How FCMP++ radically improves Monero privacy

Full-chain membership proofs are a planned upgrade to the Monero blockchain that will increase its anonymity set from 16 to over 100,000,000. This is a big deal because it means instant privacy gains for the fun price of free!

Currently, Monero relies on an algorithm called RingCT (CT stands for confidential transactions) which provides 15 decoy transactions for each one real transaction. These are also known as outputs and will be referred to as such.

Currently, with 16 outputs, the table looks like this:

Based on $P = \frac{1}{(D + 1)^n} \times 100$ where P is the probability of correctly guessing the right path (as a percentage), D is the number of decoys, and n is the number of transactions (passes).

This is an impressive amount of privacy; essentially it means that to achieve a sub-1% chance of correctly guessing where funds went, the holder only needs to move thier coins through two wallets.

There's a problem; this relies on guessing. The majority of blockchain forensics software doesn't rely on guesses, it can brute force this to an extent by trying all possible combinations (or more commonly, timing analysis). This means that if you wish to defeat Chainalysis&Co, you need to pass funds through multiple throwaway wallets, typically 5 is enough.

This is changing with FCMP++, which results in a roughly 6.6x improvement in privacy. Assuming there are 100 million decoys, the table looks like this:

This essentially makes the old method of analyzing the blockchain obsolete, even if we assume compute power doubles every year.

Human problems

This upgrade is exciting, but it does not prevent against human problems like bad OPSEC. If you buy 37.473 XMR on Coinbase, and in a year sell 37.471 XMR to another exchange with your real name and ID, the tax man will know.

FCMP++ is meant to prevent against chain analysis and advances in artificial intelligence.