The TON blockchain has stopped producing blocks for 4 hours. Many, of course, are now taking this opportunity to denounce TON for being centralized and to try and instil panic among holders. Unfortunately for them, if we look at TON's price action, their FUD seems to be falling on deaf ears. The reason is simple. While the current situation warrants caution for TON's users who cannot buy and sell onchain while this issue persists, being centralized isn't something that diminishes TON's value. Decentralization was never part of TON's value proposition. Its user engine, Telegram, isn't competing with Bitcoin or Signal. Telegram competes with X and Meta, not Signal. Also, Telegram didn't build TON to solve the blockchain trilemma. Telegram built TON to improve accessibility and UX for all content creators across the globe, both banked and unbanked. On Telegram one doesn't have to take a selfie with their ID to get a verification badge or to get access to account analytics. So most of these gentlemen yapping about centralization and false advertising seem, at best, a bit lost in the woods. TON is a game changer because for the first time there is a main stream social media app, Telegram, that is outcompeting Silicon Valley giants by offering better UX through better privacy. So if until yesterday sadic psychopaths like Alex Karp and Elon Musk gathered in their men caves to drink and laugh about how easily they can force users to give up any personal data they want because simply what are they going to do? what are they going to use?, today they've realized that their users will inevitably move to Telegram. This is the math behind my conviction that Durov's arrest is a sophisticated attack to try and bring Telegram in Epstein's surveillance club.

If we're to believe the official story, Cassie Heart, the founder of Quilibrium, is rejecting VC offers because they all want to engage in token warrants. Instead, she is looking for sophisticated investors who believe in Quilibrium's long term value creation capabilites and are willing to invest without asking for tokens in return. One can't help but wonder, is she bluffing and if not, what kind of VC invests without requesting tokens in return? There are 2 possible explanations:

1) Cassie is well aware of the centralized essence of her project but also very ambitions, so by sophisticated she means investors with a surveillance & control agenda (like Peter Thiel or Microsoft proxy funds). To put it in deep state jargon, she is looking for access into elite money. I think that's possible but not really plausible. Aside from those I can't think of any other kind sophisticated investors, that peddle in crypto, that are willing to put money in projects without token warrants. Unless, of course, they have a special relationship with the founder (like the one hinted in my tongue-in-cheek bullish tweet this morning).

2) Conspiracies and memes aside, the most likely explanation, in my opinion, is that Cassie has already raised enough seed and most of the money has been invested in a mining operation. The plan is to mine as much as possible of the coin early on while posturing as anti-VC and keeping a low profile to avoid attracting too much attention and competition. This is to make sure that her mining operation gets most of the supply now that rewards are high.

Privacy, decentralization and fair launch are just marketing buzzwords here. Quilibrium can't really claim a fair launch because there is no open source code of the mining algo and there is no fixed emissions curve. So insiders obviously have a huge edge. It can't claim to be a privacy project because it's scope is data hoarding and processing. But their launch strategy reminds me a lot of Kaspa, whose team received $8M in funding that was used to set up a mining operation. And, as they mined, they kept advertising the project as a hobby to outsiders. Just like with Kaspa early on, there are no official Quilibrium social media channels, everything seems community run and even the Telegram group where Cassie hangs out is private. So what do I think of Quilibrium? I think that it's another crypto experiment worth keeping an eye on because it has a strong community where most seem to be drinking the kool aid.

Just like in the previous 2 halving years, the ratio went down (as long term holders took profit in the pre-halving rally), moved up as price consolidated and new holders graduated into the long term holder cohort, and then moved down again when the post halving rally (parabolic phase) kicked in and long term holders took profit again. Finally they mention the sell side risk ratio, which is meaningless other than to confirm the ongoing consolidation and that those selling have been doing so around break even. What else to say? That one should probably bookmark Glassnode's analysis (week 36 2024) as a blatant example of market manipulation. 2019 is mentioned 3 times, 2020 not even once.

