{"id":31574,"date":"2020-11-11T09:52:48","date_gmt":"2020-11-11T07:52:48","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=31574"},"modified":"2025-08-28T04:23:09","modified_gmt":"2025-08-28T01:23:09","slug":"riccardo-spagni-explains-monero-network-attack","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/riccardo-spagni-explains-monero-network-attack\/","title":{"rendered":"Riccardo Spagni explains Monero network attack"},"content":{"rendered":"<p>An unknown attacker attempted an unsuccessful Sybil attack on Monero\u2019s network, according to Riccardo &#8216;Fluffypony&#8217; Spagni, a former Monero maintainer.<\/p>\n<p><!--more--><\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Recently, a largely incompetent attacker bumbled their way through a Sybil attack against Monero, trying to correlate transactions to the IP address of the node that broadcast it. Whilst novel in that it is the 1st Sybil attack of this sort, it was also quite ineffective. 1\/n<\/p>\n<p>\u2014 Riccardo Spagni (@fluffypony) <a href=\"https:\/\/twitter.com\/fluffypony\/status\/1326130648491417602?ref_src=twsrc%5Etfw\">November 10, 2020<\/a><\/p>\n<\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to Spagni, the attacker attempted to correlate the IP addresses of nodes broadcasting transactions. However, the attack did not disrupt Monero\u2019s privacy-preserving mechanisms.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">First off, this clumsy attack had no effect on any of Monero\u2019s on-chain privacy mechanisms (ring signatures, stealth addresses, confidential transactions). Additionally, it is important to note that this is an attack that you could execute against nearly every cryptocurrency, 2\/n<\/p>\n<p>\u2014 Riccardo Spagni (@fluffypony) <a href=\"https:\/\/twitter.com\/fluffypony\/status\/1326130747573473280?ref_src=twsrc%5Etfw\">November 10, 2020<\/a><\/p>\n<\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote><p>\u201cDandelion++ works by randomly \u2018diffusing\u2019 transaction broadcasts. This means that for a Sybil attack to link a transaction to a node\u2019s IP address, it has to be intercepted at the very first node,\u201d wrote Spagni.<\/p><\/blockquote>\n<p>He advised users concerned about Sybil attacks to broadcast transactions via Tor.<\/p>\n<p>Earlier in November, the main Tron network <a href=\"https:\/\/forklog.com\/en\/news\/justin-sun-details-major-attack-on-the-tron-network\">was subjected to<\/a> a large-scale attack. Justin Sun, head of the project, said that the attacker exploited contract-developer privileges and initiated malicious transactions.<\/p>\n<p>Subscribe to ForkLog news on <a href=\"https:\/\/www.facebook.com\/forklog\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Facebook<\/a>!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An unknown attacker attempted an unsuccessful Sybil attack on Monero\u2019s network, according to Riccardo &#8216;Fluffypony&#8217; Spagni.<\/p>\n","protected":false},"author":1,"featured_media":31575,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,513,1860],"class_list":["post-31574","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-monero","tag-ricardo-spanyi"],"aioseo_notices":[],"amp_enabled":true,"views":"20","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/31574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=31574"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/31574\/revisions"}],"predecessor-version":[{"id":31576,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/31574\/revisions\/31576"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/31575"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=31574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=31574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=31574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}