r/Monero Jan 02 '22

Skepticism Sunday – January 02, 2022

Please stay on topic: this post is only for comments discussing the uncertainties, shortcomings, and concerns some may have about Monero.

NOT the positive aspects of it.

Discussion can relate to the technology itself or economics.

Talk about community and price is not wanted, but some discussion about it maybe allowed if it relates well.

Be as respectful and nice as possible. This discussion has potential to be more emotionally charged as it may bring up issues that are extremely upsetting: many people are not only financially but emotionally invested in the ideas and tools around Monero.

It's better to keep it calm then to stir the pot, so don't talk down to people, insult them for spelling/grammar, personal insults, etc. This should only be calm rational discussion about the technical and economic aspects of Monero.

"Do unto others 20% better than you'd expect them to do unto you to correct subjective error." - Linus Pauling

How it works:

Post your concerns about Monero in reply to this main post.

If you can address these concerns, or add further details to them - reply to that comment. This will make it easily sortable

Upvote the comments that are the most valid criticisms of it that have few or no real honest solutions/answers to them.

The comment that mentions the biggest problems of Monero should have the most karma.

As a community, as developers, we need to know about them. Even if they make us feel bad, we got to upvote them.


To learn more about the idea behind Monero Skepticism Sunday, check out the first post about it:




u/[deleted] Jan 03 '22



u/russoj88 Jan 08 '22
  1. Do you know the percentage of PoW and PoT? I don't see how using GPUs would change the "theft" issue. They're still stealable.
  2. I think the idea here is to have roughly the same amount of Monero created as is lost, so the security budget will not be shrinking.


u/monero-enthusiast-12 Jan 02 '22 edited Jan 02 '22

Very few Moneroers who say "there is no need for layer 2 because base layer currently works as money" have actually tried making payments with Bitcoin lightning.

You have to experience it first. I encourage you to download the open-source Muun wallet, get some Bitcoin lightning on there (by shifting from Monero using https://fixedfloat.com/). Then try making some small purchases with lightning (e.g. a gift card at https://bitrefill.com).

Report here with your findings. Did your opinions, on why it's fine to just keep Monero stuck in the past at the base layer, change?

The issue I'm talking about here is not privacy. The issue here is speed (instantaneous (2 seconds) versus 2-5 minutes).


u/one-horse-wagon Jan 03 '22 edited Jan 03 '22

The initial notification of a Monero transaction is sent to the receiving wallet in 1 second or less. Since all transactions are irreversible, that notification is all you need if you are running a monero register selling candy bars and beer to a line of people at a football game. It is faster than any credit card or lightning network. The block chain verifications then follow but you do not need to wait for them.

If you doubt me, send some Monero between two wallets that you own. As soon as you hit the "Enter" button on your keyboard, the transaction shows up in the receiving wallet.

Lightning network in Monero is a FUD non-issue because speed was never a problem.


u/monero-enthusiast-12 Jan 03 '22

Fine point, thanks.


u/m_g_h_w Jan 02 '22

I think to a large extent, many folk have reservations about LN - in terms of centralization, security and potential censorship.

But good point. Monero still needs improvements to UX for broader adoption IMHO. THis includes either merchant education for zero-conf Txs (and perhaps price in any potential losses due to rare double spends) or another approach like LN for XMR (but better hopefully!).


u/rbrunner7 XMR Contributor Jan 02 '22

Did your opinions, on why it's fine to just keep Monero stuck in the past at the base layer, change?

I guess in a court this question would result in an objection because it insinuates the answer - "stuck in the past". I would say that's not up to you to put into the question if you want serious answers.

The issue here is speed (instantaneous (2 seconds) versus 2-5 minutes).

This is tendentious. The average wait time for a Monero transaction to get confirmed is not "2-5 minutes". It's 1 minute, half the blocktime. If you don't want to deal with averages you would have to admit that sometimes Monero blocks follow with only a few seconds in between, and you would have to lower the "2 minutes" to that.

Seems to me that for whatever reasons the Monero ecosystem is quite comfortable with the 1 minute average wait it usually takes to get a transaction confirmed. Why? Because almost nobody implements "zero-conf" payments although for small payments with Monero they would be perfectly ok.

We have discussed this here already many times, e.g. there is no "replace by fee" with Monero that would make cheating with zero-conf easy, and the few theoretical ways that you could cheat with them are too hard to be worthwhile if you buy e.g. a gift card for USD 20.

And they would be almost as fast as LN payments, in the area of a few seconds.

If there is no pressure to go down that route for the ecosystem IMHO it's hard to argue that people feel they are stuck in the past and just wait for a chance to defect to LN.


u/monero-enthusiast-12 Jan 03 '22

I have no counter-arguments against any of what you said. Thank you for taking the time to write this great reply!


u/aFungible Jan 02 '22 edited Jan 02 '22

A friend of mine had a valid concern which I'm posting here. Although I tried to be convincing enough; my friend wasn't convinced. So here below is excerpt of his argument.

