EdgeWallet posted an embarrassing thread on Monero that is nothing short of a paid ad, like those ads with actors dressed as doctors claiming cigarettes are good for your health. They say XMR is so incredibly difficult to trace that the IRS even offered a bounty in 2020. In 2020 maybe, but today we've proof that XMR is traceable:
1) a video of a Chainalysis investigator pitching Monero tracing to the IRS in Aug 2023;
2) XMR traced after 3 hops with perfect opsec;
3) XMR traced by Finnish police: hacker swapped btc for XMR (add1), sent XMR to add2, deposited on Binance from add2, was still traced;
4) XMR traced by the Japanese Police;
5) MRL admitted that just by analyzing TXO age the anonymity set in each XMR transaction is reduced from 15 to 4 and that it wasn't disclosed to the public because there was no fix. I discussed it here.
6) Chainalysis Monero crime marketing.

The truth is that XMR is as traceable as BTC, like explained here, here, here & here. Even FCMP doesn't fix it, as explained here & here.

After EdgeWallet, Zachxbt wants us to believe that some mysterious entity got hacked for $300M and the hackers bought XMR. This pumped XMR 50% today. As shown by Bybit, most instant exchange freeze suspicious funds. Changelly, Paraswap, FixedFloat, ChangeNow are all in the list of good actors that froze Bybit's funds. Why weren't these funds frozen? If this was a hack, why is there still no victim despite the institutional grade amount at stake? I think this is just a Palantir Monero buy masqueraded as a "potential hack" to fuel their narrative that criminals use Monero. The last known criminal to have been so low IQ as to think Monero is private was Rui Siang Lin. RSL (23) made $4.5M in 2 years risking it all in the DNM (and lost it all in the end). Occam's razor: anyone so sophisticated as to hack a $300M wouldn't be so dumb as to buy XMR, therefore this is most likely a crime marketing ploy by Chainalysis, a bunch of surveillance criminals that fuelled scams like Celsius with fake audits.

When caught lying, double down. First 'he' (Zach) reports a 'likely' hack of $300M, then 'he' confirms it. Attributes it to some made up identities and identifies the victim as an 'elderly individual in the US'. Convenient to justify why nobody reported the hack & how 'hackers' were able to swap $300M BTC to XMR through swap services that are known to freeze suspicious transactions. Was this elderly individual also in charge of compliance in all the swap services that cleared $300M of swaps into XMR in less than 12h w/o raising any red flags? Also, from the way he moved/shuffled coins prior to the hack, 'this elderly individual' definitely has no cognitive deficits. Let's say he slipped up & got social engineered, why didn't he report the hack on time? The thing with social engineering is that you realize you got hacked as you get hacked, as coins move. Yet our elderly victim just went to sleep. What if 'Zach' is not an individual but a Chainalysis PR persona currently employed to promote their honeypot XMR?

The former lead maintainer of the Monero repository (the guy who hijacked Bitmonero from TFT 2 weeks after launch), and founder of scam Tari, a to be launched coin with 30% premine, attempts to manipulate a naïve Zcash user into believing Monero has a bigger anonymity set than Zcash. Well, the thing is that even if only 5 people were using Zcash, Zcash would still have better privacy than 1 million people using Monero. The reason is simple, in Monero it doesn't matter how many people use it because the real spend is included among the inputs of each transaction and obfuscated with 15 decoys. Of these 15 decoys, 11 can be eliminated just by looking at decoy age. Therefore the real anonymity set of every XMR transaction is AT MOST 4.2 (source: Monero Research Labs, for one). Zcash, OTOH, uses zk proofs & zk-SNARKs. Which means the anonymity set is equal to the total number of shielded outputs onchain. Ricardo Spagni is being charged with 378 counts of fraud and forgery in SA.

Coinmarketcap never updated Dero's supply when Stargate hit mainnet in 2022, it kept showing the Atlantis based supply. Today CMC still shows the circulating supply of ~2 years ago but has also added a warning over "an anomalous" spike. FUDers must have paid some good money to get CMC to show that warning. As a reminder, Dero is in alpha and has randomness reuse in place that allows auditing all transaction amounts. If there was a proofs bug, there would have been other signs and CMC, which is not a CEX and doesn't run a Dero node, definitely has no way of detecting "an anomalous spike". If you wanted proof that Dero FUDers are getting desperate, this CMC warning is it.

