The so called two-wallet strategy, actually makes your Monero easier to trace. According to this strategy, you should have one wallet for spending and one for receiving. What happens if you do this? In the receiving wallet you create a pool of TXOs (txo1, txo2, txo3 etc) all owned by you. Some of these TXOs will have been earmarked as yours by outside observers (if for example you received money from a CEX). If you don't spend TXOs as you receive them, but accumulate them first, then when at some point you will have to consolidate this high number of TXOs into 1 new TXO, the flagged TXOs will signal that you are consolidating your TXOs (even if you have many more TXOs than the ones that have been flagged). When you do that, an observer will know that all the money you ever received, even from TXOs that they couldn't trace as yours, is now consolidated into the new TXO-S(end wallet). Because of the high number of inputs flagged as yours, TXO-S is provably 100% yours. Since TXO-S is 100% yours, and that's now in your spending wallet, an outside observer will know where the rest of your balance is after each transaction. Because if you always use 1 TXO to spend, and Monero user transactions have 2 outputs, then from TXO-S your balance will move into TXO-S2 and TXO-CEX. TXO-CEX is the TXO of the exchange (the amount you deposited), while TXO-S2 is your change TXO. The exchange (receiver) knows exactly where the rest of your balance is. If from TXO-S2 you deposit into another centralized party, then that centralized party will know that, again, the change contains your remaining balance (so is still tied to the dozens of transactions you received in your receiving wallet weeks/months ago). In other words, if you adopt the two wallet strategy you tie with 100% certainty your receiving transactions to your outgoing transactions. Does that sound like privacy to you? Monero is not private, stop using it. If you want privacy then stop believing the memes and start doing research on how privacy tech works.

Salvium's supply audit was completed last week and has found that 10M extra coins were minted by the 'exploiter' of their proofs bug. In other words, 1 in four coins has been illegally minted. In the audit they've also sneaked in a completely unsubstantiated claim that these extra coins were 'sold via exchanges'. Considering that Salvium never had the liquidity to absorb a malicious dump of 10M coins, the most likely scenario is that these coins were minted by their team which is now holding the coins hoping to recover user trust and then start dumping them. In other words, Salvium is a confirmed scam. Xelis is conducting a similar scam, except that there they are even refusing to conduct a supply audit.

The real reason why Tornado Cash was delisted is that today mixed transactions can be unmixed. Privacy through mixing is technically known as obfuscation, which is the inherent privacy model of Monero and all private UTXO chains. Today obfuscation is obsolete and can be broken even in its strongest form (FCMP++, ZKPs) thanks to AI. For example as explained here, FMCP transactions can still be attacked by timing & pattern analysis, despite the seemingly perfect tech. The same attack model (that analyses output/commitment age and groups them with other related outputs based on metadata to predict & detect when they're spent) can be applied also to Zcash shielded transactions and ARRR. Obfuscation simply doesn't work and is no longer enough. Yet many are calling the delisting of Tornado Cash a win for privacy. In reality, privacy has lost. We're living in privacy's darkest age in human history.

The Monero Chainalysis video still doesn't get the attention it deserves. By the way, Chainalysis CEO Michael Gronager stepped away few weeks after the video was leaked, it was 'unclear whether his sudden leave is related to health issues, internal tensions at the company' (The Block). A new CEO stepped in in December 2024. This chart summarizes what happens in the video. On the left there are the outputs of the swap service (target TXOs). These TXOs enter a chain of 3 subsequent transactions (because in XMR outputs can be spent only once & when spent they are emptied). No metadata were leaked in these 3 downstream transactions. In the 5th transaction a residential IP is leaked. That IP is then connected to the target outputs from TX1 (despite the perfect op-sec in the 3 hops in between). How was it possible to link the IP in TX5 to the outputs from TX1? The reason is that monero is broken and the 3 transactions in between are traceable just by looking at onchain data (key image analysis & OSPEAD).