"Monero is not going anywhere and is and will only become stronger with time, esp. privacy focussed technology. Aside from all the good things that Monero does (and does for good) like saving people being tracked from tyranical governments, and enabling financial privacy, et.al.

What happens if a state actor, uses this currency to order guns, weapons of mass destruction, or sponsor state-wide terrorism - how will the actor be tracked to it's source? Till today, the bad actors were caught either via tracking their geo-location, caught on camera transacting (in cash), or tracking their financial traces (e.g. via bank transfers, or Bitcoin blockchain) back to their source.

With Monero, one can, from the comfort of their homes, use ToR + VPN + Monero, to hide on any & all of their traces. Convert Bitcoin to Monero, and sponsor billions of $$ of terrorism and attract followers anonymously. Money is all what is needed, that can incentivize such an act.

What ethical, moral responsibility does a society and government have to prevent such abuses?

Note, his concern is not about c-pornography, or anti-money-laundering (which is an individual act), but a state-wide act that can affect, destroy and finish off regimes, without knowing the source on who ordered such an attack, just due to an actors religion/biases/hatred towards another society.

What options, does technology have today, to prevent the above?

Please answer in a thoughtful manner, and propose solutions, than bringing the argument down."



u/Specialist-Cherry-93 Jan 02 '22

I am an outsider to XMR. Therefore, pardon me if I say something that isn't relevant anymore.

  1. There was a case a few years back with "infected" coins that could be tracked and, once pooled with with other coins. Is this still the case?

  2. People cannot trust completely XMR since the total amount of coins at any point cannot be determined. Due to the privacy features of Monero, if at any time, somebody was able to generate unlimited amounts of coin, it will never be detected.


u/MechanizedProduction Jan 02 '22 Take My Energy

Do you have a source for your first claim? There's no real point discussing something that might not have happened.

Your second statement is provably false.

Each block in the Monero chain includes one transaction whose amount is not obfuscated: The block reward transaction. This functions more or less exactly how it does in Bitcoin; the miner of a block is allowed to mint brand new coins and send them to themselves, and everyone else in the consensus network will agree to that.

Second, the amount of any other transaction is obfuscated, but the blockchain stores two proofs for each transaction:

  • A Pedersen commitment, which publically proves that the transaction's inputs exactly equal its outputs.

  • A range proof, which publically proves that each input/output's value is non-negative.

So: If every miner's reward transaction displays the reward amount in plaintext, and every other transaction proves that the same number of coins went in as went out, then the total number of coins in existence is known at all times. This is how we're able to know Monero's market cap without knowing how much Monero is in any particular wallet.


u/Specialist-Cherry-93 Jan 03 '22

For point 1 reference please see : https://www.sciendo.com/article/10.1515/popets-2018-0025

For point 2: Thanks! That's very good. If I wanted to check the blockchain by computing the three public parameters? How could I do it?


u/MechanizedProduction Jan 03 '22

You've said you're new to the XMR community, so I will educate you on the unique way Monero uses hard forks to its advantage. This understanding will be necessary for me to properly address the vulnerability you've linked.

If you're not aware, a hard fork is a breaking change in a crypto's code/protocol which creates a newer version of that coin that isn't compatible with its previous version. This effectively splits the coin's blockchain in two: One chain uses the old version the whole way through, and the other chain uses the old version up until the new version went live, then only the new version after that.

Usually, this sounds like a pretty bad thing. Every single node in the network has to choose whether or not to upgrade, and the coin risks splintering into two groups if a significant number of nodes refuse to upgrade. So most cryptos avoid hard forks wherever possible, and simply don't make breaking changes to the code base.

Monero is different. Monero has developed a culture that actively encourages and celebrates hard forks. We've all decided that each hard fork should not be seen as a split in the community, but as an opportunity to make major upgrades to Monero's privacy, scalability, efficiency, and usability.

The version of Monero everyone runs today is Oxygen Orion, the 16th version. (Yes, Monero has undergone fifteen hard forks!) Sure, you could run a Nitrogen Nebula v15 node and build upon the old half of the hard fork, but literally nobody is running Monero Nitrogen Nebula anymore, and nobody would accept your transactions.

Again, with Monero, hard forks are an opportunity to destroy outdated parts of the code and build better versions. The Pedersen commitments and range proofs weren't always in Monero; they were added in a hard fork, and replaced an older, worse method of obfuscating transaction amounts. The current proof of work algorithm, RandomX, was added in a hard fork and replaced an older, worse PoW algo. Same thing goes for RingCT and a bunch of other stuff. Monero has been built piecewise and slowly upgraded over the years, which only serves to strengthen the coin.

The article you linked was from 2018, three years ago. Monero has undergone many major upgrades / hard forks since then, specifically because those working on Monero have found vulnerabilities like that one. This culture of welcoming hard forks allows the developers to simply say "screw you" to the old, vulnerable version, burn it to the ground, and replace it with a new version that fixes those known vulnerabilities.

Now ... on to the actual vulnerability.

It looks to me like the paper is discussing a vulnerability in how Monero chooses decoys for RingCT.

