A rather significant bug has been spotted in Monero's decoy selection algorithm that may impact your transaction's privacy. Please read this whole thread carefully. Thanks @justinberman95 for investigating this bug. 1/6

2:47 AM · Jul 27, 2021

60
221
69
670
If users spend funds immediately following the lock time in the first 2 blocks allowable by consensus rules (~20 minutes after receiving funds), then there is a good probability that the output can be identified as the true spend. 2/6
2
8
5
101
This does not reveal anything about addresses or transaction amounts. Funds are never at risk of being stolen. This bug persists in the official wallet code today. 3/6
1
3
3
91
Users can substantially mitigate the risk to their privacy by waiting 1 hour or longer before spending their newly-received Monero, until a fix can be added in a future wallet software update. A full network upgrade (hard fork) is not required to address this bug. 4/6
3
11
2
107
The Monero Research Lab and Monero developers take this matter very seriously. We will provide an update when wallet fixes are available. 5/6
2
4
0
118
Addendum: "This likely would only affect a tiny fraction of XMR transactions. The absolute maximum number of rings affected is probably <1% (since block 2300000, only ~1% of outputs used in rings were between 10 and 12 blocks old, and a percentage of those were likely decoys)."
3
5
3
44
Thus, all else equal, it would be next to impossible for this bug to compromise other transactions on the network (1% ^ 10 = 0.000000000000000001%).
26
4
1
57
Replying to @monero
Nice work, @justinberman95 🤙🏼
0
0
0
33
Thank you so much for your great job.
0
0
0
12