What Is Monero? The Complete Guide to XMR (2026)

Monero (XMR) is a cryptocurrency designed around a single principle: every transaction is private by default, with no exceptions and no opt-out. Launched on April 18, 2014, it remains the only major digital currency where the sender, the recipient, and the amount transferred are all cryptographically obscured on every single transfer, with no transparent mode and no way to selectively publish your transaction history. The coin has held its position as the dominant privacy cryptocurrency by market capitalization, which exceeded $8 billion by early 2026, even as roughly 73 centralized exchanges delisted XMR in 2025 under pressure from anti-money-laundering frameworks in Europe, the Gulf, and Asia-Pacific. This guide covers how Monero's privacy works, what the 2026 FCMP++ upgrade changes, and what the current regulatory environment means for people who hold or use XMR.

Monero: Quick stats

• April 18, 2014: Monero mainnet launch date
• 18.7 million+ XMR in circulating supply (May 2026)
• 0.6 XMR per block, permanent tail emission since May 2022
• 16 decoys per ring signature today; FCMP++ expands that to potentially 100 million+
• ~73 exchanges delisted Monero in 2025
• $8 billion+ market cap by early 2026

Table of Contents

1. What Is Monero?
2. How Monero Achieves Privacy: Four Layers
3. FCMP++: Monero's Biggest Privacy Upgrade in a Decade
4. How Monero Differs From Bitcoin
5. Monero's Supply Model and Mining
6. Who Uses Monero and Why
7. Is Monero Truly Private? What the Research Shows
8. Is Monero Legal in 2026?
9. How to Get Monero in 2026
10. Frequently Asked Questions
11. The Bottom Line

What Is Monero?

Monero (ticker: XMR) is a decentralized cryptocurrency where the sender, the recipient, and the amount of every transaction are hidden by default, with no opt-in required. It launched on April 18, 2014, and takes its name from the Esperanto word for "coin."

Unlike Bitcoin, where every transaction is permanently recorded on a fully public ledger that anyone can inspect, Monero uses layered cryptographic techniques to make its blockchain opaque. Observers can verify that valid transactions occurred, but they cannot determine who sent funds to whom or how much changed hands.

Monero grew out of a dispute within an earlier project. In April 2014, a Bitcointalk forum member known as "thankful_for_today" launched BitMonero, a fork of Bytecoin, which was the first cryptocurrency to implement the CryptoNote v2 protocol described in a whitepaper published in October 2013 by the pseudonymous Nicolas van Saberhagen. When thankful_for_today became unresponsive to community feedback, a group of seven developers, including Riccardo Spagni (known online as "fluffypony") and five who remained anonymous, took control of the project, dropped "Bit" from the name, and relaunched it as Monero.

Today Monero has more than 18.7 million XMR in circulating supply, is maintained by hundreds of open-source contributors, and remains the leading privacy coin by market capitalization.

How Monero Achieves Privacy: Four Layers

Monero does not rely on a single privacy mechanism. Four distinct technologies work together to obscure every element of a transaction.

Ring Signatures: Hiding the Sender

When you send Monero, your transaction input is grouped with 15 decoy inputs drawn from the existing blockchain, forming a ring of 16 possible senders. Anyone inspecting the blockchain sees all 16 candidates but cannot determine which one initiated the actual transfer. The signature proves that one member of the ring authorized the transaction without revealing which one.

Think of it like signing a document in a room with 15 other people. A verifier can confirm that someone in the room signed it, but they cannot identify who.

Ring signatures have been part of Monero since its 2014 launch. They are being replaced by FCMP++, a more powerful system covered in the next section.

Stealth Addresses: Hiding the Recipient

Every Monero transaction creates a unique, one-time destination address on the blockchain, generated by the sender on behalf of the recipient. The recipient's publicly shared address never appears on the blockchain itself.

Recipients carry two private keys: a spend key, which authorizes outgoing transactions, and a view key, which allows the holder to scan the blockchain and detect incoming payments without gaining the ability to spend them. This view key can be shared selectively, for example with an accountant or a tax authority, while the spend key stays private.

Because every incoming payment lands at a fresh one-time address, it is impossible to link multiple payments to the same recipient by inspecting the blockchain.

RingCT: Hiding the Amount

Ring Confidential Transactions (RingCT), introduced in January 2017, hide the value transferred in every Monero transaction. Instead of broadcasting the amount directly, the protocol uses cryptographic commitments to prove that transaction inputs equal outputs, so no XMR is created or destroyed, without revealing the actual numbers involved.

