto Report
21Shares Releases Sixth State of Crypto Report: Summary
21Shares Releases Sixth State of Crypto Report

21Shares Releases Sixth State of Crypto Report: Summary

June 2, 2022 3 min read
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

June 2, 2022 2 min read
Regulators are “Not Allowing” Banks to Engage with Crypto
Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto
Regulators are “Not Allowing” Banks to Engage with Crypto

Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto

June 1, 2022 2 min read