Chainalysis and Integra: A Quick Look At What's Really Going On
What We've Learned..
After watching their leaked video, is Chainalysis really able to track Monero transactions? That's not quite what's happening here, and I think they are intentionally trying to be misleading for some, but a few things should be addressed based on what we can see from that video. So let's try to break down what we actually know:- Chainalysis has been running a large number of poisoned nodes through the use of their world-wide network, and their admins, referred to throughout the presentation as “our administrators”.
- If one is working through a remote node(Any node besides their own), this potentially leaves one vulnerable to the ongoing deanonymization attack by Chainalysis through these poisoned nodes.
- When an unsuspicious Monero user connects to one of the poisoned nodes, they are able to be served poisoned RingCTs through the node itself, rendering the whole RingCT feature of Monero ineffective in this case by having their anonymity set 1:1, not the 16:1 that is it’s default.
- By running these poisoned nodes, the goal is to attempt to collect all available metadata including IP addresses, transaction timestamps, transaction size and fees, along with some other general information.
In Response..
So where does that leave us? Well I think a key point to take away from this is something that shouldn’t be new to the more experienced Monero users among us, that being running your own node. This is why after watching the video, it really seems to me like Chainalysis is trying to mislead us a little. They haven't been able to truly trace Monero like they've been trying to convey, however they have been able to pick up on little things in ones operational security through the network, so let's take a look at that. As we’ve always known, running your own node is just the safest and most secure way to connect to the Monero network. By doing this, you effectively eliminate the associated risks that comes with Chainalysis by not connecting to any of their poisoned nodes. I’d also like to point out here, there were several points throughout their video where the presenter believed they were looking at transactions from a dark web marketplace admin. However the IP addresses that Chainalysis had observed, proved themselves to be belonging to either a VPN or proxy more times than not. This goes to show, by hiding your IP before connecting to the Monero network you realistically also put a stop in Chainalysis being able to trace you even if you are connected to one of their poisoned nodes. However this places a large amount of trust in your VPN or proxy provider with keeping your information hidden, and as we’ve seen, you can’t connect to a poisoned node if you’re running your own. So if there are any newcomers to the project out there reading this now, or maybe people who just weren't made aware, try to remember that going forward.
Screenshot from Chainalysis video.
As I touched on before, I really don’t believe this is a major cause for concern for the community as a whole, as nothing really new or groundbreaking has been achieved here. However going forward, I think it will be of key importance for all to try and improve on the little things within their own operational security. With just a few of the most basic steps, one can effectively stop Chainalysis in their tracks, at least as of what technology they have available currently. It’s hard to say what this means for the future going ahead with what they can truly accomplish, but at least as of now, with the most simple of operational security practices, your Monero is just as safe and untraceable as it's ever been.
- Rondalin
Comments
Post a Comment