The result: anyone watching the Monero blockchain can verify that each transaction is mathematically valid but cannot see whether a transfer was for 0.01 XMR or 10,000 XMR.

Dandelion++: Hiding Your IP Address

Privacy on the blockchain covers only part of the picture. When a standard cryptocurrency node broadcasts a transaction, the originating IP address can potentially be traced by an observer monitoring a large portion of the network.

Monero counters this with the Dandelion++ protocol. When a transaction is first broadcast, it travels through a random sequence of nodes (the "stem") before spreading broadly to the rest of the network (the "fluff"). The randomized propagation path makes it significantly harder to connect a transaction to the IP address that originated it. This layer is absent from nearly every competing guide, yet it addresses a meaningful real-world privacy gap that on-chain techniques alone cannot close.

FCMP++: Monero's Biggest Privacy Upgrade in a Decade

Full-Chain Membership Proofs (FCMP++) is a cryptographic upgrade that replaces Monero's ring signature system with zero-knowledge membership proofs. Instead of drawing 15 decoys to form a sender pool of 16, FCMP++ proves that a transaction input belongs to the full set of unspent outputs on the blockchain, without revealing which specific output is being spent.

In practical terms, the anonymity set expands from 16 potential senders to potentially every unspent output that has ever existed on the chain, a number that could reach 100 million or more as the network grows. The cryptographic proofs remain compact, around 2 to 3 kilobytes per input, so transaction sizes do not balloon.

FCMP++ also introduces forward secrecy for historical transactions. Even if future advances in computing were to undermine the elliptic-curve cryptography currently underpinning Monero, transactions made before that point would remain protected through periodic key rotation and post-quantum commitments built into the proof structure.

Timeline: The first public testnet for FCMP++ activated on October 3, 2025. Multiple stress-test rounds followed through the end of 2025 and into early 2026. As of May 2026, the mainnet hard fork is tentatively scheduled for mid-2026, pending final security audits. Check getmonero.org for the confirmed date before publishing dependent content.

How Monero Differs From Bitcoin

Bitcoin is pseudonymous, not anonymous. Every transaction is recorded on a fully public ledger, and chain analysis firms such as Chainalysis have built commercially viable businesses tracing Bitcoin flows, identifying transaction clusters, and linking addresses to real-world identities. Monero is designed from the ground up to prevent exactly that.

Fungibility is where the practical difference becomes most concrete. Fungibility means that every unit of a currency is interchangeable with any other unit of equal denomination. A dollar bill is fungible: any dollar bill is worth exactly one dollar regardless of who held it before.

Bitcoin is not truly fungible. Because every BTC carries a public transaction history traceable all the way back to its creation, coins that passed through sanctioned addresses, darknet markets, or ransomware wallets can be flagged as "tainted." Exchanges and payment processors have the technical means to refuse tainted coins, creating a two-tier system where freshly mined BTC trades at a premium and certain old BTC may be declined.

Monero is fully fungible because no XMR carries a visible transaction history. Every coin is indistinguishable from every other coin. There is no "tainted Monero" because there is no public record to taint.

Monero's Supply Model and Mining

Monero reached its initial emission of approximately 18.1 million XMR in May 2022. At that point, the network switched to a permanent tail emission of exactly 0.6 XMR per block, issued roughly every two minutes, producing approximately 157,680 new XMR per year.

Unlike Bitcoin's fixed 21 million cap, Monero's supply grows indefinitely. Because the additional supply is constant rather than percentage-based, the annual inflation rate falls continuously as the total supply rises. At current supply levels it sits below 1% per year and trends lower over time.

The rationale is pragmatic: a blockchain without any block reward eventually depends entirely on transaction fees to incentivize miners. Monero's developers concluded that a permanent tail emission provides a more reliable long-term security model, ensuring miners always have a predictable financial incentive to process transactions, rather than relying on a fee market that may not materialize at sufficient scale.

Mining: Monero uses the RandomX proof-of-work algorithm, introduced in November 2019. RandomX is designed to run efficiently on general-purpose CPUs and deliberately inefficiently on the custom ASIC hardware that dominates Bitcoin mining. ASIC manufacturers considering custom RandomX hardware would gain only a two-to-five times efficiency advantage over consumer CPUs. That margin is too narrow to justify the investment, keeping the network accessible to ordinary hardware and preserving the decentralization the community prioritizes.

Who Uses Monero and Why

The most straightforward legitimate use of Monero is financial privacy, the same reason people use cash for everyday purchases rather than a traceable bank transfer. A business that pays suppliers in Monero keeps its vendor relationships and contract values off a public ledger that competitors can read. An employee paid in cryptocurrency can receive compensation without exposing their salary to anyone who knows their wallet address.

