Monero’s development team has discovered a bug that could potentially compromise transaction privacy, and the bug is still active at the time of this report
Monero has always been known as perhaps the most privacy-centric cryptocurrency in the world. Most people that use the XMR coin do so because of the privacy features it offers them. However, that privacy might now be at risk after a bug was spotted in the coin’s official wallet.
The development team announced that a significant bug had been spotted in Monero’s decoy selection algorithm that may impact users’ transaction’s privacy. They added that if a user spends XMR coins “immediately following the lock time in the first 2 blocks allowable by consensus rules (~20 minutes after receiving funds), then there is a good probability that the output can be identified as the true spend.”
A rather significant bug has been spotted in Monero's decoy selection algorithm that may impact your transaction's privacy. Please read this whole thread carefully. Thanks @justinberman95 for investigating this bug.
— Monero || #xmr (@monero) July 27, 2021
However, the team added that the bug doesn’t reveal any information regarding addresses and the transaction amount. Furthermore, user funds are safe in their wallets as the bug doesn’t touch them.
The Monero team added that the bug is still present in the official wallet code, and they are working hard to eliminate it. “Users can substantially mitigate the risk to their privacy by waiting 1 hour or longer before spending their newly-received Monero until a fix can be added in a future wallet software update. A full network upgrade (hard fork) is not required to address this bug,” the developers added.
The problem can be solved via wallet fixes, and the team said it is working hard to ensure it is achieved as soon as possible. Monero prides itself on being one of the leading privacy-focused cryptocurrencies in the world.
It has maintained its privacy-focused features despite coming under pressure from regulators. The pressure forced some crypto exchanges such as Bittrex to delist XMR and other privacy coins from their platform. XMR’s price is up by 4% over the past 24 hours despite the news of the bug.