Recently, Reuters published a report on Monero [XMR], a leading fungible coin. The news organization stated that this was part of its series that “examines the features and characteristics of some of the alternatives to Bitcoin that have grabbed the attention of developers, investors and regulators,” with Monero being the first altcoin.
However, the community did not seem to be very pleased with the content presented in the article, with Monero Outreach, a work group of the decentralized Monero community, responding with another blog post.
About Monero, Reuters stated that the cryptocurrency enabled users to “conceal” almost all the details of a transaction. It further distinguished the coin from Bitcoin, stating that Monero’s transactions obscures the from and to addresses, as well as the amount involved in the transaction.
On the reason why the cryptocurrency was gaining attention, the Reuters report highlighted the Norwegian kidnapping case, where the fungible coin was demanded in ransom. The report went on to state,“The unusual request underlined a growing trend for criminals to seek alternatives to bitcoin, which through its first decade has become the cryptocurrency of choice for illicit activities from buying contraband to laundering money, cybersecurity experts and law enforcement agencies say.”
Further, it pointed out the use of the cryptocurrency in the darknet marketplace, stating that three out of the five biggest marketplaces accepted the fungible coin as a mode of payment. Nevertheless, the report did mention that Bitcoin continued to be a “widely used” digital asset for darknet payments. Following this, the report also highlighted the coin’s involvement in crypto jacking, remarking that 4 percent out of the total 17 million coins in circulation were mined using malware.
On who uses the cryptocurrency for a legitimate purpose, the article said,“Data on who uses Monero and why is scarce. That’s a challenge for understanding the usage of any cryptocurrency, even more so for one designed to obscure its tracks”
This report was soon met with a response from one of the teams dedicated towards the development of the Monero ecosystem, Monero Outreach. A blog post titled ‘A Response to Reuters’ that was published on 20th May, stated,
Further, the blog post listed down the reasons why the coin had gained attention. This included the underlying code improvements that made it “more efficient, faster, and more user friendly,” the coin gaining the position of a leader among fungible coins, and its contributions to academic research. The team further stated,“Lastly, the article mentions ‘cryptojacking’, while neglecting to discuss the issue of botnets in general and how they are a problem with computer operating systems. Monero cannot control the security of operating systems, which would be primarily responsible for eliminating botnets.”
This was followed by the Monero team emphasizing that the leading cryptocurrency was a “fungible coin,” and not a “privacy coin.” It also pointed out the “view keys” feature of Monero, where the key “is associated with an address” that enables users holding it the “ability to audit the address without being able to spend the funds.”
New Monero Botnet Looks Like Last Year’s Outlaw Attack
There’s another Monero mining botnet that’s targeting China. Or maybe it’s one we’ve seen before.
Bloggers steeped in the hacker-verse recently exposed a URL spreading a botnet that looks suspiciously like one unleashed by the Outlaw hacking group last year. The Outlaw outfit — a name coined by its discoverers at Trend Micro, who translated “the Romanian word haiduc, the hacking tool the group primarily uses” — is infamous for its previous release of a Perl-based shellbot that infiltrates through weaknesses in the Internet of Things.
The new attack, uncovered by Trend Micro’s honeypot security systems, has been restricted to computers based in China so far. The malware is spread through a malicious URL which bundles in a Monero-mining script and a backdoor-based exploit.
Trend Micro estimates that hackers have used crypto-jacking to mine $250,000 per month in Monero.
The Outlaw botnet uses a brute force attack and Secure Shell (SSH) exploit to give the attackers remote access over victim’s systems. A more detailed report of Outlaw’s previous attack showed that once the attackers have access, the malware executes commands to download and install the cryptocurrency miner payload. Additionally, if the malware detects cryptocurrency miners already installed on the system, it will delete them to reduce competition for system resources.
The security experts also noted that the backdoor component is also capable of launching distributed denial-of-service attacks which would allow the cybercriminals to monetize their botnet not only through mining, but by offering DDoS-for-hire services.
However, because the scripts haven’t been activated, Trend Micro believes the hackers are still in the testing and development phase. They suggest the malware may be laying dormant until future editions of the botnet are released.
This comment lead TheNextWeb to speculate whether the botnet has mined any cryptocurrency or made any successful attacks yet.
Inside Monero’s ‘Last Ditch Effort’ to Block Crypto Mining ASICs
Developers behind the cryptocurrency monero are ramping up efforts to keep specialized mining hardware from dominating its race for rewards.