For a long time I've argued that Dero offers state of the art privacy, superior even to that of Monero. Monero is traceable through a process known as key image triangulation. This was passingly stated once by Captain in the Dero Discord without further elaboration. With more research, and upon familiarizing myself with the Lazarus' wannacry XMR tracing case, I came up with a mental model of how it coud work and posted many tweets on the attack vector. Other Monero KOLs however rejected my claims as "FUD" because they rested on TXO and key image analysis, and "EAE is well known & key images are indistinguishable". In reality TXO analysis goes well beyond EAE. Today we finally have proof of that. Here is a video of a chain analysis investigator explaining how Monero chain analysis works. This video was recorded in August 2023. Everything I have said so far on this topic turns out to be 100% true.

Here is a clip that I have cut from the Chainalysis video presentation. This part proves how Chainalysis traced monero TXOs for 4 hops, and they could have probably gone on for another 14 hops if required. Therefore Monero TXOs are traceable just like Bitcoin UTXOs. And the vulnerability is not IP address tracking but key image analysis that allows Chainalysis's tool to rule out transactions where an output is used as decoy versus the transaction where the output is actually spent. That allows forward tracing indefinitely. Like I've been saying for a few days now, Monero has just been proven to be completely obsolete and transparent. For those who follow me and know Dero well, this is not really news. We are seasoned crypto users who do their homework regularly. Many others however will have to choose between denial and rationality. And I wouldn't want to be in their place right now, I can tell you that.

Key image analysis is a fascinating riddle from an intellectual point of view, although it's catastrophic for Monero (bc very easy to solve, especially with AI). Many seem to still not understand how KI analysis works so here is another attempt at clarifying it in simple terms. Monero uses the UTXO accounting model, but with a layer of Pedersen Commitments on top. All these UTXOs are then updated quasi-homomorphically by addition and substraction (because PCs have homomorphic properties). So far so good. If not that the structure of Monero is such that being UTXO it must prevent that these UTXOs are spent twice, and for that key images are used. There is no layer on top of key images in Monero, we see them naked as they are in each transaction. Their whole function of preventing double spends depends on them being easily queryable, so the network can detect DS attempts quickly (whenever the same key image appears in 2 transactions). The amount of key images in a transaction tells us the amount of UTXOs that are being spent in that transaction. So each monero transaction consists of a number of key images (1, 2, 3...or higher for consolidation transactions) that is equal to the number of inputs being spent in the transaction, 16 TXOs attached to each key image (among them hides the real TXO belonging to that key image) and transaction outputs (most of the time 2, one the sender's change and the other being receiver's TXO). The riddle is to find out for as many transactions as possible which TXOs belong to the key images present in that transaction. Since these TXOs are used continuously by the network as decoy, by exposing the key image of as many TXOs as possible we can rule them out as decoy in other transactions where they appear but their key image doesn't appear. This is where many Monero enthusiasts get lost, they think to start mapping key images to TXOs we need to solve the DDH problem. To visualize how we can map TXOs to key images without breaking the DDH problem we must simply think that TXOs have metadata: entity they are associated with (referencing centralized party data but not only), blockheight when they were produced, IP that broadcasted them (if user wasn't running a node), fee structure and so on. So an AI can look for subtle patterns in TXO metadata, and whenever TXOs that seem related to the same entity appear among inputs of the same transaction it is highly likely that those are the TXOs being spent. A common pattern human investigators look for is TXOs associated with the same entity as defined by CEX data, but an AI can look for deeper patters in fee structure, propagation time, block height and so on and so forth identifying many pairs or groups of TXOs related to the same people even without knowing who these people are (because they never used a CEX). The key vulnerability here is that the UTXO model fragments user balances in smaller parts allowing for patterns to emerge. Since it's highly unlikely that TXOs belonging to the same entity appear among inputs as decoys, detecting related TXOs allows unmasking their key images in transactions where they appear together. And then it allows mapping even more key images to their real TXOs by excluding the related TXOs that we know have already been spent. Since Monero has no smart contracts, and users have to go through CEXes, an AI is helped massively by CEX data where CEXes report their transactions with their spent TXOs. Since these TXOs appear as decoy in many other transactions, having a database of them accelerates deanonymization further. This is why all Monero transactions up to today should be considered deanonymized, the key vulnerability here is the UTXO accounting model and the presence of key images which allow us to have onchain proof of when a TXO is spent, exposing it as decoy in other transactions where its key image is not present. Contrary to Monero, Dero uses the account model and has both sender and receiver privacy. Dero accounts are updated homomorphically, so one can't spot "related ring members" in dero. And there