In every private UTXO chain, not just Monero, there is an important asymmetry created between an actor that has a holistic view of the network and the user. Let's consider Monero and an actor like Chainalysis that has access to quarterly filings from CEXes/centralised parties as well as other transaction data (if for example Chainalysis is spamming the network or controls other centralized shadow entities). The network seen from Chainalysis consists mainly of known TXOs. In other words, TXOs they own or TXOs whose owners report to Chainalysis when spent. From user's POV, OTOH, all TXOs in the network are unknown because a user doesn't aggregate data. This is why from user's POV it may seem that increasing the ring size, or getting rid of rings, will improve privacy. From Chainalysis' POV OTOH, it's clear that user's TXOs are part of a small pool of unknown TXOs and traceable regardless of ring size, and even if rings were to be removed completely (FCMP).

To add more to my previous post, the core weaknesses of all UTXO privacy chains (TXOchains) are that 1) user balances are split among different outputs that can be spent only once and when spent a receipt is published onchain, 2) in every transaction new outputs (or commitments) are created and 3) related outputs (or commitments) can be detected via onchain or offchain heuristics. This kind of blockchain (TXOchain) cannot be private beyond obfuscation, and its privacy is broken through pattern analysis. The vast majority of users (in any blockchain user pool) always spends shortly after receiving. This behavioral trait deanonymizes most outputs in a TXOchain because most transactions combine a recent output with old outputs the same user controls. Each multi-input transaction (number of inputs is known) is checked against recent TXOs that have a related set that could fit that specific transaction. Additional metadata such as fees, IPs and other user behavioral traits make the process even more accurate. Since most TXOs (or commitments) are mapped to their spending transactions this way then outliers (outputs that are not spent shortly after being created, or outputs of users with impeccable opsec) become a small minority traceable by exclusion or extrapolation. And for a TXOchain that uses rings (Monero), which limits the possibility of real spends only among the TXOs present in the rings, the deanymization process becomes completely trivial.

In a new interview to Coindesk, Chainalysis's lead cybercrime researcher Eric Jardine has come out to admit that Bitcoin has become again the primary cryptocurrency of Darknet markets. This means Chainalysis crime marketing has officially failed. It is great news for all those of us who care about privacy because it definitively refutes Palantir's narrative that only criminals care about privacy. In case you missed it, Chainalysis is being sued by the Celsius Network debtors over their fraudulent $3.3bn audit of Celsius. In this channel I've also presented multiple pieces of evidence of how InQTel funded Chainalysis funds Monero's dead end development (through Magic Grants) and also engages in crime marketing (eg: 1, 2, 3) aggressively encouraging users to commit crimes on Monero. Chainalysis is a cancer that wants to antagonize privacy by associating it with crime. The fact that even low IQ DNM criminals are no longer falling for its Monero honeypot (probably because of stories of other Monero only users getting arrested), proves the number 1 privacy coin by market cap (as Chainalysis funded shills love to label Monero) might be ready to implode.

Understanding the different privacy protocols can be challenging for the average person because optics are often distorted by inflated market caps that gloss over fundamentals. In this cheat sheet I have summarized the raw reality of privacy protocols today beyond any narratives driven by agendas that prioritize corporate profitability over individual privacy and freedom.

Monero privacy: You've received money from one of these 5 Venmo usernames. The transaction lists 5 usernames. (UTXO + RingCT)

Zcash privacy: You've received money from an existing Venmo user. The transaction doesn't contain any usernames. (UTXO + zero knowledge proofs)

Dero privacy: You've received money from a person outside Venmo that goes by the monicker BOB98. (Account Model + HE)

396 XMR raised in less than 24h, "by our generous community". That's $100k. If you believe all that, then I got a bridge to sell you. Where does the money really come from though? The money comes from the government contracts Chainalysis gets to trace all the brainwormed Monero users that have fallen for Palantir's crime marketing that "Monero is the best privacy coin". Chainalysis/Palantir funnel their marketing funds into Monero through their proxy Magic Grants. Justin Ehrenhofer is the proof of connection between Magic Grants and Palantir/Chainalysis.

