Is there something in Monero transactions that can tie them together in this scenario:

  • send some non-private crypto to an instant exchange
  • exchange it for monero
  • withdraw the monero
  • after some time send some monero to that same instant exchange to exchange it for some non-private crypto

Would the instant exchange have a way to determine if the two transactions are connected to the same wallet (amounts being different)? What time difference between the 2 transactions would be sufficient?

  • monerodOPEnglish
    1·
    20 hours ago

    Here is some more information:

    An instant exchange is a CEX where you don’t register such as Changenow.

    Everything is done through TOR browser. No data is provided except for the non-private crypto wallets. Wallet in use is monero-core.

    The idea is to disconnect non-private crypto wallets from each other (eth, sol, btc).

    Threat model is plausible deniability. Nobody is currently monitoring me, but just in case in the future someone gets interested in me… It’s not a problem if it becomes visible in 10 years.

    My understanding is that the exchange would not have a way of knowing that the xmr it receives from a monero-core wallet consists of the xmr it previously sent to that wallet. Any connection that could be made would be circumstantial at best. Is that correct?

  • jet@hackertalks.comEnglish
    3·
    3 days ago

    You need to be clear about your threat model. Right now everything you do on monero is opaque for now. In 5 years or 10 years, it might be visible. Is that okay?

    Using the same exchange for both sides of your transaction adds a lot of operational risk, they might see your IP address, they might see the transaction size, they might measure your typing speed, browser fingerprinting etc etc etc

    The wallet you use may have some peculiar indication and its transactions, that can make it more easily stand out.

    I recommend reading the monero white papers, they go into a lot of detail about rings and so forth.

    So, if you’re just trying to obscure your VPN purchase, your protocol is fine because the risk is low.

    If your life is in danger if this gets connected to you, then you really need to come up with a very clear threat model, and figure out every step.

    At a minimum, use two different exchanges for both sides of your protocol, transfer from one wallet to a different wallet on the monaro side so that you get different transactional fingerprinting.