Have you heard of QUBIC? I hadn't until last year. It's a new AI coin created this cycle, $160M mcap. The founder is a crypto legend, CfB. Some seem to think Cfb could be Satoshi (I don't think so personally, but the cult is strong). While I'm not familiar with Qubic's tech in depth, they definitely could be making it to the cypherpunk history books. Contrary to all the fake OG cypherpunks cowering in fear and bending their knee to Palantir, scared to say/explain how Monero is trivial to trace and obsolete because "Palantir & Chainalysis work with law enforcement and could create me trouble", these Qubic guys DGAF. Knowingly or unknowingly, Qubicans are probably on track to expose the biggest crypto scam since Bitconnect (Monero). In true cypherpunk fashion and just like Satoshi would have done, they're voting with their CPUs by mining XMR (because they can, and the valuation is outrageously high) and selling it for QUBIC (because they believe in decentralized AGI). Monero is a huge instance of the market being lied to, as the tech is 100% obsolete and trivial to trace (as they even admitted themselves with OSPEAD). Chainalysis inflates its valuation artificially and probably controls most of the hash. If someone who is not aligned with & brainwashed by Chainalysis starts mining Monero, the game changes. This is why I think Qubicans are absolutely right to believe that QUBIC is worth more than Monero, and if by accident they end up controlling enough hash they might even make it unsustainable for Chainalysis to artificially inflate XMR's market cap to keep scamming with it. A high market cap is key to their crime marketing strategy to label Monero as the biggest privacy coin and to attract more victims into their honeypot. Some Monero crybabies are already screaming for help on Reddit, by the way.

A few words on Tari, Spagni's latest scam: Tari utilizes Mimblewimble protocol for privacy and launched with a 30% supply premine. This has the same effect on tokenomics as an inflation bug exploited on day 1, so I'd expect it to pump hard early on and dump non stop thereafter. Privacy: think Monero but without rings, where inputs and outputs (Pedersen Commitments) of all transactions happening in a certain block are aggregated together to make it difficult to map a specific input to output. But, OTOH, you know exactly when a commitment is spent, and also by logging everything you trace everything. Tari also has no smart contracts, no VM. Just Tariscript similar to Bitcoin's script. All Monero scammers are shilling this in full force.

Serial scammers from the Solana trenches Jake Gagain (1, 2) and Crashiusclay (1, 2, 3) are now shilling Monero. What's going on here? Let's see...Solana is owned by the so called Paypal mafia, just like Ethereum. David Sacks (Trump's crypto tzar and former COO of Paypal) was one of Solana's early investors. Chamath, a friend of Sacks, has been one of Solana's biggest promoters. Palantir was funded by (among others) Paypal co-founder Peter Thiel (Vitalik was awarded a Thiel Fellowship in 2014) and David Sacks (Craft Ventures). Palantir's mission has always been "data analysis tools for intelligence and law enforcement" (a honeypot like Monero is a great fit) and originally used Paypal's fraud prevention algorithm. Today Palantir has a product called Foundry for Crypto, which maps offchain identities to onchain activity. Palantir and Chainalysis were both seed funded also by In-Q-Tel (CIA's Venture arm). Jaka Gagain shilled Saitama in 2021, a scam that was infiltrated & exposed by an FBI Trojan horse crypto project. Later, Jake Gagain turned into full time Solana pump and dump promoter/serial scammer. Why are these Palantir KOLs promoting Monero now? Is it because Monero is private (we know it's not), or because it feeds grants to their Chainalysis/Foundry for Crypto business (it has to be this one)?

If Monero isn't private, then why are EU CEXes delisting it for MiCA?
EU CEXes have also delisted USDT for not being MiCA compliant, does that mean USDT is private?

If Monero isn't private, then here is my transaction ID trace it.
To trace Monero one has to: analyze the full node for timing patterns (like those employed by OSPEAD); run multiple sybil nodes to collect offchain metadata; have access to transaction data filed quarterly by centralized exchanges. Monero tracing requires computational resources that the average individual doesn't have access to, just like the average individual cannot afford to bribe a Facebook/X employee to dox a Facebook account. Does that make Facebook private?

If Monero isn't private, then why is it the most used currency of DNMs?
Monero is not the most used currency of DNMs, BTC is. Does that mean BTC is private?

If Monero isn't private, then why can't you name one single case where Monero was traced?
Case 1: Lazarus Wannacry Monero Traced (2017);
Case 2: Columbian DNM admin in Chainalysis IRS presentation (2020);
Case 3: Julius Aleksanteri Kivimäki Monero traced (2022);
Case 4: Yuta Kobayashi Monero traced (2024).

Study the tech and you will realize Monero simply cannot be private (and never will). Everything else is just crime marketing and/or mental gymnastics by those who have got no clue about its tech or are paid to promote it (eg: Jake Gagain, CrashiusClay, Zachxbt, EdgeWallet).

If privacy is a niche, then why does almost everyone use a pseudonym online? Why do people share fake countries, fake names, fake ages, and fake professions when chatting online? Privacy is an instinct, just like sex. We don't need Naomi Campbell to promote privacy and raise awareness about privacy. Just like people instinctively know what to do when they find themselves in front of a person they find attractive, they also instinctively seek privacy when they feel exposed. This is also why compliant privacy L1s are as likely to succeed as compliant sex (imagine: "by law, only missionary sex is allowed") dating apps.

Awareness of exposure is what pushes people towards privacy. It's not that most crypto users don't care about privacy, but there is simply a very low awareness of exposure in crypto right now. Most still think that by buying crypto they are exiting the banking system and going dark, few know that by buying crypto (through KYC) they're broadcasting to the entire world/engraving onchain their financial & KYC data, forever.

Why was the Cypherpunk Manifesto written by cryptographers and not poets? Because cryptographers and engineers were the population with the highest awareness of exposure in the electronic age. While everyone else thought that the internet was a black box where everyone is anonymous and free, cryptographers and engineers had a deep knowledge of its insides and how they could or were being used for surveillance.