are no key images, so even if we know that a certain account was a spender in a certain transaction, we have no way of knowing when that account is spender or decoy in other transactions where it appears among spenders or receivers (Monero TXOs can be spent only once, and when spent their key image must be included in the transaction). Because, contrary to Monero, Dero has receiver rings too. So there is no "receiver TXO" we can associate to an entity. We've got no clue which of the 16/32/128 ring members is the actual receiver. And finally Dero also has smart contracts, which gives users much more autonomy and makes them less dependent on centralized third parties.

The curious case of Rui Siang Lin. Lin was identified as the owner and operator of the darknet Incognito market. Incognito exit scammed in early March 2024, and as if that was not enough, few days later it started mass extorting its own users (in yes this is an extortion style) threatening to dump all their chat records by the end of May unless they paid a fee ranging from $100 to $20k. They also had a status page where concerned buyers could check if the vendors they had bought from had paid the extortion fee (in green) or not (in red). If red, that meant the buyer information of those who bought from that vendor was at risk of being leaked to law enforcement. Lin was identified as the owner and main operator of Incognito and was arrested in May 20th 2024. From Lin's indictment we learn that what led investigators to him was one of his Namecheap accounts which received funds from one of Incognito's BTC wallets to buy a domain in early 2022. In the indictment there are also strong amount correlations through the years between the amount of cryptocurrency deposited in Lin's CEX accounts and the growth in Incognito's trade volume (the platform took 5% from every sale). Overall this adventure netted Lin ~$4.5M in profits. Based on the information published in the indictment it is clear that it wasn't Monero that gave away Lin, but bad opsec.

There is however a curious event that took place in early March, when Incognito started extorting its own users: the Monero network was flooded with spam transactions. Those who heard my X space from last week, will remember that I spoke of how deanonymizing monero basically boils down to the fact that there are no valid decoys and the decoy algo is fed huge amounts of burnt TXOs. This is because protocol simply burns its own decoys. Those who listened will also remember that I explained how this vulnerability is unfixable and any attempts to upgrade the algo into picking better decoys are like the blind man asking the deaf man for directions. The reason is simple, there will never be any good decoys in Monero because TXOs are spent sooner or later. When spent their key image is published somewhere onchain and then mapped to them through key image analysis. Since TXOs can be spent only once, mapping their key image definitively burns the TXO. So unless one addresses the core vulnerability, that is the UTXO accounting model, any patches will always be easily bypassable. For example, I explained how the algo was updated to prioritize recency when picking TXOs as decoys but one can then use this 'upgrade' to trace transactions live as they happen by simply spamming the blockchain with a high number of transactions with something like a transaction gun or a monero mixer. The spammer would control all of the TXOs of these transactions, and if these TXOs make up 99% of the TXO volume, then the decoy algo has a 99% chance of picking decoys from spammers' TXOs. This would therefore allow the spammer to filter out decoys even more quickly, without having to wait for TXOs to get burnt. This specific attack vector in monero is known as the black marble attack. The curious timing of the transaction spam strongly suggests that in March we witnessed an important instance of a black marble attack. The amateurs and wishful thinkers will of course find another explanation that confirms their bias that Monero is private. So in the next post I will include a few images related to this case and, among others, a chart that shows the timing of the spam. The evidence is simply too strong and leaves no room for personal opinions.