Is Human Psychology Monero's Achilles' Heel?

05 Nov, 2023

Distribution of public Monero nodes 5 November 2023. Source: https://monero.fail/map

One of the privacy tools that has most interested me on my journey so far is Monero, the equivalent of digital cash. Teachers and content creators like Douglas Tuman and Seth for Privacy have been tirelessly explaining Monero and its usefulness.

I became convinced enough by the potential of Monero to a point where I decided to exchange some of my savings to XMR, the currency name for Monero. I had never investigated cryptocurrencies before, and so this in itself was quite a lengthy, sometimes scary process. I will discuss all of those discoveries in future posts, as crypto is a tool I adopted more recently.

I went further than just owning some Monero. I got my children, family members and a few friends to download Cake Wallet and sent them some Monero. (Half of those people have now lost their seed, despite me impressing upon them its importance). I also looked into mining Monero myself, and downloaded a full node onto my own server, which I keep updated and connected to the Monero network.

While privacy crypto currencies are not having the best time at the moment, with both the US and the EU looking into ways to control crypto currencies and privacy tools, limiting privacy and freedom, I would still like to take a moment to steelman an argument against Monero's future success, and test that in the community. I look forward to critiques on my steelmanned counterclaim to Monero's robustness, which is that Monero's Achilles' Heel is human psychology, especially in the face of bans and government regulation. Let me explain.

What Monero does well

I have been reading SerHack's book on Monero, and have no doubt that the team of developers behind Monero is currently doing truly excellent technical work in order to make transacting with Monero private and untraceable by default, mirroring cash. I am not going to venture into Monero-technical counter-claim territory. I simply don't understand enough about how it all works, though I did try to follow the recent discussions around a hack of donated XMR funds for development, which got quite technical.

Similarly, I am on board with the logic of arguments around the potential for Monero to work as a currency for trading in an alternative circular economy. I just listened to Douglas' interview with Seth on Monero Talk, where they end on that point, stating that Monero will alway be optional to join, but that alternative markets (underground, black markets, barter markets) have always thrived. While we don't currently see enough merchant onboarding of Monero, I believe in its potential to grow in this area.

Lastly, while there is an increase in scrutiny of crypto exchanges (Sam Bankman-Fried's very public case hasn't helped the story of crypto, unfortunately) by governments and the EU, I do believe there will always be a way to trade your Monero for another crypto coin, like Bitcoin, so that you can 'off ramp' from Monero back to a fiat currency, should you want to trade in your Monero.

All of the above may have potential weaknesses, but not enough to worry me yet (the governmental moves towards greater scrutiny of crypto exchanges is worrying me a little at the moment) and pull out of Monero. However, I do believe I now see a weakness on the ground level as it were of what is keeping the entire system running, and that is the comfort level with breaking the law that all the people currently running nodes might have.

Monero's Achilles' Heel: nodes are run by people

A crypto currency like Monero depends on accurate copies of one long record of all transactions being kept updated all over the world. This is the ledger. There are great resources explaining all this, including some documentaries on Netflix. In the case of Monero, a copy of this ledger is called a node. It's currently nearly 200GB, and it's easy to set up (takes days to download, however) and run within your home. Slightly more complicated is opening that node to the public, so other Monero users can depend on your copy of the ledger for their transactions. Monero's robustness relies on the existence of many accurate copies of this ledger in countries all of the world.

A few days ago I happened upon an interesting website: a map that shows current and recently active public Monero nodes. One of the first things I did was zoom in to see if there are any other people running public nodes in my area. Then I noticed something surprising: my own IP address—the one my ISP links to my physical address and ID—was listed on the map!

I looked carefully and saw there is an option to publish your IP address to the map, but the odd thing was, this was my first time visiting the site, and I had never done that. How did my node appear on the map?

I posted my question to r/monero and, as usual, got a lot of helpful replies there. One moderator explained that

When you run a node, it connects to other nodes. They use IP addresses to connect. And they add the IP to their list, and then they share that list with other nodes.

and someone else wrote:

This is how all p2p networks work. If you join with your node, other nodes will know your IP, unless you use tor or i2p, or just some VPN.

