00:53:27 Hi guys, anyone tried creating an open node that operates only over tor? I'm following the monerodocs tutorial and only serving via tor hidden service; but after reading all the monerod documentation, reddit posts, etc, I'm not sure if the real clearnet IP of the node can be leaked. Using ufw I denied all incoming connections and allowed outgoing (the hidden service works with virtual ports so no need to open incoming ports) I 00:53:28 think the leak may come in relation to outgoing connections. I couldn't find any safe way to make the debian installation use tor system-wide 00:54:23 * incoming ports according to the ppst) I 00:54:31 * incoming ports according to the tutorial) I 01:07:32 I have. 01:10:36 --proxy=ip:port 01:10:36 (--proxy=127.0.0.1:9050 if tor on is on default ports) 01:10:36 Syncs over exit nodes. 01:43:12 > <@ofrnxmr:monero.social> --proxy=ip:port 01:43:12 > (--proxy=127.0.0.1:9050 if tor on is on default ports) 01:43:12 > Syncs over exit nodes. 01:43:12 You mean --tx-proxy? 01:44:02 Nope 01:46:24 tx-proxy and anonymous-inbound are for receiving / relaying transactions to onions and (I believe) handshakes and peers lists. 01:46:24 Without --proxy, blockchain sync is still clearnet 01:46:24 --proxy sends all traffic over tor exit nodes and doesnt require tx-proxy or anonymous-inbound 01:49:38 I should have used monerod --help :) 01:49:39 > <@ofrnxmr:monero.social> tx-proxy and anonymous-inbound are for receiving / relaying transactions to onions and (I believe) handshakes and peers lists.... (full message at https://libera.ems.host/_matrix/media/r0/download/libera.chat/1d49b5cc0207121d42106163c6c1e6d4352ac37e) 01:50:49 > <@ofrnxmr:monero.social> tx-proxy and anonymous-inbound are for receiving / relaying transactions to onions and (I believe) handshakes and peers lists.... (full message at https://libera.ems.host/_matrix/media/r0/download/libera.chat/e5d49efdf59d6b2012f017b7df1761a0eb659a70) 01:52:32 * documentation then. So it seems in that way, the clear node IP should not be leaked right? 01:52:32 * documentation then. So it seems that using those 3 options would avoid leaking the real node IP right? 01:53:27 nantuk[m]: Im not sure if --proxy is in there? Could be 😝 02:02:24 "Im not sure if --proxy is in..." <- It is! It is just missing in monerodocs site 02:04:40 Its missing from official documentation as well 02:04:40 I think I found it in --help because i wasnt able to find it on GitHub 16:26:12 > <@ofrnxmr:monero.social> Its missing from official documentation as well 16:26:12 > 16:26:12 > I think I found it in --help because i wasnt able to find it on GitHub 16:26:12 do you get 'in peers' using the proxy flag? 16:52:40 Yes but status only shows ipv4 16:52:40 Node also spams errors about "no incoming connections". But you can ignore. 16:52:40 16:52:40 print_cn shows incoming tor connections 16:54:25 * ofrnxmr[m] uploaded an image: (164KiB) < https://libera.ems.host/_matrix/media/r0/download/monero.social/iFLNFEKztMIcOsanuGEFJZRu/Imagepipe_104.jpg > 16:55:34 * ofrnxmr[m] uploaded an image: (57KiB) < https://libera.ems.host/_matrix/media/r0/download/monero.social/pAGLVAFnUQuDLkSabIisUAXM/Imagepipe_105.jpg > 17:01:18 obviously exit relays have their issues, but this is a nice option anyways 17:06:28 "Imagepipe_104.jpg" <- are these in peers available because you have hidden service as well? 17:09:01 Those peers are from --proxy, no hidden service needed. 