Table of Contents
Fetching ...

Moneros Decentralized P2P Exchanges: Functionality, Adoption, and Privacy Risks

Yannik Kopyciok, Friedhelm Victor, Stefan Schmid

TL;DR

This work systematically maps the Monero-focused P2P DEX ecosystem, analyzing Haveno, Bisq, BasicSwap, and COMIT-based UnstoppableSwap to assess architecture, governance, and privacy. It identifies centralization vectors (seed/arbitrator nodes) in Haveno and Bisq, contrasts with more decentralized models like BasicSwap and COMIT, and reveals a concrete Haveno cross-chain observability vulnerability enabling partial linking of Monero trades to Bitcoin activity. Through empirical analysis of trade patterns and blockchain data, the study quantifies observable signals and demonstrates how on-chain footprints can erode Monero’s privacy in practice. The findings illuminate design trade-offs between usability, liquidity, and privacy, offering actionable directions for more secure DEX designs and informing regulatory discussions around P2P crypto exchanges.

Abstract

Privacy-focused cryptocurrencies like Monero remain popular, despite increasing regulatory scrutiny that has led to their delisting from major centralized exchanges. The latter also explains the recent popularity of decentralized exchanges (DEXs) with no centralized ownership structures. These platforms typically leverage peer-to-peer (P2P) networks, promising secure and anonymous asset trading. However, questions of liability remain, and the academic literature lacks comprehensive insights into the functionality, trading activity, and privacy claims of these P2P platforms. In this paper, we provide an early systematization of the current landscape of decentralized peer-to-peer exchanges within the Monero ecosystem. We examine several recently developed DEX platforms, analyzing their popularity, functionality, architectural choices, and potential weaknesses. We further identify and report on a privacy vulnerability in the recently popularized Haveno exchange, demonstrating that certain Haveno trades could be detected, allowing transactions to be linked across the Monero and Bitcoin blockchains. We hope that our findings can nourish the discussion in the research community about more secure designs, and provide insights for regulators.

Moneros Decentralized P2P Exchanges: Functionality, Adoption, and Privacy Risks

TL;DR

This work systematically maps the Monero-focused P2P DEX ecosystem, analyzing Haveno, Bisq, BasicSwap, and COMIT-based UnstoppableSwap to assess architecture, governance, and privacy. It identifies centralization vectors (seed/arbitrator nodes) in Haveno and Bisq, contrasts with more decentralized models like BasicSwap and COMIT, and reveals a concrete Haveno cross-chain observability vulnerability enabling partial linking of Monero trades to Bitcoin activity. Through empirical analysis of trade patterns and blockchain data, the study quantifies observable signals and demonstrates how on-chain footprints can erode Monero’s privacy in practice. The findings illuminate design trade-offs between usability, liquidity, and privacy, offering actionable directions for more secure DEX designs and informing regulatory discussions around P2P crypto exchanges.

Abstract

Privacy-focused cryptocurrencies like Monero remain popular, despite increasing regulatory scrutiny that has led to their delisting from major centralized exchanges. The latter also explains the recent popularity of decentralized exchanges (DEXs) with no centralized ownership structures. These platforms typically leverage peer-to-peer (P2P) networks, promising secure and anonymous asset trading. However, questions of liability remain, and the academic literature lacks comprehensive insights into the functionality, trading activity, and privacy claims of these P2P platforms. In this paper, we provide an early systematization of the current landscape of decentralized peer-to-peer exchanges within the Monero ecosystem. We examine several recently developed DEX platforms, analyzing their popularity, functionality, architectural choices, and potential weaknesses. We further identify and report on a privacy vulnerability in the recently popularized Haveno exchange, demonstrating that certain Haveno trades could be detected, allowing transactions to be linked across the Monero and Bitcoin blockchains. We hope that our findings can nourish the discussion in the research community about more secure designs, and provide insights for regulators.
Paper Structure (13 sections, 2 figures, 1 table)

This paper contains 13 sections, 2 figures, 1 table.

Figures (2)

  • Figure 1: Bisq and Haveno-Reto XMR trading volume against various cryptocurrencies. Bisq only supports XMR/BTC, and has significantly higher volume, but Haveno-Reto (Retoswap), is quickly growing and has approached nearly USD 2 Million in February 2025. While Haveno-Reto supports other XMR Trading Pairs, BTC is the most popular.
  • Figure 2: On-Chain Pattern for a standard Haveno trade without a dispute. The two outputs created in the first two transaction are referenced in the final transaction within 24 hours. Within this time window, a counterpart needs to exist on the other trading currency, in this case Bitcoin. Haveno by default uses the same high fee for both transactions, obfuscates the reported trade amount, but broadcasts the completion of the trade immediately via the P2P network.