-
m-relay
<audrea:matrix.org> hi need help please
-
m-relay
<dancer:monero.social> I might be hilariously out of touch with this but in case it isn't said: Seth it out. He's sold out. He's no cryptopunk
-
m-relay
<dancer:monero.social> if you think otherwise, make your case. He's been pushing the fabric between the values he knows and his own profits for a long time. I honestly don't know anyone who doesn't think he's a total sellout nowadays
-
m-relay
<dancer:monero.social> that sweet spot between "I love monero!" and bitcoin "#blessed"
-
m-relay
<dancer:monero.social> if you can understand monero than tell me how he's not a scammer
-
m-relay
<snowman:tetaneutral.net> Seth will convert more people to Monero than anyone in Monero only content silos on social media platforms
-
m-relay
<snowman:tetaneutral.net> If he just says Monero only, no one who needs to see his posts will see any of his posts.
-
m-relay
<snowman:tetaneutral.net> If you don’t understand that, then your brain is too small
-
m-relay
-
m-relay
<321bob321:monero.social> Banned word btw
-
m-relay
<321bob321:monero.social> S*th
-
m-relay
<diego:cypherstack.com> ironically, Seth has been looping back around to Monero after being disillusioned with how terrible lightning is, how bad Bitcoin privacy is, and how horrendous the BTC community is intellectually
-
ofrnxmr
ban
-
ofrnxmr
S*th is a banned word /s
-
ofrnxmr
"I honestly don't know anyone who doesn't think he's a total sellout nowadays" anyone who understands monero's shortfalls
-
ofrnxmr
"if you think otherwise, make your case." The day i lose sleep over how what another man does in his own time, ill be sure to go tell my story in #monero-beyondmeat
-
vthor
ofrnxmr: what are in your opinion understands monero's shortfalls?
-
m-relay
<321bob321:monero.social> I think sith lord gave up after whirlpool got nuked by the gov
-
m-relay
<dancer:monero.social> I need someone to update themonero.dance for xmr
-
m-relay
<dancer:monero.social> my smol brain sees bullshit when I see's it. He's trying hard to be two things and take advantage both ways without committal to anything while appearing "graceful" but he isn't and he's milking people with his affiliations and those of his sponsors. Maybe it's a coincidence. But what do I know? I have a very smol brain
-
ofrnxmr
"what are in your opinion understands monero's shortfalls?" Its not nearly as private or scalable as monero gospel preachers would like to believe
-
m-relay
<dancer:monero.social> He did a really good job of chasing down the problems with lighting privacy. When money doesn't get in the way this guy has talent
-
ofrnxmr
And it often spends more time kicking tires than solving problems
-
ofrnxmr
"He's trying hard to be two things and take advantage both ways without committal to anything while appearing "graceful" but he isn't and he's milking people with his affiliations and those of his sponsors" milking who
-
ofrnxmr
What does he sell to monero?
-
m-relay
<dancer:monero.social> has he mentioned proton lately? yes. That's just one of the many
-
ofrnxmr
Meanwhile, here in monero, we fund oscar hopefuls
-
ofrnxmr
"has he mentioned proton lately? yes. That's just one of the many" whats your point? That he's not allowed to use proton?
-
m-relay
<dancer:monero.social> it's pathetic. and it's actually what I hope I might be able to contribute (humbly) towards. All the pieces are here but it's such a complex project that no one knows everything. Much like when I do so when I work on a satellite or a missile.
-
ofrnxmr
"hope" < actions, dancer
-
m-relay
<dancer:monero.social> I'm not without actions. I've been doing things. I appreciate the goading :)
-
ofrnxmr
You want to be an influencer, but youre just hating on a guy who speaks his mind on his twitter
-
m-relay
<dancer:monero.social> systems engineers are influencers now
-
ofrnxmr
And wanting to be an influencer is sad
-
ofrnxmr
No. Systems engineers are systems engineers
-
m-relay
<dancer:monero.social> That's what I do
-
ofrnxmr
Having a blog doesnt make you an influencer
-
ofrnxmr
Youre mad that seth has a twitter
-
ofrnxmr
"shutup and shill my monero!"
-
m-relay
<dancer:monero.social> goddamnit I"m not an influencer I only have a twitter with barely anyone followers
-
ofrnxmr
You WANT to be an influencer
-
luigi1111
lightning is the best protocol ever envisioned
-
ofrnxmr
And youre salty that your idol doesnt do a better job of shilling monero. Its weak
-
luigi1111
don't @me
-
m-relay
<dancer:monero.social> I've taken great steps to not be an influencer. I post crazy things just to see who sticks around lol
-
ofrnxmr
Youre focused on s*th. Find a better hobby
-
m-relay
<dancer:monero.social> when something captures my focus, it does. then it passes. I haven't mentioned seth in probably almost a year
-
ofrnxmr
I'm not defending him, im saying youre like 2yrs late to the "fk s*th" party
-
ofrnxmr
Its disgruntled fanboyism at best
-
m-relay
<dancer:monero.social> I was on his team 2 years ago. I gave him a chance. I don't understand "fanboyism"
-
ofrnxmr
Find a new influencer to idolize and be disappointed with
-
ofrnxmr
"I was on his team 2 years ago. I gave him a chance. I don't understand "fanboyism"" << contradicted yourself all in one message
-
m-relay
<dancer:monero.social> I said my peace already. I said it everywhere. It's the past now
-
ofrnxmr
"i was on his team" << llol. "i gave him a chance" lmao "i dont understand fanboyism" you literally just explained that you were bandwagoning
-
m-relay
<dancer:monero.social> it's up to future generations to interpret now
-
ofrnxmr
Bruh. Monero is only a decade old
-
plowsof
sethforprivacy.com/posts/why-i-focus-on-bitcoin "I said my peace already. I said it everywhere. It's the past now" him too, now take this drivel elsewhere
-
m-relay
<dancer:monero.social> in the whirlwinds of crypto markets, it's easy to lose focus on the fact that we're changing the world here
-
m-relay
<rottenwheel:kernal.eu> luigi1111 lightning is a shitcoin @luigi.
-
ofrnxmr
yeah, then for some reason we start talking about what seth had for breakfast
-
plowsof
wohh price went up and down, i forgot im changing the world here
-
plowsof
insightful
-
ofrnxmr
+100 plowsof
-
m-relay
<rottenwheel:kernal.eu> Lol.
-
m-relay
<dancer:monero.social> precisely
-
m-relay
<321bob321:monero.social> Ban
-
ofrnxmr
This isnt even market talk, this is barely passable for #monero-beef. Thats y i said #monero-beyondmeat
-
ofrnxmr
Can take up your grievances with seth's personal choices on the twit
-
m-relay
<dancer:monero.social> I think the reason everyone has banned you is bc you're such a banterer. this is a 3 line convo extended by your efforts
-
ofrnxmr
bruh is trying to restart the ban convo
-
ofrnxmr
Go touch grass
-
m-relay
<dancer:monero.social> >dMartian has left the chat
-
ofrnxmr
Ty
-
ofrnxmr
"if you think otherwise, make your case. " << complains when someone responds. Some ppl.. smh
-
m-relay
<voboda:infinite.build> hey everyone, i've been using monero to proxy between different chains and cexs -- just for privacy. but seems i'm always timing moves with red candles 😅 a lot of times i'll move say eth or randocoin into monero through some bridge like simpleswap then "churn" to a different account, then send to a cex, then sell there and offramp -- and that can take a few hours between all<clipped message>
-
m-relay
<voboda:infinite.build> the confirmations.