17:10:40 * ofrnxmr[m] uploaded an image: (145KiB) < https://libera.ems.host/_matrix/media/r0/download/monero.social/GeXcCAdJgyGRDHffQUMKvKQy/Imagepipe_106.jpg > 17:11:55 Some of these onions are manually added, some are from --anonymous-inbound 17:14:51 ofrnxmr[m]: i think you need to set up a hidden service for `--anonymous-inbound` to work. from what i see, the only in connections you have are via this method 17:17:40 * ofrnxmr[m] uploaded an image: (48KiB) < https://libera.ems.host/_matrix/media/r0/download/monero.social/JLgGRPTtZjzVNmmmODNiUxtj/Imagepipe_107.jpg > 17:18:19 This is testnet syncing, I have no inbound connections right now but should once I catch up 17:18:46 Using only --proxy (no tx proxy or anon inbound) 17:21:50 "i think you need to set up a..." <- 🤔... 17:21:50 you may be right 17:24:57 😅. It does look like all of the no name tor connections = the onion peers... 17:24:57 In which case 🙊 I guess it only does incoming handshakes and then makes outgoing connections 17:25:25 ok, just tested on my own node. i have inc for my node with --proxy flag :) 17:30:15 i suppose peers aren't choosing your node via clearnet for some reason. at least you're seeding over tor :) 17:34:12 * ofrnxmr[m] uploaded an image: (22KiB) < https://libera.ems.host/_matrix/media/r0/download/monero.social/hGVzxePVFmFcMpXGKPpDziDg/Imagepipe_108.jpg > 17:35:13 About as much up as down 👍 17:35:13 Not sure if because im running master, but seems to be far lower than usual. 17:35:13 Used to be >2GB /day in each direction iirc 17:36:41 do you ever sync wallets over LAN? 17:38:12 Yea, my RPC port is on my lan 192.168.x.x:18089 17:38:19 ah ok, nvm, confirm external bind wasn't the issue XD 17:38:55 forgot what i had changed -_- 17:49:56 i wonder if your rpc port is also available via the exit relay 🤔 18:07:53 It is 18:07:54 Im connecting over my router so if router port is also open then RPC is available over clearnet 18:35:01 i'm confused, why have you got a port forwarded on your router if you're using the proxy flag? 19:36:34 I don't 19:38:32 "i wonder if your rpc port is..." <- Sorry, early / late morning 😂 19:38:32 Its not available over exit relay. Somehow I read clearnet. 19:38:32 Time for me to 🤐. 19:43:07 i'ts all goood, thanks for your replies 20:07:59 I made a little tester tool in case anyone wants to make sure a node is browser compatible :) https://sunny-malabi-a3b5ff.netlify.app/#/node-checker ... works with onion nodes in tor as well, just make sure to prefix with http:// 20:08:34 spirobel: reeemuru 20:18:04 I havent been able to get hotshop to load using my onion 20:18:04 It passes the test though ^ 20:20:27 I have a bug that is preventing nodes from updating cleanly at the moment. What I'm doing in the meantime is specifying a new node, updating the config, saving the custom shop link and then opening that in a new tab. 20:20:31 https://sunny-malabi-a3b5ff.netlify.app/##primaryAddress%3D49ouNFXbQxj72FYjEgRjVTa35dHVrSL118vNFhxDvQWHJYpZp523EckbrqiSjM6Vb1H6Ap43qYpNRHBaVS9oBFtZUeTaH88%26secretViewKey%3D9fb781ad709a41bd651f92c2e380813b9ca8abfb7e733105202e1d9f12799c03%26network%3Dmainnet%26monerodUri%3Dhttp%3A%2F%2Fqstotuswqshpfq3tk5ue6ngbx6rge3macsfa7qyt5j4caopixxhckpad.onion%3A18089%26defaultConfirmations%3D0%26shopName%3DHotShop%26logoUrl%3Dhttps%3A%2F% 20:20:31 2Fwww.getmonero.org%2Fpress-kit%2Fsymbols%2Fmonero-symbol-480.png 20:20:42 so if you open this link in Tor, it's using your onion node and works correctly 20:21:49 * cryptogrampy[m] uploaded an image: (52KiB) < https://libera.ems.host/_matrix/media/r0/download/monero.social/EszPOlYcMeLMpMEgXlPKOPDT/image.png > 20:21:53 shop link is here for now ☝️ 20:23:01 was able to successfully process a payment using your node as well :) 23:33:04 https://www.monero.observer/monero-konferenco-2022-waiting-list/