I read that in order to break the trace from the sender of my Monero to the recipient of my Monero, I need to make several transactions between my wallets, for example:

someone sent me 1 XMR --> my wallet 1 --> my wallet 2 --> recipient of my 1 XMR

(that i consider 1 additional transaction in aim to break the trace)

Can anyone explain so even layman understands chance/probability of breaking the trace when doing 0,1,2 such transactions between own wallets?

  • azalty@jlai.lu
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    5 months ago

    XMR currently takes 16 outputs per input, where 15 of them are decoys and 1 of them is the true one

    Assuming you’re not using any traceable pattern like churning every 30mins (you should split your churns, avoid churning too frequently), then the formula is 1/(16^(churn amount)).

    So after 1 churn, there is a 1 in 16 chance (6.25%) that this transaction is yours. After 2 churns, it’s a 1 in 16x16 = 1/256 = 0.39% chance that the final output of the route is yours. After 3 churns, 1 in 16x16x16 = 1/4096 = 0.0244%

    The probability decreases exponentially.

    Please note though, that even after 3 churns, it’s still possible to figure out a link with you. 4000 outputs way less than the total amount of outputs in the blockchain, and you can likely be traced depending on your threat model. As an example, let’s say you own a darknet market. If you deposit to an exchange, you’ll be one of the few with a link to the output that came out of the market to deposit. The closer you are to the output, the riskier it gets. That example alone might not put you in trouble, but you’ll be put on a list. Now imagine this happens again. A second list is formed, and you appear in both lists. It is already really unlikely that the same person appears twice. Third deposit, you appear again. Now you’re probably the only one with this pattern.

    Solution? Either churn a lot so that a lot of outputs are in contact (through being chosen as decoys at some point), so you’re not the only one to regularly have outputs linked with the poisoned output. Depositing outputs with no link at the time of deposit would also be beneficial, but that’s not always possible. That’s considering you got the worse threat model, which is a gov sending you outputs and getting them back (through CEXs). Another good solution: withdraw to DEXs!

    • azalty@jlai.lu
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      5 months ago

      By the way, you can churn to your own wallet, as it’s not possible to link the output to the wallet. You can use the wallet accounts feature to separate coins

      Just make sure you don’t use 2 churned outputs together (too early) or you’ll link them, and don’t use a churn output with an unchurned output. Feather Wallet with coin control is a good choice.

      If you’re going to use 2 of your churned outputs together, that could relink the outputs together and make it stand out, although I haven’t really thought about it. It might not be that bad if you’ve churned enough, because at some point it’s logical that outputs from 2 big pools intersect

      • hetzlemmingsworld@lemmings.worldOP
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        5 months ago

        don’t use a churn output with an unchurned output

        You mean that the churning by sending from my wallet to this same wallet(i can also say account or sub account of the wallet) (sending to self) just part of its ballance, will result in churned and non churned outputs in that wallet and these will be joined together if i later (after a week) send a big transaction (or wallet sweep) causing my previous churning be pointless? Maybe in this case is better for simplicity to always churn (part or full balance - i do not know if there is any benefit in sending in parts or in full) to second account within my wallet (instead of sending to self/same address) to prevent this. And i will be sending XMR to a third parties only from that secondary account?

        • azalty@jlai.lu
          link
          fedilink
          English
          arrow-up
          3
          ·
          5 months ago

          You got it right! It’s exactly that.

          I personally put everything on the same account and use coin control to spend only specific outputs but that’s just because I don’t like changing accounts

          You’ll have to know that one you spend an output on the second account, it will pretty much result in a change output that isn’t as much churned (still no link to the original withdrawal, but could be statistically linked to the transaction you just made with it). In the end it’s all about what you think are the capacities of your opponent, their motivation to get you, and the risk for you if that happens. Most of the time and with the current situation, no one is good (nor interested) at statistically tracing XMR, but that might happen in the future.