Monero pays a large price for its fungibility, by making the UTXO set of (potentially) unspent outputs equal to the set of ALL outputs. Whereas synced bitcoin full nodes can forget all about spent outputs, Monero full nodes must keep some info about them, and be able to efficiently index this info.
For its initial block download, a node must download and verify rangeproofs for all outputs, not just the unspent ones.
Wallets must be able to sample decoys from a large fraction of all historical outputs.
I work for Cake Wallet and Monero.com so I'm biased, but you should try one of the wallets that does this relatively burdensome scanning task locally to see that normally it's not the end of the world. It takes me only a few seconds to scan a month of blocks.
It's not comparable though. The simplified (though slightly wrong) way to think about Grin is that its privacy is like Monero but without Monero's ring signatures. Its transaction graph privacy is quite weak.
> The Grin team has consistently acknowledged that Grin’s privacy is far from perfect. While transaction linkability is a limitation that we’re looking to mitigate as part of our goal of ever-improving privacy, it does not ‘break’ Mimblewimble nor is it anywhere close to being so fundamental as to render it or Grin’s privacy features useless.
Hiding addresses and amounts is certainly better than Bitcoin, but the transaction graph privacy offered by Grin is significantly weaker than Monero. It's not the same.
For its initial block download, a node must download and verify rangeproofs for all outputs, not just the unspent ones.
Wallets must be able to sample decoys from a large fraction of all historical outputs.
This makes Monero much more bloated than Bitcoin.
A more detailed comparison between Monero and Bitcoin can be found at https://gist.github.com/phyro/ec37d8bfedd36102b0ea5824580d06...