Forward from: Libre Blockchain
Extracting relevant quotes from the paper (this is fucking BAD):
1. "In particular, we deconstruct Monero's P2P protocol* based on its source code, and develop a toolset to explore Monero's network, which allows us to infer its topology, size, node distribution, and node connectivity."
2. "We show that* Monero's network is highly centralized - 13.2% of the nodes collectively maintain 82.86% of the network connections."
3. "We have identified approximately 2,758 active nodes per day, which is 68.7% higher than the number reported by the MoneroHash mining pool."
4. "We also identified all concurrent outgoing connections maintained by Monero nodes with very high probability (on average 97.98% for nodes with less than 250 outgoing connections, and 93.79% for nodes with more connections)."
Researchers reported they were able to extract 21,678 IP addresses belonging to 970 different ASs (Autonomous Systems).
5. "Out of these collected IP addresses, our nodes established connections with 3,626 peers, and identified 703 peers to which no connection could be established, but that were active and connected to reached nodes." ("we say that peers are active and reachable if our nodes can establish connections with them")
6. "Our approach shows that only about 20% (i.e., 4,329) of the discovered nodes were active, and the remaining nodes were offline during the data collection period [approx. ~one week]. This indicates that the exchanged IP addresses are inactive in Monero's network, and might decrease the network connectivity."
7. "Later on, we contacted the Monero team for clarification, and they confirmed that 5 seed nodes were not available. By comparing the discovered heavy nodes with public Monero mining pools and seed nodes, we found that 9 heavy nodes are maintained by mining pools, and that 2 heavy nodes are Monero seed nodes."
8. "It is obvious that an user's IP address is exposed along with its connections. This leaves a chance for the adversary to identify different roles (miner or client) in the network depending on their connectivity."
9. "A small fraction of the nodes have more than 1000 outgoing neighbors, while a large fraction of nodes have less than 100 outgoing neighbors."
10. "An attacker can potentially launch different types of attacks. For example, an attacker could launch a targeted attack by monopolozing all connections of a victim node, selectively partition the network, or even de-anonymize transactions by identifying the first node relaying a transaction."
11. "Our experiments show that even though Monero is a privacy-preserving cryptocurrency, it is still possible to accurately discover the nodes in the network and their interconnections. Our analysis provides insights about Monero's degree of centralization, and about the privacy and security issues potentially caused by the network topology exposure."
1. "In particular, we deconstruct Monero's P2P protocol* based on its source code, and develop a toolset to explore Monero's network, which allows us to infer its topology, size, node distribution, and node connectivity."
2. "We show that* Monero's network is highly centralized - 13.2% of the nodes collectively maintain 82.86% of the network connections."
3. "We have identified approximately 2,758 active nodes per day, which is 68.7% higher than the number reported by the MoneroHash mining pool."
4. "We also identified all concurrent outgoing connections maintained by Monero nodes with very high probability (on average 97.98% for nodes with less than 250 outgoing connections, and 93.79% for nodes with more connections)."
Researchers reported they were able to extract 21,678 IP addresses belonging to 970 different ASs (Autonomous Systems).
5. "Out of these collected IP addresses, our nodes established connections with 3,626 peers, and identified 703 peers to which no connection could be established, but that were active and connected to reached nodes." ("we say that peers are active and reachable if our nodes can establish connections with them")
6. "Our approach shows that only about 20% (i.e., 4,329) of the discovered nodes were active, and the remaining nodes were offline during the data collection period [approx. ~one week]. This indicates that the exchanged IP addresses are inactive in Monero's network, and might decrease the network connectivity."
7. "Later on, we contacted the Monero team for clarification, and they confirmed that 5 seed nodes were not available. By comparing the discovered heavy nodes with public Monero mining pools and seed nodes, we found that 9 heavy nodes are maintained by mining pools, and that 2 heavy nodes are Monero seed nodes."
8. "It is obvious that an user's IP address is exposed along with its connections. This leaves a chance for the adversary to identify different roles (miner or client) in the network depending on their connectivity."
9. "A small fraction of the nodes have more than 1000 outgoing neighbors, while a large fraction of nodes have less than 100 outgoing neighbors."
10. "An attacker can potentially launch different types of attacks. For example, an attacker could launch a targeted attack by monopolozing all connections of a victim node, selectively partition the network, or even de-anonymize transactions by identifying the first node relaying a transaction."
11. "Our experiments show that even though Monero is a privacy-preserving cryptocurrency, it is still possible to accurately discover the nodes in the network and their interconnections. Our analysis provides insights about Monero's degree of centralization, and about the privacy and security issues potentially caused by the network topology exposure."