-
m-relay
<voboda:infinite.build> i've started to hold xmr long term, to try and time the buys and sells to the market, but i'm wondering if there are better ways
-
m-relay
<voboda:infinite.build> any tips here? better bridges or different approaches?
-
m-relay
<voboda:infinite.build> oops, sorry wrong channel - didn't see the "workgroup" in my sidebar. i'll repost in support
-
m-relay
<real_glitch:matrix.org> this ofrnxmr guy
-
m-relay
<real_glitch:matrix.org> at the very least, read his message first ffs
-
m-relay
<real_glitch:matrix.org> first of all, seth represent himself as a "Privacy guy", he was full time bitcoin whistle blower, but after bitcoin lost its every single privacy and became useless he came to suck up to monero because he just ran out of "Privacy related subject" to talk about, i know a lot of people came to monero through seth after they understood the importance of privacy + shortcomings of bitc<clipped message>
-
m-relay
<real_glitch:matrix.org> oin in that regard + core devs has no plans to fix it
-
m-relay
<real_glitch:matrix.org> but what if you could achieve a half decent half assed privacy on bitcoin? wont he reverse this flow? if you think logically, he or anyone that cares about privacy should know that bitcoin wont give you privacy and there is no hope for it so he should focus more on other projects such as monero,zano etc..
-
m-relay
<real_glitch:matrix.org> but despite all of these he is so fixed on bitcoin and finding a toy to play with it on its blockchain(is it bep 200 or something these days?), as bitcoin cash guys said: bitcoin folks motive is to waste time until CBDC gets ready
-
m-relay
<real_glitch:matrix.org> but yes its his free time he can do whatever he likes, the real problem is some core people from real privacy projects give him too much credit
-
m-relay
<real_glitch:matrix.org> i dont care if you want to suck up to him or not but, seth is just a guy who wants to play around with new toys on bitcoin, he doesnt give a single fuck about freedom nor privacy or any other right-wing movement
-
m-relay
<real_glitch:matrix.org> that guy said the same thing, that we shouldn't forget our way which is maximum privacy, most of the people here are not "monero guy" but "privacy guy" if you have better option tell us now well switch right away(there are non to my knowledge)
-
m-relay
<clarck__amberson:matrix.org> The funny thing is, he came to monerocon to talk about bitcoin privacy😂
-
m-relay
<clarck__amberson:matrix.org> And why we need more privacy tools on bitcoin
-
m-relay
<clarck__amberson:matrix.org> Just use monero bro
-
m-relay
<monerobull:matrix.org> simpleswap can freeze your coins. consider swapping through
haveno-reto.com
-
m-relay
<monerobull:matrix.org> he works for a bitcoin hardware wallet manufacturer now, not surprising
-
m-relay
<clarck__amberson:matrix.org> Btw pressuring new people to doxx themselves should be a punishable act imo
-
m-relay
<clarck__amberson:matrix.org> I dont care if its just trolling or not but dont make it personal
-
m-relay
<real_glitch:matrix.org> as i told, he is a bitcoin guy not privacy
-
m-relay
<aremor:matrix.org> Disagree
-
m-relay
<aremor:matrix.org> Only recently went btc and he’s coming back. Been privacy guy for years upon years
-
m-relay
<monerobull:matrix.org> bitcoin privacy is a totally lost cause
-
m-relay
<monerobull:matrix.org> they had samourai until they didn't
-
m-relay
<monerobull:matrix.org> it was their last remaining bit of real cypherpunk privacy
-
m-relay
<shadowexchange:matrix.org> Are you the admin on r/monero?
-
m-relay
<aremor:matrix.org> Wasn’t the Whirlpool backend open source? No one can just throw up new coordinators?
-
m-relay
<monerobull:matrix.org> i am one of the mods yeah, im guessing you need a post approved?
-
m-relay
<monerobull:matrix.org> nobody want's to run one
-
m-relay
<monerobull:matrix.org> and the ones that do have no visibility
-
m-relay
<shadowexchange:matrix.org> Yes that but also if you can confirm our reddit account for shadowex is the legitimate one (have posted a link to it on our contact page)
-
m-relay
<shadowexchange:matrix.org> Last account got instant banned because we accessed reddit on Tor. Why does reddit have a tor link but if you use it your account gets suspended.
-
m-relay
<aremor:matrix.org> The charges against tdev and the other guy are **conspiracy** to laundry. The charges are due to their social network posts and crap. They were bragging about help North Korea & shit. That’s why they got indicted.
-
m-relay
<aremor:matrix.org> Long story short, running that coordinator is not a crime. People shouldn’t be afraid to run one.
-
m-relay
<aremor:matrix.org> ^
-
m-relay
<real_glitch:matrix.org> haha thats my problem as well
-
m-relay
<real_glitch:matrix.org> i dont have a the required bandwith and storage and time
-
m-relay
<real_glitch:matrix.org> what should i do?
-
m-relay
<real_glitch:matrix.org> i dont have the required bandwith and storage and time
-
m-relay
<real_glitch:matrix.org> what should i do?
-
m-relay
<monerobull:matrix.org> the docs also said they laundered every single dollar that went through it
-
m-relay
<aremor:matrix.org> Well the only evidence of that will be their own stupid ass statements
-
m-relay
<aremor:matrix.org> It’s really like they wanted to be indicted or something
-
m-relay
<real_glitch:matrix.org> WHY YOU DONT USE MONERO INSTEAD???
-
m-relay
<real_glitch:matrix.org> this is such a mental gymnastic for seth fanboys, why you cant use monero?
-
m-relay
<aremor:matrix.org> Who is “you”?
-
m-relay
<real_glitch:matrix.org> anyone who is interested in bitcoin privacy tools
-
m-relay
<aremor:matrix.org> Seth is king Monero recruiter. The statements about him are incredibly inaccurate.
-
m-relay
<monerobull:matrix.org> you say to check your website yet your website has a different reddit account on it than the one you are submitting with lol
-
m-relay
<real_glitch:matrix.org> king monero? who was that again?
-
m-relay
<shadowexchange:matrix.org> check again in 5 mins, clearing cache
-
m-relay
<shadowexchange:matrix.org> ShadowEXofficial is the new one.
-
m-relay
<shadowexchange:matrix.org> you see it on the contact page? you must of got a message from a different account that reddit banned after I made one post because we were on Tor.
-
m-relay
-
m-relay
<monerobull:matrix.org> or is that the banned one
-
m-relay
<shadowexchange:matrix.org> thats the banned one.
-
m-relay
<shadowexchange:matrix.org> ill repost it 5 mins.
-
m-relay
<monerobull:matrix.org> is mymonero gone for real`?
-
m-relay
<monerobull:matrix.org> is mymonero gone for real?
