00:11:00 Something should be done to use Tor easier and having the possibility to be a full Tor public node 00:11:34 Because right now people doing proxy + tx-proxy still uses clearnet 00:12:26 Theres probably a latency difference with the clearnet but thats only a problem for miners which they probably only use clearnet already 00:14:09 Best could be launching monerod with the controlport of Tor to use: 00:14:10 a proxy (for transactions) 00:14:12 an hidden-service (the client RPC) + an other one (for the P2P interface) 00:31:04 A simple node manager, get everyone running local node + proxy with a few clicks is the need of the hour 00:31:06 We have gupax p2poop mining gui , but we don’t have one for node 😂 00:33:18 Sometimes I feel, simple things are left as it is to for now reason but like having loopholes 00:33:33 Sometimes I feel, simple things are left as it is to for no reason but like having loopholes 00:41:02 man, using that p2p exchange was such a breeze. whats the name of it now.... crap i forget. the first one that had btc <-> xmr 00:41:39 anyway, it had all the tor stuff just built in. Like, it just did all the connecting for you and then got the bitcoin information you needed or whatever and did it all over tor, without me having to do tor stuff 00:42:20 to me, that could be a pinnacle of the monero gui 00:42:37 bisq. there it is. good work brain 00:43:44 Bisq? Never heard of if 00:44:26 Android termux node and monerosuite are the best solutions atm 00:44:28 Haveno is based on Bisq code 😅 00:44:54 Android termux node's "tor" setup does 100% tor 00:45:16 Whats bisq? Is bisq a spoon of haveno? 00:45:32 haveno-reto.com - ive been using this for years 00:45:35 Yes 00:45:52 Bisq must be some new shitcoin exchange 00:46:19 ugh why am i getting this in your quotes "Unable to load event that was replied to, it either does not exist or you do not have permission to view it." 00:46:25 https://bisq.network 00:46:36 like, whatever you are quoting i don't see it. i just see the "unable to load" 00:46:45 ew 00:46:53 Haveno-reto.com 00:46:58 ?? 00:47:02 ?? 00:47:06 ewwww Java 00:47:11 yeah just seein that message 00:47:16 Bisq currently has more liquidity 00:47:48 I prefer my monero to be a solid or gas 00:48:02 Liquid is centralized 00:48:24 Anyways, node manager gui is a must 00:48:45 Have you tried android monero termux node 00:48:50 I guess you have taken a pill, take some rest 00:49:11 And orange pill 00:49:14 I don’t have a spare android device 00:49:19 nah, even a node manager is too much. just need it to Just Work 00:49:52 Monerosuite.org 00:49:57 Maybe the dev who made gupax can code something out 00:50:05 Nodes are some play thing, run once and leave it alone 00:50:12 Arent* 00:50:37 Is it plug and play ? Easy for noobs to get it running with a few clicks? 00:50:58 Yes 00:51:25 Works on windows ? macOS ? 00:52:30 Its docker based 00:52:41 i dont uae windows or mac - couldnt tell ya 00:52:58 And if you run windows. You should just buy monero like a normie 00:53:05 So rules out majority of users 00:53:13 Leave the servers to the server os 00:53:17 Good 00:53:33 Consumers dont need to run servers 00:53:36 I need node to use monero, not buy 00:53:44 No you dont 00:53:54 You can use a trusted onion/i2p node 00:54:05 They need to, if you are paying for a service which fed operates 00:54:19 You just have to know somebody who isnt a windows pleb 00:54:24 Or use monero-gui 00:54:26 Moneroworld was trusted 00:54:38 No it wasnt 00:54:53 Its, for years, pointed to who the fkkn"oiws 00:54:58 lol getmonero.org had it all over 00:55:07 And gingeropolous even warns ppl NOT to use xmrchain 00:55:22 Plebs don’t know what’s trusted or not, they just use google 00:55:47 Trusted means.. drumroll... someone you trust 00:56:02 If they can’t find a simple 2-3 step solution to run a node , they will end up with a fucked up node 00:56:04 Windows users use windows, telemetry on 00:56:28 they have bigger issues than chainalysis 00:56:32 Yah bill knows what you are typing every single character 00:56:34 what's wrong with xmrchain? 00:56:49 who is behind xmrchain? 00:57:05 considering people throw there txid and sometime even verify transactions on there... 