EdgeWallet posted an embarrassing thread on Monero that is nothing short of a paid ad, like those ads with actors dressed as doctors claiming cigarettes are good for your health. They say XMR is so incredibly difficult to trace that the IRS even offered a bounty in 2020. In 2020 maybe, but today we've proof that XMR is traceable:
1) a video of a Chainalysis investigator pitching Monero tracing to the IRS in Aug 2023;
2) XMR traced after 3 hops with perfect opsec;
3) XMR traced by Finnish police: hacker swapped btc for XMR (add1), sent XMR to add2, deposited on Binance from add2, was still traced;
4) XMR traced by the Japanese Police;
5) MRL admitted that just by analyzing TXO age the anonymity set in each XMR transaction is reduced from 15 to 4 and that it wasn't disclosed to the public because there was no fix. I discussed it here.
6) Chainalysis Monero crime marketing.

The truth is that XMR is as traceable as BTC, like explained here, here, here & here. Even FCMP doesn't fix it, as explained here & here.

After EdgeWallet, Zachxbt wants us to believe that some mysterious entity got hacked for $300M and the hackers bought XMR. This pumped XMR 50% today. As shown by Bybit, most instant exchange freeze suspicious funds. Changelly, Paraswap, FixedFloat, ChangeNow are all in the list of good actors that froze Bybit's funds. Why weren't these funds frozen? If this was a hack, why is there still no victim despite the institutional grade amount at stake? I think this is just a Palantir Monero buy masqueraded as a "potential hack" to fuel their narrative that criminals use Monero. The last known criminal to have been so low IQ as to think Monero is private was Rui Siang Lin. RSL (23) made $4.5M in 2 years risking it all in the DNM (and lost it all in the end). Occam's razor: anyone so sophisticated as to hack a $300M wouldn't be so dumb as to buy XMR, therefore this is most likely a crime marketing ploy by Chainalysis, a bunch of surveillance criminals that fuelled scams like Celsius with fake audits.

When caught lying, double down. First 'he' (Zach) reports a 'likely' hack of $300M, then 'he' confirms it. Attributes it to some made up identities and identifies the victim as an 'elderly individual in the US'. Convenient to justify why nobody reported the hack & how 'hackers' were able to swap $300M BTC to XMR through swap services that are known to freeze suspicious transactions. Was this elderly individual also in charge of compliance in all the swap services that cleared $300M of swaps into XMR in less than 12h w/o raising any red flags? Also, from the way he moved/shuffled coins prior to the hack, 'this elderly individual' definitely has no cognitive deficits. Let's say he slipped up & got social engineered, why didn't he report the hack on time? The thing with social engineering is that you realize you got hacked as you get hacked, as coins move. Yet our elderly victim just went to sleep. What if 'Zach' is not an individual but a Chainalysis PR persona currently employed to promote their honeypot XMR?

The former lead maintainer of the Monero repository (the guy who hijacked Bitmonero from TFT 2 weeks after launch), and founder of scam Tari, a to be launched coin with 30% premine, attempts to manipulate a naïve Zcash user into believing Monero has a bigger anonymity set than Zcash. Well, the thing is that even if only 5 people were using Zcash, Zcash would still have better privacy than 1 million people using Monero. The reason is simple, in Monero it doesn't matter how many people use it because the real spend is included among the inputs of each transaction and obfuscated with 15 decoys. Of these 15 decoys, 11 can be eliminated just by looking at decoy age. Therefore the real anonymity set of every XMR transaction is AT MOST 4.2 (source: Monero Research Labs, for one). Zcash, OTOH, uses zk proofs & zk-SNARKs. Which means the anonymity set is equal to the total number of shielded outputs onchain. Ricardo Spagni is being charged with 378 counts of fraud and forgery in SA.