Of the coins that have a strong privacy focus, monero – launched in 2014 – possesses the largest market capitalization by far with an estimated $1.5 billion valuation. The annual mining rewards generated by the now 5-year-old blockchain total roughly $62 million, according to data site Messari.
But such rewards appear to be increasingly falling into the hands of ASIC operators, nudging out smaller, independent or hobbyist participants. To keep an even playing field, monero developers have conducted regular hard forks to stave off ASICs – but analysis suggests that this approach has proven ineffective as of late and that ASICs are keeping ahead of such efforts.
“ASIC manufacturers can make equipment far faster than we expected,” said monero contributor Justin Ehrenhofer. “It takes maybe a month for them to have chips designed and in production so they generally can still make a return on investment even within a six month period.”
Diego Salazar, another monero contributor, told CoinDesk:
“We [also] saw that this was very unsustainable. … It takes a lot to keep [hard forking] again and again for one. For two, it may decentralize mining but it centralizes in another area. It centralizes on the developers because now there’s a lot of trust in developers to keep hard forking.”
As such, monero developers are moving forward with activation of a new mining algorithm known as RandomX, designed to render ASICs non-competitive.
The new code is based off the work of Howard Chu – CTO and founder of computer software firm Symas Corporation – who also developed the database type the monero blockchain presently runs on. Four different audits of the RandomX code are now being completed for an expected code freeze date by July.
As it stands, the algorithm could go live in October.
“We’ve ultimately come to consensus in general that RandomX is what will be implemented. It’s our best shot to preserve monero as it was founded,” said Ehrenhofer. “If this fails then monero will probably move to an ASIC-friendly algorithm.”
According to Salazar, RandomX is monero’s “last ditch effort to keep ASIC’s out.”
Putting CPUs at the fore
RandomX according to Chu is designed to be “CPU-centric.”
As opposed to application-specific integrated circuits (ASICs), central processing units (CPUs) are a type of computer hardware designed for multi-purpose use.
Calling it a “spectrum of computing power,” Salazar explained:
“On one end, where computers are a jack of all trades are the CPUs… On the other end, computers which does only one thing but extremely well are ASICs.”
CPU’s are the most widely distributed computing resource in the world, according to Chu.
“Practically everyone in the world now has a smart phone in their pocket with a CPU and memory that’s capable of mining RandomX,” highlighted Chu.
With maximum miner decentralization as the goal, Chu predicts that RandomX will preserve an advantageous lead favoring CPU miners over ASICs for at least the next three to five years.
Leaving GPUs behind
At the same time, estimates suggest the RandomX algorithm favors CPU miners over not only ASIC miners but GPU miners as well.
Graphics processing units (GPUs) are optimized for what Chu calls a “graphics workload which tends to be very sequential.”
“Data goes in at the head of the pipeline and you do some munching on it and it all spits out at the end of the pipeline,” Chu said. “The main emphasis there is fast transfers of data from the input to the output, pretty much in a straight line.”
For monero’s current mining algorithm, called CryptoNight, GPU miners take the lead over CPUs in terms of computation and energy efficiency. Originally, however, even CryptoNight was intended to boost CPU performance over other types of hardware.
“It’s really again kind of an accident of fate that [CryptoNight] turned out to work fairly well on GPUs. Nobody expected CryptoNight to be good on GPUs and it was anyways,” explained Chu. “The fact is today GPUs have so much memory and so much massive memory bandwidth that it’s not very much of an obstacle when it comes to CryptoNight, which was designed back in 2013 or so.”
Soon, with the activation of RandomX, Chu predicts CPUs to be “at least three times better than GPUs” at mining on the monero blockchain.
And while this has disgruntled “a very vocal but extremely small minority” of GPU miners, Ehrenhofer maintains that “people with GPUs can always either resell or repurpose their hardware.”
“If I have a monero ASIC, I don’t have that same economic option available,” said Ehrenhofer.
As such, despite the impact RandomX will have on not only ASIC miners but also GPU miners on the monero network, Ehrenhofer maintains:
“I’m not concerned about a community split here because RandomX is the closest algorithm that we can pick that retains a vast majority of monero’s ideals.”
Perhaps a more realistic concern in the mind of Ehrenhofer and others is the proliferation of botnets on the monero network as a result of a CPU-friendly mining algorithm like RandomX.
“The basic concern is there’s millions or hundreds of millions of computers that are out there that are poorly secured,” explained Chu. “It’s very easy for malware to invade these computers and take them over to do whatever a particular network operator wants to do.”
Such botnets, infected by malware, have always been somewhat of an issue on monero, according to Ehrenhofer.