In countries with heavy financial surveillance or unstable monetary systems, Monero provides a way to transact outside government-controlled rails. Journalists, human-rights workers, and activists operating in authoritarian environments have used privacy-preserving cryptocurrency to receive donations and move funds without exposing contributors or beneficiaries to retaliation.

Monero also functions as a cross-border remittance tool. International wire transfers are slow, expensive, and require compatible banking relationships on both ends. Monero transfers settle in minutes, carry no intermediary fees, and impose no geographic restrictions.

Monero has also been used for illicit purposes, including ransomware payments and darknet markets. In the first half of 2018, an estimated 44% of cryptocurrency ransomware payments used Monero. The Monero community does not dispute that the coin's privacy properties make it attractive for illegal activity. The relevant policy question, still being worked through by regulators worldwide, is how to weigh that risk against the legitimate privacy interests of lawful users. Physical cash has faced the same debate throughout its history.

Is Monero Truly Private? What the Research Shows

Monero's privacy record is strong. It is not absolute, and precision matters here.

The IRS bounty (2020): In September 2020, the U.S. Internal Revenue Service awarded contracts totaling up to $1.25 million, split between Chainalysis and Integra FEC, to develop tools for tracing Monero transactions. Each firm received an initial $500,000 development payment. Neither has published peer-reviewed results demonstrating comprehensive deanonymization of Monero at scale. CipherTrace, which separately claimed to have built a Monero-tracing toolkit for the Department of Homeland Security, acknowledged its approach was "probabilistic," producing a likelihood ranking of possible transaction paths rather than definitive identification.

The FloodXMR attack (2021): A 2021 academic paper demonstrated that a well-resourced adversary who flooded the Monero network with a high volume of transactions over an extended period could potentially use timing analysis to deanonymize a proportion of ring members. The attack required substantial resources and yielded probabilistic rather than certain results.

The honest bottom line: Monero currently offers significantly stronger privacy than any other major cryptocurrency. Standard ring signatures make chain analysis orders of magnitude harder than Bitcoin. FCMP++, once live on mainnet, will expand the anonymity set from 16 to potentially hundreds of millions, closing most of the remaining statistical attack surfaces.

That said, no cryptographic system carries a permanent guarantee. A 2022 financial intelligence study concluded that Monero "is probably only a matter of time and effort" away from being meaningfully traceable in certain scenarios, a judgment made before the FCMP++ development cycle began. Research continues to evolve on both sides of this question.

Is Monero Legal in 2026?

The single most important distinction: owning and holding Monero in a personal, self-custodied wallet is legal in the vast majority of countries worldwide. No major jurisdiction has made personal possession of Monero a criminal act.

What has changed dramatically since 2024 is the regulated exchange landscape.

Exchange delistings: Approximately 73 centralized exchanges delisted Monero in 2025. Binance, the world's largest exchange by volume at the time, removed XMR on February 20, 2024. Kraken halted XMR trading for users in the European Economic Area by October 2024, with withdrawals ending in December 2024.

European Union: The Markets in Crypto-Assets Regulation (MiCA, Regulation EU 2023/1114) and the companion Anti-Money Laundering Regulation (AMLR) require licensed crypto-asset service providers to implement travel rule compliance and know-your-customer procedures. Privacy coins whose protocols make transaction monitoring structurally impossible are effectively incompatible with these requirements. Full AMLR restrictions on custodial privacy coin handling phase in through 2027.

United Arab Emirates: The Dubai International Financial Centre (DIFC) financial regulator prohibits licensed platforms within the DIFC from listing or handling privacy coins.

Japan and South Korea: Regulated exchanges in both countries have been prohibited from listing privacy coins since 2018 and 2021, respectively, under local virtual asset service provider frameworks.

United States: Monero is not banned at the federal level. No law prohibits U.S. residents from owning, mining, or using Monero. Regulatory pressure has come through exchanges voluntarily delisting to manage compliance risk, not through direct prohibition.

The practical effect of delistings is not illegality. It is that obtaining Monero through conventional channels has become harder. Peer-to-peer exchanges and decentralized swap services remain available in most jurisdictions.

How to Get Monero in 2026

Given widespread exchange delistings, the most common routes to acquiring Monero in 2026 are peer-to-peer trading and decentralized swap services. Centralized exchanges that still list XMR, primarily smaller platforms outside the EU and select regulated markets, remain an option depending on jurisdiction.