00:57:10 So let’s remove windows and macOSs. builds from getmonero , make it 100 geek only coin 00:57:18 Gingeropolous 00:57:26 Same person who runs moneroworld 00:57:28 Or just change monero slogan to privacy only for a few 00:57:51 So let’s remove windows and macOSs. builds from getmonero , make it 100% geek only coin 00:58:02 Privacy is only as good as the person using it 00:58:07 Ppl use mymonero on windows 00:58:30 Ppl use browser wallets 00:58:33 Ppl email their seeds using gmail / drive 00:58:34 Mymonero is fucking listed on getmonero 00:58:36 ginger fed? 00:58:38 Luigi even uses gmail 00:58:40 Remove that first 00:58:47 Getmonero feels like a honeypot 00:58:48 and windows 00:58:58 Edge too 00:59:08 And got "hacked" for 400k 00:59:11 Yes 00:59:32 Used Ssh password instead of keys as well 00:59:55 Its on cloudflare too 01:00:20 Anyways give them tools, don’t exclude them; going back to my cave 01:00:22 https://github.com/monero-project/meta/blob/master/SERVER_SETUP_HARDENING.md outdated 01:00:24 ❤️ we have the bestest xore team 01:01:23 will open a CCS for spreading OPSEC and hardening Guides 01:01:35 💀 01:02:13 actions speak louder than ccs proposals text 01:02:30 We have bigger problems than a website 01:02:46 Monero p2p traffic can be blocked at isp lvl extremely easily 01:02:53 best monero funding spent, just watch 01:03:03 We dont support duplex connections over anonymity networks 01:03:27 Sure sure 01:04:00 Youve been here how long? and youve changed nothing. Doesnt take a ccs to make a pull request 01:04:04 literaly a 2 minutes job after they receive the order 01:04:07 Writing guides doesnt get work done 01:04:17 Reading privacyguides doesnt get work done 01:04:48 it does in the long run, trust 01:04:52 Want servers hardened? Then go harden them 01:05:02 🚮 01:05:08 I trust actions 01:05:37 Not ccs proposals for "pay me to lecture" 01:06:03 Acting like we dont have extremely capable people here already 01:06:04 bruh wtf you saying lmao 01:06:15 Guides dont defeat politics either 01:06:40 Im saying making a ccs proposal to find a guide is just preaching to the choir 01:06:49 Or rather, to empty seats 01:07:11 https://monero.observer/moneroguides-completes-getting-to-grips-with-monero-ccs-proposal/ 01:07:14 gm sir 01:07:17 Fluffy isnt here 01:07:32 Moneroguides are trash 01:07:39 No offence 01:08:10 But their guides are poorly written / full of inconsistencies and bad info. I didnt click the link, just saw the name 01:08:26 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/wpeYaBYqxsRPvPGVyUIYUdjY 01:09:33 And they didnt even mention tgat p2pool os expensive and spams the chain as a result of creating tons of dust outputs 01:10:02 their node guides were full of bad info too 01:10:24 Getting paid to score 70 on a knowledge test is a larp 01:10:45 Monerosuite.org >>> whatever stupid guide they wrote 01:11:36 and again, not trying to be offensive, but i'm the one who has to correct all of the poor quality guides 01:12:36 Its like.. obvious that the ool writing these guides don't actually use the info regularly 01:12:53 Like writing a tor guide when you dont use tor 01:13:12 And if you run windows. You should just buy monero like a normie <<>> they don't let me buy like a noemie 01:14:19 Feather comes with onion nodes 01:14:53 (and tor) 02:02:19 First time I heard p2pool bad 😮 02:02:24 Tell me more! 02:05:28 isn't fcmp gonna help with p2pool consolidation (smaller tx size, less fee)? 02:05:30 the dust is an issue, yes... but don't think it can be solved unless solo mining becomes viable 02:05:53 isn't fcmp gonna help with p2pool consolidation (smaller tx size for more inputs, thus less fee)? 02:05:54 the dust is an issue, yes... but don't think it can be solved unless solo mining becomes viable 03:16:11 Solo mining is viable.. 03:17:44 Pool mining is a joke / scam for small/med miners 03:23:19 Why do you think large miners mine on a pool, when they can hit blocks solo? 03:23:20 its because they make more xmr due to taking advantage of small who (reportedly) donate their solo blocks 03:31:48 Small miners on p2pool are the dumbest of the bunch 03:33:06 Mining on p2pool mini gets you anywhere from 20-80% of the earnings that youd make solomining. Only benefit of p2pool for small miners is being paid 0.0002xmr within days of starting 03:33:44 Essentially having big miners offer you peanuts in exchange for your entire blocks if you hit one (which you will) 03:38:11 If it takes you 1 yr to find a block (according to calc), that is 1 year _on average_. Acounting for fees, it would take 15months accumulate 1 block via p2pool mini for a small miner. 