When an anonymous person posted on a message board last week, claiming to have broken into Optus’ servers and extracted a huge haul of personal information, they asked for a million dollars to make the problem go away. Specifically, they asked for a million dollars worth of the cryptocurrency monero.
For many this may have been the first time they’d heard of monero, the favourite digital coin of the nefarious denizens of the internet. That’s because monero, launched in 2014, is a secrecy-focused cryptocurrency, also known as a private coin.
Though not fundamentally illicit, and not illegal in most countries, it’s an ideal way to send and receive money for goods and services you’d rather keep hidden from law enforcement. Monero, like bitcoin, uses a public ledger. But it utilises privacy-preserving technology to make both the transaction history and the amount held by each person untraceable.
Professor Barney Tan, head of UNSW’s school of information systems and technology management, said monero’s untraceablility is based on three main capabilities.
First, sending money to a monero wallet will look like it is going to multiple wallets on the blockchain. Only the sender and the receiver will know where the money was actually sent.
Second, 10 decoy sources of funds are mixed in with the real source in every transaction, making it very difficult to tell which is the actual source being used.
And third, a cryptographic algorithm known as the Pederson Commitment does not allow anyone other than the sender and receiver to know how much monero was exchanged in a given transaction.
“These features have made it very difficult to know where the money is sent, where the money is coming from, and how much is actually exchanged. You can probably see why this would be very attractive for criminals and people looking to engage in illicit activities,” Tan said.