-
m-relay
<clarck__amberson:matrix.org> Didnt know that we have a King
-
m-relay
<clarck__amberson:matrix.org> Maybe that's why the monero church project got blocked
-
m-relay
<shadowexchange:matrix.org> Our exchange when we started earlier this year were based in Germany, we had to shut down for a month and half and came back online this week because of legal issues, but since then registered it to another jurisdiction in which we have no obligation to collect any information and operate as we were. We received an order to meet reporting standards or to shutdown back in May, so w<clipped message
-
m-relay
<shadowexchange:matrix.org> e just shutdown and relocated so we would be legally allowed to operate as we were before without bending to the will of those who want to destroy privacy. the fact 'suspicious' addresses that exchanges are suppose to flag is completely stupid, and only exists limit the spread of Crypto use, every single transaction on a public blockchain will always have been linked to what they <clipped message
-
m-relay
<shadowexchange:matrix.org> call 'suspicious' addresses if you go back far enough
-
m-relay
<real_glitch:matrix.org> apply for
kycnot.me list
-
m-relay
-
m-relay
<shadowexchange:matrix.org> already done from months ago, contacted him again few days ago after relaunch and he should be finally doing it.
-
m-relay
<real_glitch:matrix.org> sadly monero is just a shitcoin in the eyes of the super privacy focused proton foundation
-
m-relay
<shadowexchange:matrix.org> They accept it as payment
-
m-relay
<monerobull:matrix.org> no they dont
-
m-relay
<shadowexchange:matrix.org> Maybe im imagining haha, I swear I paid with monero for proton vpn, or must of been another vpn
-
m-relay
<monerobull:matrix.org> ivpn or mullvad
-
m-relay
<monerobull:matrix.org> proton has been actively ignoring monero for 7.5 years eventhough its one of the top voted proposals on their "the voice of proton community" forum
-
m-relay
<shadowexchange:matrix.org> ivpn I think
-
m-relay
<shadowexchange:matrix.org> its because they are 'privacy' focused as a marketing strategy, they do not really care about it
-
m-relay
<havenouser:monero.social> Proton must be private because they hold their customers private keys
-
m-relay
-
m-relay
<monerobull:matrix.org> lmao they removed lightning and coinjoin
-
m-relay
<real_glitch:matrix.org> ofrn jinxed it lol
-
m-relay
<nihilist:m.datura.network> yea, personally the lack of monero payments is a deal breaker for vpns, for me
-
m-relay
-
m-relay
<havenouser:monero.social> 11:50 Proton Mail
-
m-relay
<rottenwheel:kernal.eu> IVPN takes XMR directly and sponsors monerokon every year.
-
m-relay
<nihilist:m.datura.network> i didnt try ivpn, but mullvad fits my vpn criterias
-
m-relay
<nihilist:m.datura.network> i didnt try ivpn, but mullvad fits my vpn criterias too
-
m-relay
<royal:fools.chickenkiller.com> Anytime an alleged criminal has used the protonmail service the feds subpoena them and the crook gets arrested
-
m-relay
<real_glitch:matrix.org> most of them are not criminal
-
m-relay
<nihilist:m.datura.network> bro, literally any public, centralised, and for-profit company can be forced to comply to whatever the law enforcement demands
-
m-relay
<nihilist:m.datura.network> proton is no different
-
m-relay
<nihilist:m.datura.network> the question is only, did the user remain anonymous while using the service or not
-
m-relay
<real_glitch:matrix.org> thats the problem
-
m-relay
<real_glitch:matrix.org> they could have arrested trump's shooter if they wanted, he had his finger prints all over the place
-
plowsof
No logging(tm)
-
m-relay
<real_glitch:matrix.org> but as long as you want to use privacy tools simply for your personal privacy, they knock your door
-
m-relay
<nihilist:m.datura.network> if not, then LE will get them next
-
m-relay
<royal:fools.chickenkiller.com> Yeah of course this is what happens when you leave the encryption to a third party
-
m-relay
<havenouser:monero.social> Some people walk into a casino, believing that they could win
-
m-relay
<nihilist:m.datura.network> it's all a matter of implementing proper opsec, depending on the use of internet one wishes to have
blog.nihilism.network/servers/opsec4levels/index.html
-
m-relay
<real_glitch:matrix.org> thats why if your centralized, you should log least amount of data
-
m-relay
<real_glitch:matrix.org> like in mullvad you can buy subscription with monero without any kind of sign up req and using tor address of the website at that while keeping the service open source
-
m-relay
<royal:fools.chickenkiller.com> Yes Mullvad is a great example of how to implement privacy and security in a centralised environment
-
m-relay
<nihilist:m.datura.network> as a company there are a few things they can do if they truly care about their users' privacy (no logs / and allow anonymous traffic)
-
m-relay
<nihilist:m.datura.network> but that's not the point here, the point is, as a user, what are you doing to protect yourself from repercussions
-
m-relay
<nihilist:m.datura.network> if you use a service with your gmail account, and actually mention you live somewhere, and without keeping tor between you and the service, that service cannot be used anonymously, period
-
m-relay
<royal:fools.chickenkiller.com> Being completely anonymous online is next to impossible
-
m-relay
<real_glitch:matrix.org> i know but ease of use matters too
-
m-relay
<real_glitch:matrix.org> i want most amount of privacy with least amount of labor req for maintaining/learning and doing it
-
m-relay
<real_glitch:matrix.org> im okay with paying money as long as they accept something like monero that doesnt blow up my opsec
-
m-relay
<royal:fools.chickenkiller.com> If an adversary has enough money time resources skill ect they’ll find you eventually
-
m-relay
<real_glitch:matrix.org> every one has different char based on these two factors but in the end, the service that give users most of these two is the winner
-
m-relay
<nihilist:m.datura.network> it is definitely possible, if you implement the proper technology and behavior
blog.nihilism.network/servers/opsec/index.html, with proper internet use segmentation
blog.nihilism.network/servers/internetsegmentation/index.html
-
m-relay
<nihilist:m.datura.network> quit having this defeatist attitude, it doesnt lead anywhere
-
m-relay
<real_glitch:matrix.org> thats why we need to normalize it so it gets harder and more expensive to pinpoint people among the crowd
-
m-relay
<real_glitch:matrix.org> just like how tor use it(i know tor is not fully private)
-
m-relay
<nihilist:m.datura.network> anonymity in general is a much stricter practice than that of privacy, and opsec-wise it is more demanding, but no it's not impossible
-
m-relay
<real_glitch:matrix.org> either way im going to wait for protons response, if they promises to implement monero payments its fine but if not, i guess im gonna switch to tuta for now
-
m-relay
-
m-relay
<real_glitch:matrix.org> stackoverflow 2024 survey results are out
-
ofrnxmr
They ignored 6year old vote and recclently tweeted "not interested in shitcoins"
-
ofrnxmr
"either way im going to wait for protons response, if they promises to implement monero payments its fine" so.. dont hold your breath
-
ofrnxmr
"WHY YOU DONT USE MONERO INSTEAD???" Monero isnt some sort on panacea
-
ofrnxmr
Sure "use money" is better than most other solutions, but its far from fool proof
-
ofrnxmr
"Use monero*"
-
m-relay
<monerobull:matrix.org> they already responded
-
m-relay
<monerobull:matrix.org> they said monero is le scary crime coin aka the same argument the feds made when trying to ban regular citizens from using encryption aka the very thing their entire product is built on
-
m-relay
<monerobull:matrix.org> their twitter account also follows a bunch of btc maxis lol
-
ofrnxmr
^ right
-
ofrnxmr
Proxy store is the only "official" way to send them xmr for anything, and they also block signupsbover their onion unless you feed them another existing email addr
-
m-relay
<monerobull:matrix.org> turns out it was never about privacy
-
m-relay
<havenouser:monero.social> Proton is known for closing accounts when requested by feds. check video above
-
m-relay
<falcon8:matrix.org> monerobull, I read your reddit post
-
m-relay
<monerobull:matrix.org> yes?