The developer of the map tool even joined in and wrote:

[The map] is an indicator to some people who aren't aware their node shares it's IP to other nodes.

I was definitely one of those people. I had no idea that my public Monero node was so easy to tie to my location and identity. I could have come to the realisation myself, if I had thought it through more deeply, but I was too fixated on the privacy aspects of Monero itself to think about the node network. And this is the essential weakness of Monero, that suddenly became very clear to me: without people running nodes, there is no network. All the great privacy technology and potentials (private digital coin, untraceable transactions, merchants, meetings, trading, alternate circular economies) won't mean much if people like me, who run and maintain updated nodes, pull out of the network.

What might cause someone like me to do that? And how many of us are there?

The question

I often stress on my blog that I am not a technical person. I don't work in IT and never have. But I have always been interested in computer technology, from the early days of trying out BASIC on a Sinclair ZX-81 PC. My knowledge is just enough to try out things like running a public Monero node and mining Monero myself. That is, after all, what the Monero philosophy rests on: that regular users (or "regular Joe's" as Tuman calls us) can run their own nodes, mine Monero and support the network without a lot of technical know-how. This is one of the key features that separates Monero from Bitcoin, where I would need to spend a lot of money before I could even begin to think about contributing.

The benefit of testing out tools yourself is that it gives you a clearer insight into what the tool is and does. These trial-and-error experiments have given me a better idea about how the Internet works, and helped push me just beyond the limitations of my technical knowledge each time.

In this case, downloading and maintaining my own full copy of monerod has given me an insight into the psychology behind the Monero network. Sure, some of the people running Monero nodes will have great technical knowledge and would know how to proceed carefully and hide their nodes, should governments ban Monero. But what about people like me? And how many of us are there supporting the Monero network?

Regular citizens like me can and will be interested in privacy (I spend a lot of my free time writing this blog because I think privacy is important) but may not be willing to break the law for privacy. Breaking the law could have implications for my income and family, which I just don't want to deal with.

To conclude, here's the question I posted on r/monero:

What would you see as the solution for regular, not-super-technical users like me to contribute to the Monero network by running their own nodes, in a possible future scenario where Monero is made illegal?

I've read about using Tor (though with the warning Tor itself could be illegal too) and running the node behind a VPN, which I once tried and couldn't get to work.

I sometimes read hard core 'f** the government' type rhetoric in privacy crypto communities, but most regular citizens like me are not going to want to risk doing anything illegal. How many nodes does Monero need (in the world) to run reliably and to be resistant?

My concern is that if say in the next five years, both the US and EU make privacy crypto currencies illegal, how resistant will Monero be to that, given that my guess is a lot of nodes are maintained by regular people like me?

I'll leave it at that. People steelman arguments that work against their own beliefs in order to become stronger and better. There is no other way. If you live in a house that has mould in the basement that you're not aware of, and a friend comes by and tells you she smells mould, then that's a good friend. We should not pretend the mould doesn't exist.

I am curious and hopeful to hear good rebuttals to this argument against Monero's potential, because I believe we will need a digital form of cash soon, and because I have invested in Monero. I hope that people in the Monero community reading this will understand my intention.

Updates

Seth responded quickly (on X) and in some detail, so I'll go ahead and add that here now:

Fantastic post, and raises a point that isn’t often talked about! I’ll respond in-depth here, starting with the reasons why I think this is a non-issue:

While governments may ban the exchange of a specific cryptocurrency, it’s massive leap to ban running open-source software that has no economic incentive.

Even if for some reason a country like the US bans running a node, the digital nature of Monero means you can just use a node you host in another country, or someone else’s node.

Using an untrusted remote node in Monero is drastically less harmful for privacy than in Bitcoin etc., and is absolutely fine for those in countries where running a full node is untenable.

For those who would go against a ban on running a Monero node, it’s relatively easy to run a node behind a VPN or Tor to mask true IP addresses.

To go a step further, the encrypted p2p work by @vtnerd will be vital to extending deeper protections to those who run a node without any obfuscation, as it will appear to an ISP as just standard SSL traffic.

In summary, I think it’s an important issue to think through but not much of a real-world concern with how permissionless and resilient a decentralized, p2p network is against a single state attack.