For storage, the most widely recommended wallets in 2026 are:

• Cake Wallet (iOS and Android): Open-source, non-custodial, no account required. The standard recommendation for mobile users.
• Feather Wallet (Windows, macOS, Linux): Open-source desktop wallet with built-in Tor routing and remote node support. Fastest sync times among desktop options.
• Monerujo (Android): Open-source, privacy-focused, recommended for Android users who prefer a purpose-built Monero application.
• Official Monero GUI (all desktop platforms): The reference implementation from the Monero project. Most private when run with a local full node.

Hardware wallet support is available on Ledger and Trezor devices, though the setup process requires more steps than software wallets.

This section is informational only and does not constitute financial or investment advice.

Frequently Asked Questions about Monero

What is Monero used for?

Monero is used for any transaction where financial privacy matters: business payments that should not be visible to competitors, personal transfers between individuals, cross-border remittances, and transactions in environments where financial surveillance poses a risk to the parties involved. It has also been used in illicit contexts, a reality the project acknowledges.

Is Monero more private than Bitcoin?

Yes, by a large margin. Bitcoin transactions record the sender's address, the recipient's address, and the exact amount on a permanently public ledger. Monero hides all three by default using ring signatures, stealth addresses, and RingCT. Bitcoin's optional privacy tools, such as CoinJoin, require deliberate effort, reduce the anonymity set to a small group of users, and leave metadata traces. Monero's privacy is mandatory and applies to every transaction on the network.

What is FCMP++?

FCMP++ (Full-Chain Membership Proofs++) is a cryptographic upgrade replacing Monero's ring signature system. Ring signatures currently draw 15 decoys to form a sender pool of 16. FCMP++ proves that a transaction input belongs to the entire set of unspent outputs on the blockchain, a pool that could exceed 100 million entries, without revealing which specific output is being spent. The FCMP++ testnet activated on October 3, 2025. Mainnet deployment is tentatively planned for mid-2026.

Can Monero be traced?

Not reliably using currently published techniques. The IRS paid up to $1.25 million in September 2020 to Chainalysis and Integra FEC for Monero-tracing tools, and CipherTrace separately claimed a probabilistic toolkit for the Department of Homeland Security. None of these efforts has produced a peer-reviewed method for definitively tracing arbitrary Monero transactions at scale. FCMP++, once live, will raise that bar further by expanding the anonymity set from 16 to potentially hundreds of millions of outputs.

Is Monero legal in the United States?

Monero is not banned in the United States. Federal law does not prohibit American residents from owning, mining, or transacting with Monero. Most major U.S. exchanges have voluntarily delisted XMR to manage regulatory risk, but that is a business decision, not a legal requirement. Peer-to-peer trading and decentralized swap services remain available.

How is Monero different from Zcash?

Both use advanced cryptography for privacy, but their approaches differ fundamentally. Monero makes every transaction private by default, with no option for a transparent transfer. Zcash uses zk-SNARKs that can fully hide transaction details, but privacy is optional: users must actively choose a shielded address and transaction type. In practice, the large majority of Zcash transactions use the transparent (public) mode, which provides no privacy at all.

Does Monero have a limited supply?

No. Monero has no hard supply cap. After its initial emission reached approximately 18.1 million XMR in May 2022, the network switched to a permanent tail emission of 0.6 XMR per block, issued roughly every two minutes. This produces a predictable annual inflation rate below 1% that trends lower over time as the total supply grows.

The Bottom Line

Monero is the most comprehensively private cryptocurrency in active production. Its four-layer privacy architecture, ring signatures, stealth addresses, RingCT, and Dandelion++, hides the sender, recipient, amount, and originating IP address of every transaction by default. The upcoming FCMP++ upgrade, with testnet live since October 2025 and mainnet tentatively planned for mid-2026, will replace ring signatures with zero-knowledge proofs that expand the anonymity set from 16 decoys to potentially every unspent output on the chain.

That privacy comes with real tradeoffs. Regulatory pressure has resulted in roughly 73 exchange delistings in 2025 alone, reducing access through conventional channels. Personal ownership and self-custody remain legal in nearly all major jurisdictions, but obtaining XMR requires navigating a more fragmented set of options than three years ago.

For anyone whose financial activity warrants meaningful privacy, whether protecting business dealings, preserving personal financial autonomy, or transacting across borders without intermediaries, Monero remains the most technically rigorous option available.

This article is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency regulations vary by jurisdiction and change frequently. Verify the legal status of Monero in your country before transacting.