-
m-relay
<falcon8:matrix.org> I don't think there is a vulnerability, tx fees should go higher in that case right ?
-
m-relay
<monerobull:matrix.org> no
-
m-relay
<monerobull:matrix.org> they should actually go down
-
m-relay
<monerobull:matrix.org> and they did
-
m-relay
<monerobull:matrix.org> your wallet should automatically select a higher fee level but that was bugged
-
m-relay
<falcon8:matrix.org> I mean if miners are constant and there's a lot of tx to be mined, tx fees should compete for higher right ?
-
m-relay
<falcon8:matrix.org> I mean I read the post in reddit but can't get the technical issue in there
-
m-relay
<nihilist:m.datura.network> people need to shift the blame target from the company, to their own opsec, that's something i don't see often enough
-
m-relay
<falcon8:matrix.org> anyone can help me out
-
m-relay
-
m-relay
<havenouser:monero.social> Proton is suspicious in itself, since they suggest false privacy
-
m-relay
<havenouser:monero.social> by creating and posessing the private key
-
m-relay
<nihilist:m.datura.network> yea serverside encryption is phallacy
-
m-relay
<havenouser:monero.social> you can not access the mail service via imap or pop3
-
m-relay
<falcon8:matrix.org> thnks
-
m-relay
<havenouser:monero.social> it is also very strange that discord is bein used for communication in the crypto space although it is proven spyware:
spyware.neocities.org/articles/discord
-
m-relay
<havenouser:monero.social> there were already great improvements in communication e.g. bitmessage
wiki.bitmessage.org
-
m-relay
<syntheticbird:monero.social> Discord is mainly used for public communiation and
-
m-relay
<syntheticbird:monero.social> community management (*Authoritarian tools*)
-
m-relay
<syntheticbird:monero.social> Also, Discord and Bitmessage are the most opposite messenger I could ever imagine myself
-
m-relay
<syntheticbird:monero.social> Bitmessage don't even support group chat
-
m-relay
<syntheticbird:monero.social> and was unmaintained
-
m-relay
<nihilist:m.datura.network> discord is a centralised, closed-source, chat service meant for mass-surveillance
-
m-relay
<syntheticbird:monero.social> It isn't an issue if it is public
-
m-relay
<nihilist:m.datura.network> and yea, in conclusion it's only usable for public use
-
m-relay
<nihilist:m.datura.network> and yea, in conclusion it's only suitable for public use
-
ofrnxmr
"monerobull, I read your reddit post" << sounds like nonsense to me tbh (the people taking credit)
-
ofrnxmr
" to our campaign namely Incognito," lol
-
m-relay
<havenouser:monero.social> it does have. called "subscriptions"
unixmen.com/wp-content/uploads/2013/07/Bitmessage_012.png
-
m-relay
<syntheticbird:monero.social> It hasn't changed. Really as *email-oriented* as I remember
-
m-relay
<jeffro256:monero.social> Depends on what you mean by "public", but I can't use it since it requests that I put in a telephone number
-
m-relay
<jeffro256:monero.social> Also all of its client code is closed source
-
m-relay
<syntheticbird:monero.social> Yes that is fair. I had to use juicysms
-
m-relay
<syntheticbird:monero.social> If it at least we could add SimpleX
-
m-relay
<nihilist:m.datura.network>
blog.nihilism.network/servers/opsec4levels/index.html different internet uses: public use (you're under surveillance), private use (you're not under surveillance), anonymous use (you're the same among other users, and cant be deanonymized), and sensitive use (actions that must remain secret at all costs)
-
m-relay
<real_glitch:matrix.org> thats the part tht i cant pass as well
-
m-relay
<real_glitch:matrix.org> im okay with email but phone number is meh(i used the web application)
-
m-relay
<syntheticbird:monero.social> For having made a discord account recently is impossible. If you don't have a residential IP you're screwed. Numbers will be invalid whatever you try, you can't change your email, captcha everywhere, you can't join servers or start discussions. Of course everything fail silently
-
m-relay
<real_glitch:matrix.org> whats your opinion on using simplex without any additional layer of protection like vpn,dns changer, sandboxing etc etc..
-
m-relay
<real_glitch:matrix.org> can it be used for sensitive data? or its anonymous and private?
-
m-relay
<syntheticbird:monero.social> 4 questions hold on
-
m-relay
<real_glitch:matrix.org> whats your opinion on using simplex without any additional layer of protection like vpn,dns changer, sandboxing etc etc..
-
m-relay
<real_glitch:matrix.org> does it fall under sensitive use case? or anon? or private? or maybe all?
-
m-relay
<real_glitch:matrix.org> thats why i came to matrix directly
-
m-relay
<syntheticbird:monero.social> > whats your opinion on using simplex without any additional layer of protection like vpn,dns changer, sandboxing etc etc..
-
m-relay
<syntheticbird:monero.social> I say it's fine, they have alternate routing. Just don't use it in clear if you don't want your ISP to know it
-
m-relay
<syntheticbird:monero.social> > can it be used for sensitive data?
-
m-relay
<syntheticbird:monero.social> Their messenger protocol is safer than Signal with more cryptographic properties accross the board. Everything post-quantum, even the key exchange (which isn't the case of Signal)
-
m-relay
<syntheticbird:monero.social> > or its anonymous
-
m-relay
<syntheticbird:monero.social> Completely anonymous, no ID whatsoever. For peopl to start talking with you, you have to create a one-time link. When they connect through that link they then initiate encrypted connection with you and you share your profile (name photo etc).
-
m-relay
<syntheticbird:monero.social> Same for group chats. You can also generate incognito profiles. Thats what almost everyone uses in Haveno-reto simpleX channel
-
m-relay
<syntheticbird:monero.social> and private?