03:38:12 Its very likely that you will hit a block _before_ 15months. Of course there is a chance that you have 400% effort (and takes 4 years to hit a block), 50% of the time, blocks are found with less than 100% effort. 03:38:14 solomining is the best way to mine for a user with low hashrates 03:39:27 users with large hashrates benefit from pool mining due to having small miners donate their blocks to them 04:11:58 We don't resell hetzner anymore since a few months. We have our own virtualization stack on dedicated servers from different providers ( depending on location). We still resell hetzner for arm and cloud-server. 04:13:15 Cool, good to know 04:45:28 Are they? 04:45:44 Has ginger commented on the chainanal stuff 04:46:28 Could the block explorer somehow be backdoored so if the first link you opened was a specific transaction it'll assume your IP made that transaction 😮 05:22:14 never been a fan of pool mining, solo mined 3 blocks using the GUI 08:27:52 hey guys! Am i alone who struggles with reddit ban? just created community, posted nothing and banned next day... 08:31:20 quickex if you registered using tor that'll get you shadowbanned 08:32:03 in these situations i would love to recommend monero.town but that can't be accessed currently with tor 08:32:39 bcs ddos from exit nodes crashes the lemmy frontend 08:33:35 all you have to do is employ a team of sysadmins... maybe an onion load balancer and some mods to lemmy omgggg 08:34:33 \/s ^ is there an opportunity for the community to fund a bounty of sorts to help the effort monerobull? 08:35:32 onion load balancer doesnt do anything if the ddos is coming from clearweb exit nodes 08:37:14 there are alternative lemmy frontends but once again the lemmy routing stuff makes it impossible for me to figure out how to get it working and there is no guarantee that those wont also just crash 08:38:51 does lemmy.cafe have 'secret sauce' that we need? 08:38:55 Need to rate limit the frontend delivery + an other server to serve static contant 08:40:16 what im asking is, can there be a bounty for 'hand this dockerfile to monerobull to fix the problems' or is this more of a 'pay a team of sysadmins to overlook the entire project / fix things / pay for extra infra ' 08:41:41 the vps should be powerful enough 08:42:18 lemmy sadly isnt just a docker container, it also has some nginx config stuff and that is a big mess 08:52:39 if some trusted god-sysadmin wants to set it up from scratch with a tor friendly frontend + onion we could do a bounty for that 08:52:56 <3​21bob321:monero.social> probably not get targeted 08:53:36 right now it works "good enough" even while under attack that i am scared to mess with it too much 08:54:21 <3​21bob321:monero.social> https://join-lemmy.org/docs/administration/tor_hidden_service.html ? 08:54:45 for some reason the vps reports 99% storage usage but ncdu -x / shows like 1/3 08:56:19 I would like having the town on the darknet. However, what would be swell, would be, having the jerboa app also connect to the town's onion. 08:56:44 I don't think jerboa can connect to .onion URLs for reaching lemmy instances, yet. 09:41:38 So with everyone here having a strong opinion that you must run a full node, I guess people in here hate feather? What are the actual security problems of using feather? 09:42:21 I don't hate feather, neither do I think "everyone should run a full node" 09:42:31 feather can be pointed at a local node 09:44:20 using a remote node over tor still has concerns, i'd watch the breaking monero episode 7 on remote nodes. here is the canonical youtube link https://www.youtube.com/watch?v=n6Bxp0k7Uqg 09:45:21 plowsof: thanks, I should check it. However, Monero cannot reach as much people as it could, if it were a requirement on everyone to run a full node. 09:46:16 as many services has stated, including localmonero RIP - when a customer has an issue with something, 'just use feather' pretty much solves it 09:46:31 :) 09:46:46 id rather people use a remote node than giving their viewkey to a remote scanning service 09:47:03 plowsof: ++ 09:47:22 Depends which people I guess. 09:53:07 what's alex from localmonero doing these days? 09:53:21 it would be a loss to have him leave the monerosphere permanently. 