A “major” bait selection error is Report for currency Through the official Twitter handle of the project. According to an investigation conducted by software developer Justin Berman, the vulnerability “may affect your transaction privacy” within a short period of time after receiving the funds.
If the user spends funds immediately after the lock-in time in the first 2 blocks allowed by the consensus rules (about 20 minutes after receiving the funds), it is very likely that the output will be recognized as a real cost.
The Monroe Research Laboratory clarified that the data facing the risk of exposure is related to the address or transaction amount, and the funds themselves “will never be at risk of being stolen.” Since the report was published about 10 hours ago, the vulnerability has been in the “official wallet code”.
In order to mitigate this vulnerability, users can wait 1 hour after receiving funds before spending funds.The developer is currently developing the wallet Software update. This does not need to be achieved through a hard fork.
Monroe Research Laboratories and Monroe developers take this issue very seriously. We will provide an update when the wallet repair is available.
Potential fix for Monero bait selection error
On the Monero project GitHub Repository, Berman gave a detailed explanation of this bug. He revealed that his investigation was conducted by core developers before release. He clarified that the decoy selection mechanism that affects software wallets “selects the most recent output as a decoy change to 0”.
Therefore, why users can mitigate mistakes by spending their funds after a period of time. As the developer clarified, the algorithm introduces 10 “baits” in the Monero ring, and then hides the real output. The selection mechanism has almost zero chance of selecting bait with less than 100 outputs, but there are still the following possibilities:
There is still a chance to choose the output index <100 的诱饵这一事实要归功于算法的这一部分，它采用由 exp(x) 确定的 output_index，找到它所在的块，然后从中随机选择一个输出堵塞。 因此，具有 >The output of the 100 output blocks has a chance to be selected as the decoy.
Although still under development, Berman believes that the solution to the Monero vulnerabilities will require changes to the decoy selection mechanism. The developer said that if the transaction is processed by a node that has not updated, this may affect the consistency of the transaction, rather than update the way the node builds the ring.
The solution I am currently inclined to is that the algorithm deviates by 1 block, which means that the gamma distribution observed in the paper only plots the observed cost. In a block time of 120 seconds, you would expect to spend close to 0 outputs in less than 120 seconds, which seems to be confirmed by the gamma distribution recommended by the paper.
At the time of writing, Monero (XMR) was trading at $220.95 and the profit on the weekly chart was 16.1%. XMR follows the general Market sentiment is trading sideways after a sharp increase over the weekend.