this post was submitted on 26 Aug 2025
8 points (100.0% liked)

Monero

2050 readers
6 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 2 years ago
MODERATORS
admin@monero.town
8
The true target is consensus to change the PoW. (github.com)
submitted 6 days ago by WhoAmI@monero.town to c/monero@monero.town
4 comments fedilink hide all child comments
 

Hello there, fellow Monero addicts. By now, I'm sure everyone is aware of the Qubic attack on Monero.

I’ve started a discussion on GitHub about what I believe is the true objective of this attack. If you're interested, please read the short discussion-we can continue it here, as it was closed on GitHub (it wasn’t the right place for such discussions).

I’m curious to hear your opinions.

you are viewing a single comment's thread
view the rest of the comments
[–] ArseneSpeculoos@monero.town 3 points 6 days ago

It's true that we should not rush into action without carefully considering the consequences in the short and long term.

The attack still demonstrates an important point of improvement for the Monero ecosystem. We now have a hostile mining pool with too much hashrate and it's time to dust off the theoretical attack scenarios and see what harm it can do and what we can do about it.

The attacker can and does reorg blocks as a consequence of selfish mining. That means less mining rewards for the other miners.

The attacker cannot censor any specific transaction (because the transactions are private so there is no easy way to differentiate any specific one). They could still decide to only mine empty blocks or their own transactions, and that would increase confirmation times for all the other users.

The attacker can try a double spend attack, for example on an exchange. They can deposit XMR at the exchange, get BCH for it and withdraw it. Then they reorg the latest blocks up to before depositing their XMR to add a transaction before that deposit. That transaction will send that previously deposited XMR to one of their other wallets instead of going to the exchange.
If this attack is successful, in the end, they will have both the BCH from the exchange and the XMR in their other wallet.
This is actually why Kraken has increased their confirmation times for XMR to 24 hours. When you increase the confirmation time, you increase the number of blocks between the XMR deposit and the BCH withdrawal in the scenario above. So much so that even with 80% of the hashrate the attack is no longer feasible.

There are other points I guess, but we need to address these. Some action needs to be taken to improve, but as you said, we need to be careful.