-
m-relay
<syntheticbird:monero.social> Yes
-
m-relay
<real_glitch:matrix.org> i did install it on my system but its group chat was bit of a mess, but i use it for 1 to 1 conversations and it works fine
-
ofrnxmr
Group chats are really more like 1:1 chats
-
m-relay
<real_glitch:matrix.org> and about signal
-
m-relay
<real_glitch:matrix.org> i cant trust them after the drama tbh
-
ofrnxmr
You connect directly to most group participants
-
m-relay
<real_glitch:matrix.org> yeah but loading messages is slow, and some minor issues
-
m-relay
<real_glitch:matrix.org> in general it needs little bit of polishing to compete with signal or telegram UI/UX
-
ofrnxmr
The big + for simplex is not relying on default servers
-
m-relay
<syntheticbird:monero.social> I honestly lost track of Signal drama, all I know is that I can't propose SimpleX to my inner circle because they are already too dumb to use Signal
-
ofrnxmr
Loading msgs is slow, mostly over tor or when using ios
-
ofrnxmr
But not slow in general. The slow msgs are platform and network issues, not simplex issues. Signal is slow over tor too (bcuz of tor ddos)
-
ofrnxmr
(ban everyone for offtopic, kbye)
-
m-relay
<nihilist:m.datura.network> my analysis on simplex:
-
m-relay
<nihilist:m.datura.network> -it is open source (clientside+serverside): suitable for private use
-
m-relay
<nihilist:m.datura.network> -it can be used anonymously ? depends on the VM / host setup
-
m-relay
<nihilist:m.datura.network> -sensitive use ? depends on the VM / host setup
-
m-relay
<nihilist:m.datura.network> signal on the other hand, is not open source on the serverside
-
m-relay
<nihilist:m.datura.network> signal on the other hand, is not open source on the serverside, so i don't consider it suitable for private use
-
m-relay
<real_glitch:matrix.org> there was a critical part that no one paid attention to it iirc
-
m-relay
<real_glitch:matrix.org> when durov(telegram owner) bashed signal everyone defended signal for bein open source unlike telegram server side, audit by thousand blah blah
-
m-relay
<real_glitch:matrix.org> but the most important part was that:
-
m-relay
<real_glitch:matrix.org> durov said, for companies located in the US, they cant use custom Cryptography for their apps/products and US is so serious about this, now you can say that well its a mechanism to stop scammers and fake encryptions
-
m-relay
<real_glitch:matrix.org> but in telegrams situation, durovs brother custom made that their cryptography to use for encryption and its open source and audited as well in case you dont trust them(encryption wise but still its closed source server component)
-
m-relay
<syntheticbird:monero.social> I don't get why sensitive use would depend on the VM / host setup
-
m-relay
<nihilist:m.datura.network> sensitive use has the requirement where you need to have plausible deniability, so yea it depends on the vm / host setup
-
m-relay
<real_glitch:matrix.org> that was one of the main reasons telegram left the US as durovs claims
-
m-relay
<real_glitch:matrix.org> im not a cryptographer but i dont think this is a small matter when government decides what cryptography you want to use for your service, i mean, its obvious that they dont want to let people stay anon and private right?
-
m-relay
<real_glitch:matrix.org> this is something that i didnt see anyone mentions it, fanboys just shilling each other for being a honeypot
-
m-relay
<real_glitch:matrix.org> btw telgrams cryptography is made by durov's genius? mathematician brother iirc and as i said, its open source if you want to audit it yourself
-
m-relay
<syntheticbird:monero.social> 1. PQXDH is a custom scheme. yes they are using SHA and AES-256, but also Curve25519 which is not endorsed by NIST. I'm highly doubtful about this: US is so serious about this. I don't remember signal trying to obtain some sort of FIPS or whatever.
-
m-relay
<syntheticbird:monero.social> 2. durov brother are the most hypocritical pos, they sold their soul to putin and proposed an encryption scheme with several vulnerabilities and unknown variables. All of that being opt-in of course. Not later than 1 month ago someone shared on #monero-offtopic a post from a furry explaining all the issue with Telegram encryption. They are the first one to shit on other while stil<clipped messa
-
m-relay
<syntheticbird:monero.social> l giving server access to russia gov to *counter Terrorism*
-
m-relay
<real_glitch:matrix.org> that was one of the main reasons telegram left the US as durovs claims
-
m-relay
<real_glitch:matrix.org> im not a cryptographer but i dont think this is a small matter when government decides what cryptography you want to use for your service, i mean, its obvious that they dont want to let people stay anon and private right?
-
m-relay
<real_glitch:matrix.org> this is something that i didnt see anyone mention it, fanboys just shilling each other for being a honeypot
-
m-relay
<syntheticbird:monero.social> thx for summarizing
-
m-relay
<syntheticbird:monero.social> oh mb forgot about Kyber. Signal is using Kyber, which is endorsed by the NIST
-
m-relay
<syntheticbird:monero.social> I may be a little harsh with durov but honestly every telegram shillers out there are praising a honeypot. I remember back in the day when they were saying to be *safer because we use SHA-512 instead of SHA-256*
-
m-relay
<syntheticbird:monero.social> and other non sense. They are the same one willing to change from AES to GHOST because its russia certified
-
m-relay
<syntheticbird:monero.social> GOST*
-
m-relay
<real_glitch:matrix.org> they didnt give server access to russia thats a russian version of telegram which durov owned before running away from russia to the US
-
m-relay
<real_glitch:matrix.org> and i does this furry have any kind of verified team-company-cryptographer to do this audit officially or its another signal fan myth?
-
m-relay
<real_glitch:matrix.org> im not a cryptographer and i dont know how curve25519 and kyber works
-
m-relay
<real_glitch:matrix.org> but can you use custom maid cryptography which is open source and audited and approved by several reputable security researchers?
-
m-relay
<real_glitch:matrix.org> as a US based company
-
m-relay
<syntheticbird:monero.social> Ah alright nice to know that.
-
m-relay
<syntheticbird:monero.social> He was a cryptographer if I recall correctly yes. I can't find it right now, so yeah septicism is appreciated.
-
m-relay
<syntheticbird:monero.social> There are absolutely no constraints on US based company to use whatever encryption scheme they want, the issue is when they want to obtain some security certifications. Signal isn't interested by that since their audits and protocol clarity speak for itself
-
m-relay
<real_glitch:matrix.org> and NIST should be one of the US governments departments or related agencies right?
-
m-relay
<real_glitch:matrix.org> did they found any kind of loophole in the cryptogrphy itself?
-
m-relay
<syntheticbird:monero.social> the NIST is american agency defining technological standard, which include cryptograpic algorithm that are deemed secure and on which industry certification is based on.
-
m-relay
<real_glitch:matrix.org> well on paper yes
-
m-relay
<real_glitch:matrix.org> but do we have any kind of living example? that was the whole drama about, telegram said you cant, signal said we can if we want to
-
m-relay
<syntheticbird:monero.social> the NIST do not make any audits of external protocol
-
m-relay
<real_glitch:matrix.org> how do they know its flawed?
-
m-relay
<real_glitch:matrix.org> shouldnt you break it first before any claim that downplay the cryptography?
-
m-relay
<syntheticbird:monero.social> Honestly I don't really know at this point. I should look more into it. This seems very weird
-
m-relay
<syntheticbird:monero.social> wdym?
-
m-relay
<real_glitch:matrix.org> the problem is, this NIST doesnt approve the PQXDH scheme made by durov brothers right?
-
m-relay
<real_glitch:matrix.org> why is that? it doesnt have any kind of exploitable flaw AFAIK
-
m-relay
<real_glitch:matrix.org> while being open source for external audits by third parties
-
m-relay
<syntheticbird:monero.social> wow. what. PQXDH is the encryption scheme cooked up by Signal not durov
-
m-relay
<syntheticbird:monero.social> also I said earlier NIST do not make any audit.. Their job is to sit on a table and make tournaments in which they elect which encryption algorithm is going to secure the United States.
-
m-relay
<syntheticbird:monero.social> And on which industry certification will be based on
-
m-relay
<syntheticbird:monero.social> They aren't paid to audit and verify new cooked up encryption schemes. There is too much for that
-
m-relay
<rucknium:monero.social> #monero-offtopic:monero.social
-
m-relay
<real_glitch:matrix.org> the problem is, this NIST doesnt approve the telegrams encryption scheme made by durov brothers right?