Why have people from Darknet Markets stopped using Monero despite the heavy crime marketing we see? The reason is simply because criminals talk to each other (in jail). After a certain point, stories that lead to Monero get out. These stories increase awareness of exposure and therefore have pushed them to seek alternatives outside of XMR.

So is privacy something only few outliers/rebels care about? Not really, everyone cares about privacy. It's a biological instinct baked in each of us (remember the good ole fig leafs?). The reason why it doesn't matter as much in crypto as in messaging apps, is that in crypto there is still a relatively low awareness of exposure.

Like I've said before, privacy doesn't really need any crime marketing. Honeypots, on the other hand, do. Privacy doesn't because people naturally seek privacy as awareness of exposure increases through stories of surveillance/failures in what we thought was private (not suggestions about how to go dark for the purpose of committing a crime, ie crime marketing). One of the sources of fuel for this awareness is, of course, the constant clash of laws with the real life and the gap that there will always be between laws and real life (which I discussed here). By the way, this is an important philosophical concept discussed by Agamben, Benjamin, Schmitt and others: the perpetual gap between normative order (law) and ontological reality (life). Whenever this gap is violated, awareness spikes higher.

🚨Kaspersky has issued a report about a sophisticated malware campaign that targets exposed Docker APIs to mine Dero. The malware consists of 2 parts, nginx and cloud. The first (nginx) continuously scans for exposed environments to inject itself, while cloud is the dero miner software. In other words, this malware spreads on its own. In 2025, Kaspersky found 485 exposed Docker API ports per month globally.

In 2023, Crowdstrike discovered the first-ever Dero cryptojacking campaign targeting Kubernets. In '24 Wiz Security documented an updated variant of the same malware.

Why are these advanced hackers going to such great lengths to mine Dero? The current market cap and liquidity are extremely low. Since Dero isn't really easy to cash out this looks a lot like spec mining via a sophisticated malware campaign. The reason? Maybe Dero's tech: state of the art privacy (in a league of its own as explained here), smart contracts with interpreter VM (the only L1 in crypto), egalitarian cpu mining.

To evaluate Monero's honeypot risk score let's look at the ratio of daily transactions (~25k) and the total number of Monero nodes (~14k), and then compare it to that of other coins like BTC (~22k nodes, 396k TXs), ETH (11214 nodes, 1.5M TXs) , LTC (1167 nodes, 200K TXs). This can measure the likelihood that the current amount of Monero nodes is organic and not inflated by Sybil nodes. Based on data available online, Monero's transactions per node ratio (~1.7) is more than 10x lower than that of Bitcoin (~18) and very close to 1. This suggests that Monero's node network is dominated by sybil nodes at a ratio of 10-to-1 (10 XMR sybil nodes for every user node).

Another way to interpret the low ratio, in practical terms, is that for every Monero daily transaction there is 1 dedicated node in the network serving the broadcaster of the transaction. By comparison, in ETH and LTC a node serves, on average, 133 and 173 transactions per day respectively. Bitcoin makes a good, realistic benchmark because it is the original cypherpunk coin (not the case with ETH and LTC) with a community that always encouraged its users to run full nodes as part of its culture. The amount of sybil XMR nodes per user node is probably even higher when we consider that the average Monero user is less likely than the average BTC user to run their own node.

Like I've been explaining for a while, Monero is obsolete privacy tech turned honeypot by Palantir/Chainalysis (both funded by In-Q-Tel) via crime marketing. Monero tracing exploits its old privacy tech (UTXO accounting model & key images) but offchain metadata is also crucial (ie: Sybil nodes generate profit). In BTC/LTC/ETH tracing, OTOH, offchain metadata play a marginal role, which is why in coins like ETH and LTC the tx-per-node ratio is so high as there is no utility/profit generated by Sybil nodes.

To be able to use offchain metadata consistently, Palantir/Chainalysis would need a huge enough network of full Monero nodes in order to maximise the probability that any user not using a full node sends the transaction to a node that reports back to Chainalysis. And in cases where users run their own nodes, to still be able to tell which node a specific transaction originated from despite Dandelion. Monero's outstandingly low tx/node ratio suggests a huge sybil network 10x the size of organic Monero nodes is already in place.

XMR PROOF OF SYBIL: When TARI launched, it reached 11,300 full nodes within 24h from Monero's total 12,560 nodes.

The event was immortalized in a tweet by @Donttracemebruh. Even if we completely disregard TARI's huge 30% premine and its founder's poor reputation (recently involved in the CSS hack controversy), 11k nodes in 24h (even before marketing started) doesn't make any sense unless the nodes were the Monero Sybil nodes controlled by one entity that decided to run TARI in parallel.

That would explain how TARI bootstrapped its node infrastructure so quickly. For Monero, that implies a Sybil-to-user node ratio of at least 10:1, in the same range as estimated when comparing Monero to Bitcoin.

In addition to the transaction per node ratio, this is an even stronger piece of evidence that Monero has been fully Sybiled by a network of at least 11,000 nodes (min 90% of nodes).