Arweave TX
6 days ago, on-chain sleuth and investigator ZachXBT reported the theft of $330M worth of Bitcoin, an amount that was then exchanged for XMR via instant exchanges (not all require KYC).
An incredibly sad event, not only for the victim but for our industry as well (we're not exactly winning brownie points with all the hacks and scams happening).
But the scammer's actions beg a question: why did they go with XMR and not ETH or BTC?
Let's break it down 👇:
First, what's XMR?
XMR is the native token of Monero, a blockchain that was launched in 2014 with one sole purpose: To make crypto transactions completely private.
We’re talking about the kind of privacy where regular details on blockchains like Ethereum or Bitcoin such as:
who sent what
who received what
or how much was sent
aren't visible.
Might sound unbelievable, but this is how Monero actually functions.
How does this work?
To make this work, Monero mainly uses these 3 technologies:
1. Ring Signatures
Normally, when you carry out a transaction on blockchains like Ethereum or Bitcoin, your transaction, which gets recorded in the blockchain, includes a cryptographic signature that directly proves your wallet address created it.
But ring signatures make proving which wallet signed a transaction almost impossible.
Here's how 👇
Instead of signing the transaction alone, Monero creates a group signature using your real transaction mixed with several decoy transactions pulled from other users’ past activity.
So to anyone looking at the blockchain, it looks like anyone in the group could have sent it.
(Tldr: There’s no way to tell which wallet is the one that actually created a transaction and which are decoys.)
Might sound bogus, but I went on a Monero explorer and picked a transaction to look at and honestly, it's hard to make sense of the transaction's details.
2. Stealth Addresses
When you receive crypto to your wallet address on blockchains like Ethereum, it's possible for anyone to see that you received money and also see how much you received.
Monero fixes this with stealth addresses.
Here’s how it works 👇
[Before I delve into how it works, note that every Monero wallet has 2 key pairs:
Public and private view key – used to scan the blockchain and detect incoming payments meant for you.
Public and private spend key – used to unlock and send your funds.]
When you give someone your public address to send you some tokens, the XMR doesn't go to the address you gave them directly. Instead, their wallet uses your public address to create a stealth address, which is:
one-time-use
Derived using cryptographic math
Unique for that transaction only
It's this stealth address that then receives the tokens.
After the tokens are sent, Your wallet, using your private view key, then scans new transactions on the Monero blockchain to see if it can "see" one meant for you; it does this by reconstructing the stealth address math internally.
Once a match is found, you can then use your private spend key to move the funds.
3. Ring CT (Confidential Transactions)
In addition to the above, Monero also uses Confidential Transactions to encrypt the amount of crypto being sent.
This hides the actual amount from everyone except the sender and the receiver.
Add this up, and you have:
Untraceable senders
Invisible amounts
Private receivers
This is why the attacker chose XMR.
Because once any fund hits Monero, the trail goes cold.
No more traces.
No more tracking.
Not even for the best on-chain sleuths like ZachXbt.
It’s also why Monero's become the go-to blockchain for those involved in illicit activity.
And it’s why the government, even though they can’t do much because it’s decentralized, still tries its best to hinder its circulation and use.
--
Which brings us to a much bigger question:
Seeing as Monero’s privacy benefits come with the risk of enabling crime, should it be done away with?