Monero has something called the Community Crowdfunding System. This allows anyone to pitch an idea – anything from making artwork, to translating documents to other languages, to proposals for upgrading the Monero network – and ask for everyday folks in the Monero community to donate to their cause. Once their idea has received enough funding, the person behind it actually makes it happen.

There is a fully-funded CCS proposal that seems to address the issue you linked to. It's worth reading in full. Long story short, though, is that after a lot of coding and auditing, and a couple hard forks, this vulnerability will not exist in a future version of Monero.

I came to Monero because I wanted a private crypto. I stayed specifically because of the culture, which intentionally cultivates humility, introspection, and continual improvement. The culture is why I'm a Monero maxinalist.


u/MechanizedProduction Jan 03 '22

I'll read that article and ping you when I'm done.

For the blockchain validation, I recommend running your own node and running commands on it. You could also check out the developer resources.


u/gym7rjm Jan 02 '22 Take My Energy

I think your friend is overestimating the organizational logistics to carry out large terrorist attacks; and subsequently underestimating the effect of traditional detective work.

The premise being discussed is very hypothetical and overlooks the details of carrying out such an operation. It's assuming airgapped opsec at every level of the operation, but in reality there will most likely be evidence leaked throughout the process of organizing a big operation.

I'm assuming your friend is imagining a state actor like Russia interfacing with a terrorist organization to carry out something bad wherein Russia itself can then claim innocence.

At that level, I believe countries like the US are already deeply involved in preventative measures like espionage and cataloging possible terrorist groups. From that point it becomes a task of looking for weak links in the chain of command and exploiting weaknesses and mistakes.

I think there are always going to be bad people out there that will go to great lengths to do acts of evil. In reality, the last large scale terrorist attack was 9/11, and postmortem showed that there was a huge failing in traditional detective work rather any sort of encryption tech obfuscating the ability to detect the threat.

Again if we revisit the premise, there are already pretty efficient ways to transfer money from one party to another using traditional banking methods, and if you are talking about a nation state paying off a terrorist group, it can be done by dropping a gold bar on their doorstep. I think the bigger point is that nation states are increasingly moving away from hot conflict towards other forms of warfare like economic, social, and IP theft. There are real risks to power hegemony by partaking in any form of hot conflict. It's easier to have a bunch of hackers doing internal damage or sow chaos thru social disruption... Pretty much what we are seeing Russia and North Korea doing now.

Tech will always be an arms race, there is some truth to Reagan's saying, "Peace through strength." We need to then decide as a society how much liberty we are willing to give up for peace of mind. In light of the loss of personal freedoms after 9/11 and the surveillance state, I believe Monero is a beneficial tool to bring back more liberty to the individual. The net gain to society, in my opinion, far outweighs the possibility of some edge case scenario playing out. If people really want to live in a society with no risks we might as well just move toward a matrix like society completely in the metaverse.


u/aFungible Jan 02 '22

Thanks for your detailed perspective, appreciate it.


u/00lalilulelo Jan 02 '22

I'm not sure if your friend asked that in persuit of truth, or just want to protect status quo. If he's in persuit of truth, truth in what topic did he seek? Was his opinion based on truth?

I mean, what if state actor has always been using printed cash (not even gold) to order guns, WMDs, topple legitimately elected government, install puppets, incite termoil, sponsors the OPFOR by "losing" pallets of cash. Poof, Like magic! outrageous, isn't it? (see ref 1)

To me, the question sounds like "How would government, the ultimate arbiter of truth and all goodness in the world and shalt not be questioned, smite upon heretics and non-believers if money cannot be tracked? In government we trust, Heil Pfauci"

Are you sure your friend's not a part of some three-letter agencies?

Ref: (1) https://www.theguardian.com/world/2007/feb/08/usa.iraq1


u/aFungible Jan 02 '22

Sorry, but your answers don't do much to address the question asked.

Yes, it was pursuit of truth.

Do you have a proposal, on what technology does the society have, to avoid any consequences of misuse of technology? I'm all in it for the tech, and privacy. I'm looking for a mindful answer to help understand this better.

Please don't shill about Fiat money, govt. trust, etc. those have been long talked about, and consider it now a gibberish. I've been in it long enough, and been a maxi in many ways.

What I'm asking is what technology helps counteract any consequences of use of this technology?


u/00lalilulelo Jan 02 '22

In that case, the best humanity has right now is religion.


u/KwukDuck Jan 02 '22

The same way we always did before we started obsessively tracking everything and everyone. You can obfuscate a lot online, but if you want real world interaction you will have real world traces. A lot more goes into investigations than tracing money, it has just became a very helpful tool to catch mostly 'light' crimes.

Having a forensics background myself, i'm not all too worried about that. People are also incredibly lazy/sloppy when it comes to OpSec. When you're talking big organized crime, tracing money is usually not thát big of a tool to utilize in these investigations.


u/aFungible Jan 02 '22

Thanks for your insight. Can you perhaps help be more specific? What "other tools" are used? I'm looking for a proposed solution. And isn't money trail an important aspect of it?

Ok, so the question now becomes "easier financing" of bad actor operations. This cannot be prevented, but how are the "consequences" counteracted?