-
m-relay
<real_glitch:matrix.org> why is that? it doesnt have any kind of exploitable flaw AFAIK
-
m-relay
<real_glitch:matrix.org> i mean telgrams scheme
-
m-relay
<nihilist:m.datura.network> sorry if i missed the discussion on the black marble attack:
antidark.net/board/viewtopic.php?t=10
-
m-relay
<nihilist:m.datura.network> any idea on how to solve that issue ?
-
m-relay
<nihilist:m.datura.network> the attackers supposedly revealed how they were doing it
-
m-relay
<nihilist:m.datura.network> ```
-
m-relay
<nihilist:m.datura.network> All you had to do was use the official RPC to create ~200,000 accounts per wallet. Create 2 or 3 wallets each with 200K accounts. Start depositing money to each of these accounts in very small amounts. Wait some hours to have all of them verified.
-
m-relay
<nihilist:m.datura.network> Randomize sweeping the accounts or taking out a percentage from each account. Within a couple of minutes of doing that from multiple wallets and multiple accounts the Monero blockchain will clog up. Job done.
-
m-relay
<nihilist:m.datura.network> ```
-
m-relay
<nihilist:m.datura.network> ```
-
m-relay
<nihilist:m.datura.network> All you had to do was use the official RPC to create ~200,000 accounts per wallet. Create 2 or 3 wallets each with 200K accounts. Start depositing money to each of these accounts in very small amounts. Wait some hours to have all of them verified.
-
m-relay
<nihilist:m.datura.network> Randomize sweeping the accounts or taking out a percentage from each account. Within a couple of minutes of doing that from multiple wallets and multiple accounts the Monero blockchain will clog up. Job done.
-
m-relay
<nihilist:m.datura.network> ```
-
m-relay
<nihilist:m.datura.network> > All you had to do was use the official RPC to create ~200,000 accounts per wallet. Create 2 or 3 wallets each with 200K accounts. Start depositing money to each of these accounts in very small amounts. Wait some hours to have all of them verified.
-
m-relay
<nihilist:m.datura.network> > Randomize sweeping the accounts or taking out a percentage from each account. Within a couple of minutes of doing that from multiple wallets and multiple accounts the Monero blockchain will clog up. Job done.
-
m-relay
<nihilist:m.datura.network>
links.hackliberty.org/post/2209654 some discussion on the same topic here, and supposedly one of the "antidarknet" admins responded
-
m-relay
<nihilist:m.datura.network>
links.hackliberty.org/post/2209654 some discussion on the same topic here, and supposedly one of the "antidarknet" admins responded with more details
-
m-relay
<nihilist:m.datura.network>
links.hackliberty.org/post/2209654 discussion on the same topic here, and supposedly one of the "antidarknet" admins responded with more details
-
m-relay
<aremor:matrix.org> What issue?
-
m-relay
<aremor:matrix.org> Their “Results” section said nothing about Monero
-
m-relay
<nihilist:m.datura.network> well, the black marble attack, like i was mentionning
-
m-relay
<nihilist:m.datura.network> you're saying it's not a problem ?
-
sech1
It wasn't a black marble attack, and they themselves mention it
-
m-relay
<aremor:matrix.org> They don’t mention that anything Monero related was accomplished due to the txs. Only that Monero was used as a tool. But Monero was not the target
-
m-relay
<aremor:matrix.org> Monero mostly worked. So what issue?
-
m-relay
<real_glitch:matrix.org> they wasted that amount of money for no gains lol
-
m-relay
<real_glitch:matrix.org> just donate it to ofrnxmr to take over the world
-
m-relay
<monerobull:matrix.org> They just stole XMR
-
m-relay
<monerobull:matrix.org> By trolling the withdrawal functions of badly coded markets
-
m-relay
<monerobull:matrix.org> Aka they are criminals who stole 300k in xmr from other criminals
-
m-relay
<monerobull:matrix.org> They act like noble fighters against CSAM but in reality this was just for profit
-
ofrnxmr
"they wasted that amount of money for no gains lol" 100
-
ofrnxmr
They didnt screw up anybodies tx
-
ofrnxmr
For the first few days, tx might have been delayed a couple hours. After that, every wallet updated and tx were confirming in minutes again
-
ofrnxmr
No tx were dropped. No tx were purged. If they broke a wallet" its more likely that they broke it another way that i wont comment on
-
m-relay
<monerobull:matrix.org> they made money
-
m-relay
<321bob321:monero.social> I dont think it clogged the blockchain
-
m-relay
<rbrunner7:monero.social> The key sentence from that post how they managed to end up with XMR for about USD 300'000:
-
m-relay
<rbrunner7:monero.social> > Creating an account and depositing then withdrawing while spamming Monero network resulted in getting multiple times the same amount over and over.
-
m-relay
<rbrunner7:monero.social> That sounds ... strange. Even stranger if more than a single site was exploitable this way. Well, could be they used the same base software, of course, but still. And how do you even detect something like that? By accident?
-
m-relay
<monerobull:matrix.org> by looking for it
-
m-relay
<monerobull:matrix.org> they were basically doing pentesting
-
m-relay
<preland:monero.social> Did they prove that they actually did it yet?
-
m-relay
<rbrunner7:monero.social> Maybe. I am just at a loss right now to imagine which way round you have to program your XMR managing software wrongly so that this happens. If it does not confirm in 10 minutes just send again? Come on ...
-
m-relay
<preland:monero.social> Until then I’m considering their whole “antidark” theory an elaborate (and kinda twisted tbh) way to rugpull/cover up mismanaged donations to their group
-
m-relay
<monerobull:matrix.org> no
-
m-relay
<preland:monero.social> The message itself (which granted is probably just a clueless admin putting a front for it all) seems off too
-
m-relay
<preland:monero.social> It could’ve been the opposite problem; it attempts to resend too often
-
m-relay
<monerobull:matrix.org> more likely it's "click withdraw" "check if funds are in wallet / if they have been withdrawn in the last 10 blocks" "send funds"
-
m-relay
<monerobull:matrix.org> or just literally a ~10 block countdown on the withdraw function, not considering any pendingn transactions
-
m-relay
<monerobull:matrix.org> archetype wasn't exploited and they are pretty top tier in terms of tech / features
-
m-relay
<monerobull:matrix.org> so i wouldnt be surprised if this only worked because other markets had crappy template software / their own bad implementations
-
m-relay
<monerobull:matrix.org> we know that there is DNM template software because one of them made a monero.town community
-
m-relay
<preland:monero.social> I thought of an interesting idea a bit ago—say a node receives a transaction and then puts it in mem_pool. If another node receives the same transaction (or a transaction that would become invalid once the other transaction is put in a block), can they tell that the transaction is invalid/malicious?
