Monero releases 'Fluorine Fermi' upgrade to kick out spy nodes

The Monero privacy blockchain has released a significant upgrade that majorly strengthens user protection. The blockchain announced CLI v0.18.4.3 “Fluorine Fermi”, calling it a highly recommended release that enhances protection against spy nodes.

In the Monero community, the term “spy nodes” refers to malicious nodes, their groups, or botnets that are capable of linking IP addresses with transactions, effectively undermining the blockchain’s privacy guarantees.

Spy nodes have been a major concern in Monero’s ecosystem. Its community has long viewed these attacks as one of the most persistent threats to its mission of untraceable transactions.

Monero privacy issues were, in part, brought into the spotlight via a leaked Chainalysis video that appeared in September 2024. It claimed that Chainalysis was able to track transactions back to 2021 via its own “malicious” Monero nodes.

The new upgrade adds another layer of protection to counter such threats, while also improving network reliability and stability.

‘Fluorine Fermi’ update solves major challenges

Given that spy nodes threaten the privacy of users in contrast to the main aim of the project, the community has worked hard to find workarounds, establish safety practices, promote self-node operation, and utilize software to provide a shield against malicious nodes on Monero. 

There are a few important technologies that protect privacy: each transaction uses a different stealth address so that the recipient’s real address stays hidden; ring signatures mix a sender’s transaction with other fake transactions, making it hard to tell who really sent the money; and Ring Confidential Transactions (RingCT) hide the amount being sent.

Another tool the community promotes is the use of Dandelion++, software designed to prevent malicious actors from linking IP addresses to transactions.  

However, there are still more challenges. For instance, a paper published on the research sharing platform arXiv in September noted the growing presence of non-standard nodes in the network. These nodes pose as honest nodes but are likely intended for monitoring the network and spying on other nodes, thereby endangering privacy.

The Fluorine Fermi update solves this problem by implementing an improved peer selection algorithm that reduces the chance users connect to multiple nodes within the same IP subnet, a common spy node tactic. It discourages connections to large clusters of suspicious IP addresses, steering users toward safer nodes.

Another problem is that some mail carriers might get sly and try to find out who is delivering what letters. The Fluorine Fermi update changes how letters are sent and who they are sent to, which makes it extremely hard for spies to trace the trail. This helps the Monero mail service escape these cunning carriers.

Meanwhile, Monero’s XMR token rose to a three-week high of $347 overnight and has since pulled back to below $340.

Qubic claims 51% control of Monero hashrate

In Q3, the Qubic mining pool said it took control of 51% of Monero’s hashrate. This level of control could, in theory, rewrite the chain, double-spend transactions, or censor activity, all for a cost of about $100,000 per day.

A 51% attack happens when one group has more than half of a blockchain’s mining power or stake. This lets them change the chain’s history or stop transactions.

At first, the pool struggled and fell to the seventh-largest on the network after a distributed denial of service (DDoS) attack on August 4, which reduced its hashrate from 2.6 gigahashes per second (GH/s) to barely 0.8 GH/s. But later, Qubic restored its power and said it was in charge of a major part of the business.

Sergey Ivancheglo, the founder of Qubic, said that the plan was to take over Monero’s mining and eventually stop competitor pools from adding blocks.

Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.