Monero Talk

Breaking Monero Episode 09 Poisoned Outputs (EAE Attack)

February 8th, 2019  •  31 mins 41 secs  •  Download (22.5 MB)  •  Link with Timestamp

RSS Feed

Monero's ring signatures provide plausible deniability, but they aren't perfect. We model examples where two colluding parties 'E' attempt to learn information about an individual 'A.' By sending outputs to individuals and tracing their transaction graphs, these colluding parties may perform powerful statistical tests to learn significant information, especially for repeated transactions where they would not normally occur by chance.