-
m-relay
<rbrunner7:monero.social> monerobull: Yeah, that's at least a marginally plausible way how the software could work in a brain-dead way to have this result
-
m-relay
<preland:monero.social> Asking because if that is the case, then 1. The people claiming that Monero transactions are “effectively instant” due to mem_pool need to stop, cuz that is….very dangerous; and more pertinently 2. This creates a strong incentive to flood the network if too many merchants use mem_pool to verify stuff
-
m-relay
<monerobull:matrix.org> only if they previously received the first tx
-
m-relay
<preland:monero.social> Hmm, well that also throws a wrench in my idea for easy and secure local transactions
-
m-relay
<monerobull:matrix.org> you can game in-person transfers with a lot of effort if you are connected to the vendors local node
-
m-relay
<monerobull:matrix.org> but if the vendor uses their local node only for themselves, they can assume a tx will go through once their node has received it
-
m-relay
<preland:monero.social> Basically you’d have a low-powered wallet device with no networking capabilities outside of a memory-safe NFC protocol. The “register” at the location would be a node. The node would send the transaction info (ie how much to send) to the wallet via NFC (or usb idk/c) and the wallet would generate the transaction (after the owner verifies the info is correct). The transaction<clipped message>
-
m-relay
<preland:monero.social> is sent to the register, which will then put it on the blockchain
-
m-relay
<preland:monero.social> That system would be nice, but if what you say is true then a bad actor could go to one store, pay, quickly go to another, pay, and keep doing so until the first transaction gets added. The worse the flood, the worse it gets
-
m-relay
<preland:monero.social> Basically each transaction would be like a “check”, which the vendor would then “cash in” by putting it on the blockchain
-
m-relay
<preland:monero.social> But then chaining transactions like that would result in some checks being “bounced”
-
m-relay
<monerobull:matrix.org> no thats not how it works
-
m-relay
<rucknium:monero.social> > go to one store, pay, quickly go to another, pay
-
m-relay
<rucknium:monero.social> The attack couldn't work like this. Transactions propagate throughout the network too quickly. The correct attack method would be to send the spent output to oneself at the exact same time as the payment at the store.
-
m-relay
<monerobull:matrix.org> the second stores node would see it in mempool and not allow it
-
m-relay
<monerobull:matrix.org> this really only works with submitting transactions within seconds
-
m-relay
<preland:monero.social> Ok that was what I was asking before
-
m-relay
<preland:monero.social> Phew
-
m-relay
<monerobull:matrix.org> it also only works with zero conf, one conf and the vendor is basically 100% safe
-
m-relay
<preland:monero.social> So long as nodes can verify that a given transaction is invalid due to mem_pool’s status alone, it should work (at least better than before)
-
m-relay
<preland:monero.social> Yeah
-
m-relay
<monerobull:matrix.org> i know, reorgs are a thing but unlikely
-
m-relay
<monerobull:matrix.org> basically how zero conf trickery works is you connect to the vendors node but also to some really well connected node like a mining pool
-
m-relay
<monerobull:matrix.org> then you send the vendor their payment and also right before that send to the mining pool node
-
m-relay
<jeffro256:monero.social> 0-conf doesn't work as well as it should in Monero at the moment since double spend notifications aren't propogated AFAIK
-
m-relay
<jeffro256:monero.social> Thinking about making a PR for that sometime when I get time
-
m-relay
<monerobull:matrix.org> the vendor might accept the payment but the transaction will actually fail
-
m-relay
<monerobull:matrix.org> you just gotta get out of there quickly and not show your face again haha
-
m-relay
<monerobull:matrix.org> I've heard that there were actually some failed payments during monerokon
-
m-relay
<jeffro256:monero.social> What kind of failure? Did the payment processors see it come in and then leave?
-
m-relay
<monerobull:matrix.org> not malicious but on accident
-
m-relay
<monerobull:matrix.org> no i think its more likely that people tried to send but had bad internet or something and it never went through
-
m-relay
<jeffro256:monero.social> ah
-
m-relay
<monerobull:matrix.org> i know that the bar didnt pay too close attention on if they actually received the coins
-
m-relay
<monerobull:matrix.org> i definitely was given a beer once before the btcpay confirmed the payment
-
m-relay
<preland:monero.social> Let’s face it: most people will never go for a 2 minute wait before paying for something irl (unless it’s something *big*)
-
m-relay
<preland:monero.social> Hmm
-
m-relay
<preland:monero.social> Never thought about that: do debit/credit cards actually do any processing on-card, or is it just a “””simple””” encrypted data retrieval
-
m-relay
<jeffro256:monero.social> when you swipe your card it isn't even encrypted data retreival. the scanner just sees the all the details printed on your card
-
sech1
That's old cards
-
sech1
New ones use NFC chip
-
m-relay
<jeffro256:monero.social> Mine's a "new" card with NFC, but it also has the insertable chip and the swipe band. Does the swipe band still work the same today?
-
m-relay
<jeffro256:monero.social> It can't do any processing regardless of whether it's "encrypted" on the mag stripe, so I'd imagine as long as you store that stripe data persistently, it probably acts as a permanent spend access to your account
-
vthor
chip/nfc/magnet stripe are different, magnet has no security at all, and cannot use in most EU anymore, in latin america still work (I think most countries), chip as far I remember is signing the transaction, while nfc has more or less the data of the magnetic strip but only used for low transactions think was up to EUR30, but all system are not secure at all. That is only what I remember (is now a pretty while that I last read about, so not sure if it
-
vthor
is 100% correct, only vanishing memories)
-
vthor
preland: "Basically each transaction would be like a “check”, which the vendor would then “cash in” by putting it on the blockchain" <= cool you are thinking about the same thing :)
-
revuoxmr
Revuo Monero Issue 204 - July 18 - 25, 2024.
revuo-xmr.com/weekly/issue-204
-
nioCat
just catching up again, some of which I just scrolled thru
-
m-relay
<321bob321:monero.social> Nooooo
-
m-relay
<321bob321:monero.social> Tldr?
-
nioCat
"he doesnt give a single fuck about freedom nor privacy or any other right-wing movement" <<>> can confirm that he does
-
nioCat
also freedom and privacy is not a right-wing movement, everybody is here :)
-
nioCat
now please pump, I have families all across the world to take care of. Thx
-
m-relay
<321bob321:monero.social> Sith lord does free monero outreach
-
revuoxmr
Revuo Monero Issue 204: July 18 - 25, 2024.
revuo-xmr.com/weekly/issue-204
-
ofrnxmr
Monero doesnt have rbf
-
ofrnxmr
The only way, afaik, rebroadcast a spent tx, is to sybil the receiving node and then rebroadcast to a well connected node
-
m-relay
<jeffro256:monero.social> or wait 3 days
-
ofrnxmr
0 conf is, afaik, only dangerous if the sender and receiver are both connected to a node that cannot propagate transactions
-
ofrnxmr
Waiting 3 days involved tx taking longer than 3 days to confirm (or tx that were reorged and unable to confirm for reasons i dont remember)
-
m-relay
<dave.jp:matrix.org> How easy is it to find which node merchant is connected to ?
-
ofrnxmr
But under the attack, i dont think we ever had 3 day long backlogs
-
m-relay
<dave.jp:matrix.org> How easy is it to find which node a merchant is connected to ?
