How Does Monero Work?

L1|Risk C+|6 mechanisms|5 interactions

Monero is the leading privacy-focused cryptocurrency, using mandatory ring signatures, stealth addresses, and RingCT to make all transactions private by default. With a market cap of approximately $7.6 billion, XMR ranks among the top 20 cryptocurrencies. Its C+ grade reflects the 2025 51% attacks — which the Qubic mining pool executed but has since exited as of April 2026 — alongside 73 exchange delistings due to regulatory pressure on privacy coins. These risks are balanced by 10+ years of operation, a fair-launch distribution, active development momentum (Ring Signature v3 deployed March 2026, FCMP++ beta stressnet live with audit in progress), and a tail emission model providing permanent mining incentives.

TVL

Sector

L1

Risk Grade

C+

Value Grade

B-

Core Mechanisms

5.1.1

RandomX Proof-of-Work — CPU-optimized, ASIC-resistant mining algorithm designed for commodity hardware

RandomX launched in November 2019 to maintain ASIC resistance. CPU-friendly design enables broader participation but also makes hashrate rentable via general-purpose compute.

1.1.4

Monero tail emission — perpetual 0.6 XMR per block after initial supply exhaustion (reached June 2022)

Tail emission provides a permanent security budget. Annual inflation ~0.86% and declining. Novel at introduction but now an established pattern in the taxonomy.

4.3.1

Ring signatures with RingCT — mandatory transaction privacy using ring signatures to obscure sender among decoy outputs

CryptoNote ring signatures in production since 2014. RingCT added in 2017 to hide amounts. Ring Signature v3 hard fork deployed March 2026, reducing transaction size by 28% via improved ring member compression and decoy sampling.

4.3.1

Stealth addresses — one-time addresses generated per transaction to protect recipient privacy

Standard CryptoNote feature. Each transaction creates a unique destination address, preventing address linking.

1.3.1

Dynamic block size with penalty-based fee mechanism — blocks can grow beyond median size with a quadratic miner reward penalty

Adaptive block size allows throughput scaling without hard forks. Penalty prevents spam while allowing organic growth.

5.2.1

Monero difficulty adjustment — recalculates every block using a moving average for smooth adjustments

Per-block adjustment is more responsive than Bitcoin's 2,016-block window, reducing vulnerability to hashrate oscillation.

How the Pieces Interact

RandomX PoWRing signature privacyHigh

The August-September 2025 Qubic 51% attack demonstrated that RandomX's CPU-friendly design makes hashrate capturable through dual-mining incentives. Qubic exited Monero mining on April 1, 2026, reducing near-term concentration risk. The underlying vulnerability persists: any future dual-mining incentive scheme offering sufficient secondary rewards could repeat the attack. A successful chain reorganization on a privacy chain is particularly dangerous because double-spend attacks are harder to detect and trace than on transparent chains.

Ring signatures with RingCTStealth addressesMedium

Mandatory privacy for all transactions means the entire supply is unauditable from the blockchain alone. If a cryptographic flaw in ring signatures or RingCT allows undetectable token creation, there is no transparent pool to cross-reference. Supply integrity depends entirely on the soundness of multiple privacy primitives working in concert.

Tail emissionRandomX PoWMedium

While tail emission provides a permanent mining incentive (0.6 XMR/block), the relatively low emission rate may not generate sufficient miner revenue at lower XMR prices to prevent hashrate concentration. The 2025 attacks occurred despite active tail emission, suggesting the incentive may be insufficient to maintain decentralized mining.

Mandatory privacyDynamic block sizeLow

Private transactions are larger than transparent transactions due to ring signatures and RingCT proofs. The dynamic block size accommodates growth, but larger transactions mean higher per-transaction resource costs, limiting throughput compared to transparent chains.

Mandatory privacyExchange accessMedium

73 exchange delistings in 2025 demonstrate that mandatory privacy directly conflicts with regulatory compliance requirements. As atomic swaps and DEX access grow, Monero's economy increasingly depends on decentralized infrastructure that is less liquid and less accessible than centralized exchanges.

What Could Go Wrong

  1. In August-September 2025, the Qubic mining pool gained >51% of Monero's RandomX hashrate through its 'useful Proof-of-Work' dual-mining incentive, executing 6-block and 18-block reorganizations. Qubic exited Monero mining on April 1, 2026 following its transition to Dogecoin, removing the immediate threat. However, the underlying vulnerability persists: any future dual-mining scheme offering sufficient secondary rewards could repeat the attack on Monero's CPU-friendly RandomX algorithm.
  2. Monero faced 73 exchange delistings in 2025, including restrictions from Binance and Kraken across parts of Europe, severely fragmenting centralized exchange liquidity. Mandatory privacy features make Monero a primary target for regulatory action. THORChain mainnet integration (targeted May-June 2026) and atomic swaps provide growing decentralized access alternatives.
  3. Mandatory privacy (ring signatures, stealth addresses, RingCT) means all transactions are private by default, making supply auditability dependent on the cryptographic soundness of the privacy primitives. Unlike Zcash's opt-in privacy, there is no transparent fallback to verify total supply.
  4. FCMP++ (Full-Chain Membership Proofs), which will replace ring signatures with ZK proofs and expand the anonymity set from 16 to 150M+ outputs, is in beta stressnet phase with a Trail of Bits audit scheduled May 11-22, 2026. Until FCMP++ deploys to mainnet (targeted mid-2026), the existing ring signature privacy model remains in production.

Repeated Hashrate Capture Enabling Systematic Double-Spend

Moderate

Trigger: A mining pool or dual-mining scheme captures >51% of RandomX hashrate for periods exceeding 24 hours, enabling reorganizations deeper than the 10-block safety threshold.

  1. 1.A dual-mining incentive (like Qubic's uPoW) attracts >51% of Monero's RandomX hashrate to a single pool The pool gains ability to produce blocks faster than the rest of the network and perform chain reorganizations
  2. 2.Attacker executes deep reorganizations (18+ blocks as demonstrated in September 2025) to reverse confirmed transactions Double-spend attacks succeed against exchanges and merchants. Due to mandatory privacy, the double-spend is harder to trace and prove than on transparent chains
  3. 3.Remaining exchanges with XMR listings increase confirmation requirements to 100+ blocks or suspend deposits entirely Effective settlement time increases from ~20 minutes to hours, destroying XMR's utility for commerce and exchange transfers
  4. 4.Network confidence collapses, XMR price declines, further reducing mining revenue and honest hashrate Negative spiral where reduced price makes the attack cheaper relative to declining miner revenue, enabling persistent hashrate control
See all 2 collapse scenarios in the full risk report →

Risk Profile at a Glance

Mechanism Novelty3/15
Interaction Severity6/20
Oracle Surface0/10
Documentation Gaps3/10
Track Record8/15
Scale Exposure9/10
Regulatory Risk7/10
Vitality Risk4/10
C+

Overall: C+ (40/100)

Lower score = safer

More on Monero

Is Monero Safe?

Safety analysis

Is Monero a Good Investment?

Value analysis

Full Risk Report

All mechanisms & interactions

Related L1 Explainers

How Does Aster Work?D+How Does Mantra Chain Work?C-How Does Bittensor Work?C-How Does Flare Network Work?C-How Does Canto Work?C-