“Monero is by far the most illicitly mined cryptocurrency at the moment and it has been for several years,” Ehrenhofer said. “RandomX does not prevent people from crypto-jacking and other nefarious versions of malware.”
Indeed, given that monero’s present mining algorithm – CryptoNight – has always favored CPU and GPU mining, Ehrenhofer notes that there are resources in place on the monero website and other related forums to help users who’s devices are impacted.
Even still, efforts to bootstrap RandomX have seen support from those outside of the community, particularly by other crypto projects that might make use of CPU-friendly mining algorithm.
Arweave, which raised a reported $8.7 million in an initial coin offering (ICO), is teseting RandomX.
“An ASIC-resistant proof-of-work algorithm like RandomX will further enhance our permanent, low-cost, tamper-resistant storage network,” said Sam Williams, founder and CEO at Arweave, in a press releasefrom earlier this month. “RandomX helps us ensure that power over the decentralized content policies in the Arweave network remains well distributed across many globally distributed parties.”
To this, Arweave has funded one of the four audits over the RandomX code.
Completed officially on Friday, the audit cost a reported $80,000 and was conducted by security firm Trail of Bits. Speaking to CoinDesk in an interview, Williams explained:
“It was one of our hopes going into the audit process that by helping to fund it we could do a small public service by making sure other [crypto] projects can see there is a programmatic proof-of-work algorithm that is likely ASIC-resistant in practice without fear of security.”
The other three audits totaling $130,000 that are still to be finalized by security firms Kudelski Security, X41 D-Sec, and QuarksLab were funded through crowd-sourced donations from the monero community. They are expected to wrap up by July, according to Chu.
The next step after that is an eventual launch of the algorithm on a public monero test network before a tentatively scheduled mainnet activation this October.
For all the discussion that has gone into preparing RandomX for a mainnet implementation, Ehrenhofer maintains that the true benefits of RandomX won’t be certain until it’s live on the network.
“We don’t know if RandomX will work yet even if all the audits come back and they say your cryptography is pretty good. We don’t know in practice how things will actually turnout,” warned Ehrenhofer.
But the worst-case scenario in Ehrenhofer’s mind if the algorithm proves to be unsuccessful is a switch to an ASIC-friendly mining algorithm similar to the one currently utilized by bitcoin.
“I think if RandomX does fail and monero switches to something more ASIC-friendly, many in the bitcoin community will tell us, ‘I told you so.’” Ehrenhofer joked.
Even so, Salazar maintains that monero should have the runway to try new things and fail at them.
“Isn’t the idea to see what’s going to work best so that one day we can have a good digital, private, fungible cryptocurrency?” Salazar asked. “If monero is not but a stepping stone to get to that good currency then by all means let monero be the lost leader.”
“The monero people are nothing if not resilient nerds that decide to take on the man. So we said, ‘You know what? Let’s give this a go, one last ditch effort.’”source:w.coindesk
Monero’s [XMR] Riccardo Spagni: Facebook, JPMorgan Chase launching their own coins is really interesting
Riccardo Spagni, the lead maintainer of Monero [XMR], recently spoke about one of the most controversial centralized cryptocurrencies making a debut in the cryptocurrency market. In a conversation with Shannon Grinnell on Speaking of Crypto Podcast, Spagni remarked that the steps taken by JPMorgan and Facebook to launch their own digital coin were “really interesting”.
Spagni went on to explain that this step was interesting because it would reach millions, and probably even billions of people, particularly because of Facebook being one of the most popular social media platforms in the world. He added that these centralized entities would have to launch their own coins [JPM Coin and GlobalCoin] in a “highly regulated fashion.” Spagni also stated that through Facebook, people would eventually find their way to Bitcoin. He added,“[…] what I’m hoping will happen is people will be exposed to cryptocurrencies through something like Facebook and then they will become interested in it and will want something that’s a little bit more, something that gives them more control and more freedom, and then they will start like Bitcoin.”
This was followed by Spagni speaking about the mass adoption of Bitcoin and other cryptocurrencies. Fluffypony stated that he had two perspectives on the subject; mass adoption was “definitely” within grasp, considering all the main factors contributing to the adoption of crypto. Bitcoin could go on to become a “reserve currency,” instead of achieving mass adoption, he added.“I don’t know if I’m convinced that we will achieve mass adoption and instead we will achive something like Bitcoin being the global reserve currency, which is not the same thing as mass adoption.”
He further explained,“Reserve currencies are super useful and become like the underlying currency for like most of the cross border economic transaction in the planet, but it’s not the same thing as being used by a bunch of human beings to buy coffee and pay for their cab fare.”