Episode Details

Monero's ring signatures provide plausible deniability, but they aren't perfect. We model examples where two colluding parties 'E' attempt to learn information about an individual 'A.' By sending outputs to individuals and tracing their transaction graphs, these colluding parties may perform powerful statistical tests to learn significant information, especially for repeated transactions where they would not normally occur by chance.