-
ofrnxmr
Xmrbazaar was uaing sethforprivacy's rofl
-
ofrnxmr
Bitcart uses seths too
-
ofrnxmr
Same as if everyone uses cakes and cake flushed their txpool during updates
-
m-relay
<jeffro256:monero.social> It's more dangerous than it needs to be since nodes do not propagate double spend notifications, they silently drop them. Ideally, nodes should propagate proofs of double spends to their peers so that every single node on the network can mark txs with certain key images as "attempted double spend"
-
m-relay
<dave.jp:matrix.org> So it can be targeted for 0conf attacks
-
ofrnxmr
Yea
-
m-relay
<dave.jp:matrix.org> If the other tx is mined, does the node drop this attacker tx ?
-
ofrnxmr
If sender and receiver are using different nodes, its not a problem from what i can tell
-
m-relay
<jeffro256:monero.social> ofrnxmr: It IS a problem since nodes may not perceive that a double spend attempt is happening even if 90% of the rest of the network has a different tx for the double spend
-
m-relay
<jeffro256:monero.social> Ideally, you would want a notification to cancel a merchant order as fast as possible in the case of a double spend attempt
-
m-relay
<dave.jp:matrix.org> What about if it’s already mined ? Of the node forks off and rejects those blocks
-
m-relay
<dave.jp:matrix.org> What about if it’s already mined ? Does the node forks off and rejects those blocks
-
ofrnxmr
"Ideally, you would want a notification to cancel a merchant order as fast as possible in the case of a double spend attempt" gotcha
-
m-relay
<jeffro256:monero.social> dave.jp: IIRC the node will keep the transaction in the mempool for a few days in case of a reorg
-
m-relay
<jeffro256:monero.social> The node doesn't fork off from the network though
-
m-relay
<dave.jp:matrix.org> Shouldn’t it drop it immediately?
-
m-relay
<jeffro256:monero.social> Not necessarily. There might be a reorg that contains *their* double spend tx
-
m-relay
<dave.jp:matrix.org> The reorg would have that txs mined if it was legit ?
-
ofrnxmr
For the double spend, id have to sybil my own (mining) node and rebroadcast it there, yea?
-
ofrnxmr
To avoid my node rejecting my tx
-
m-relay
<nononynous:monero.social> From "black marble attack" to "I sent a lot of transactions" lol
-
m-relay
<jeffro256:monero.social> Well it doesn't *have* to, but it could. What *can't* happen is both of them be on the chain
-
ofrnxmr
Black marble attack = they jist read ruckniuns analysis and decided to ride the bandwagon
-
m-relay
<dave.jp:matrix.org> So let’s keep it in mempool for 10 blocks instead of 2 days ?
-
m-relay
<dave.jp:matrix.org> What’s the max block a reorg is allowed?
-
m-relay
<nononynous:monero.social> Btw domain name infos are really interesting because it's the same provider that "HavenoMain" used
-
ofrnxmr
Im not really sure who reorged tx dont confirm later?
-
ofrnxmr
Why*
-
m-relay
<preland:monero.social> Hmmmmmmmm
-
ofrnxmr
Its a bit weird to send a tx, have it reorged, rhen the $ is just stuck for 3 days?
-
m-relay
<preland:monero.social> Yeah that’s a bit weird
-
m-relay
<jeffro256:monero.social> infinite
-
ofrnxmr
Yeah, i caused a 200+block reorg on stressnet
-
m-relay
<preland:monero.social> Also shame abt the debit/credit card thing from a few hrs ago; also very scary lol
-
m-relay
<preland:monero.social> Cheese and crackers
-
m-relay
<preland:monero.social> 400+ minutes of work, evaporated
-
m-relay
<dave.jp:matrix.org> Scary
-
m-relay
<preland:monero.social> Or reorged*
-
m-relay
<jeffro256:monero.social> Well actually technically not infinite if your node has block checkpoints enabled, which most nodes have *on* by default. Technically speaking, the nodes with block checkpoints enabled is a soft fork of the network where block checkpoints aren't enabled, but the probability of there being a reorg that deep is very low
-
m-relay
<preland:monero.social> I’m trying to think about the ramifications of that happening on mainnet, with there being more services using xmr….
-
m-relay
<jeffro256:monero.social> There's an argument to be had that once PoW has confirmed the transaction, you should drop the other double spend version from your mempool
-
ofrnxmr
"but the probability of there being a reorg that deep is very low"
-
ofrnxmr
Of you have 51% of hr it was actually really easy
-
m-relay
<jeffro256:monero.social> Yes
-
m-relay
<preland:monero.social> I wonder what the probability would be given a certain percentage of hashrate
-
m-relay
<preland:monero.social> Well yeah if you can 51% the network everything kinda breaks
-
ofrnxmr
i only had just around 50% of hr
-
m-relay
<jeffro256:monero.social> Well idk about "very easy", but possible do perform reliably over a long enough span of time
-
ofrnxmr
it was 8hrs or so in my sleep
-
m-relay
<preland:monero.social> Wait when were you 51%ing the network
-
ofrnxmr
Stressnet
-
m-relay
<preland:monero.social> Were you the reason that the network kept getting reorged a few weeks back
-
ofrnxmr
No
-
m-relay
<preland:monero.social> I remember it was getting reorged almost constantly then
-
m-relay
<preland:monero.social> My poor little ryzen mobile chip mined a block, was 10 blocks deep, then got lost after a reorged
-
m-relay
<rucknium:monero.social> preland: A mainnet block? A 10 block re-org on Monero mainnet would be unprecedented AFAIK.
-
m-relay
<preland:monero.social> No on stressnet
-
m-relay
<preland:monero.social> This was a few weeks ago
-
m-relay
<preland:monero.social> Or maybe over a month ago, idk I’m a bit bad with time
-
m-relay
<rucknium:monero.social> AFAIK, the main reason there were deep re-orgs on stressnet was nodes getting stuck because of bugs that have been patched on stressnet now. Some of the patches were band-aids, but they work enough for stressnet.
-
m-relay
<rucknium:monero.social> jeffro256: Are you thinking about implementing something like BCH double-spend proofs?
-
m-relay
<jeffro256:monero.social> Didn't know those existed before now, but yes that's exactly the idea
-
m-relay
<jeffro256:monero.social> Should be simpler on Monero since we don't have scripts
-
m-relay
<rucknium:monero.social> BCH developers have done a lot on 0-conf. Could be worth looking at. They have newer Zero conf escrow I think.
-
m-relay
-
m-relay
<rucknium:monero.social> May need some scripting.
-
m-relay
<jeffro256:monero.social> Will do! DSPs are exactly what we would need for robust double spend detection in the real world
-
m-relay
<jeffro256:monero.social> The 10-block-lock also means we don't have to worry about mempool tx chaining, which is nice for devs ;)
-
m-relay
<r4v3r23:monero.social> tldr on this>
-
m-relay
<r4v3r23:monero.social> tldr on this?
-
m-relay
<rucknium:monero.social> r4v3r23: BCH has a way to notify of an attempted double spend in the mempool. It makes zero-conf txs safer. Supposed to, at least.
-
m-relay
<frog_legs:matrix.org> I don't understand why Edward Snowden doesn't like monero. On paper you would think they go together good. He blew the whistle bc americans and other countries citizens where getting spied on and bc he believed in privacy . But he be promoting zcash while as far I know they had pre mined.
-
vthor
snowden is anyway a statist, he is only again a too dystopian government but not against gov at all, no wonder with his family background...
-
vthor
IMO he would not even be a minarchist... Respect for what he did, but he went not down the rabbit hole deep enough...