09:54:03 the people need to decide what kind of people they are hmmm "So you want to send/receive Monero?" monero.garden type reading material perhaps 09:55:18 plowsof: yes, that's a good idea. Perhaps a step-by-step reading guide: "follow these articles if you are a merchant and want to accept XMR in your online store." 09:55:48 "follow these articles if you want to hoard Monero and pass it onto your sons." 09:56:31 or, follow these articles if you want to isolate feather wallet and monerod on your qubesOS: https://karapara.kyun.li/wiki/feather-wallet/feather_wallet_isolated_qubes_whonix_setup_en/ 09:56:34 note that local node management is on feathers to-do list 09:56:54 plowsof: that sounds cool. 10:01:30 so there would be a scale: full local node on the left, and fr**wallet on the right 10:04:01 light nodes are also possible https://github.com/monero-project/research-lab/issues/69 10:04:32 also js, iirc due to feather wallets multi broadcasting of transactions, it could be possible for an outside observer to determine that this tx was made using FW, pls confirm 10:04:47 i read this a year(s) ago, maybe things have changed 10:07:37 So you’re saying the more people use feather the more private it will get? :P 10:15:10 "feather wallets multi broadcasting of transactions" <--- I am guessing my setup (which I linked above) with feather wallet in an offline qube, only allowed to connect to the 18081 port of my monerod node, disables such a "multi broadcasting" feature on feather wallet's part. 10:18:46 Viewkey to a remote scanning service? What? 10:19:05 Anyway, are there big disadvantages of using Feather with a local node? 10:19:14 BlueyHealer: I think plowsof was thinking about mymonero wallet. 10:19:40 Not like I would be running any, space would be a concern, an extra HDD would cost more than my entire stash of XMR) 10:19:54 BlueyHealer: "are there big disadvantages of using Feather with a local node?" <--- I can't think of any disadvantages. 10:19:57 k4r4b3y, ah, never heard of it. 10:21:58 "an extra HDD would cost more than my entire stash of XMR" <--- high tech, low stack (of XMR). 10:26:54 wdym? 10:27:34 I mean, HDD prices are fairly low nowadays (last I checked). If that amounts to more than your XMR stash, imo you should get more XMR. (tongue in cheek) 10:29:11 I was also making a point about the fact that Monero is such a high-tech piece of software and we are using it, yet most of us have minuscule stacks of it. 10:29:50 In the event of hypermonero-ization, we won't be the most beneficiaries of such event (due to our low stacks of XMR). 10:30:16 I mean, I don't need more XMR, I spend very little. And I have needs more important than buying extra XMR. 10:30:23 Kinda like cyberpunk: high tech low life. 10:30:29 ah, get it. 10:30:32 BlueyHealer: understood. 10:31:08 o​frnxmr:monero.social: > Trocador and plowsof nodes have tx-proxy. Not sure about the others 10:31:18 I wonder: in such a case, I guess a remote Tor node would be enough? Plus threat model being low, the biggest risk being "what if XMR is cracked down on in the future". 10:31:26 Mine (mainnet) have always had that too. I haven't found a .onion P2P node for stagenet in years. 10:32:55 BlueyHealer: if you aren't someone that is personally targeted by intelligence agencies, you are good with using a remote onion node. Always compare the remote node's transaction fee with some other source, though; as the remote nodes might lie to you about the fee rates. 10:33:23 Also now I am afraid that I connected to nodes without Tor a few times :/ Wonder if this would bite me in the ass. Chainalysis is Western so even smaller deal, but the other nodes in the list might've been controlled by my country... 10:33:50 BlueyHealer: going forward, use .onion ones. 10:33:57 Yeah, know about fees) Even without comparison, I usually see it is less than "pocket change". 10:34:02 yeah 10:34:39 k4r4b3y, yeah, I have been doing so for a while now. I just wonder if my previous mistakes could contribute to my future transactions. 10:35:31 At least I have a reassurance in being extremely unlikely to be targeted, and impossible to target "seriously". 10:35:57 BlueyHealer: that's good. Keep it that way. 10:41:06 I just wonder if the past mistakes could impact future ones. 10:43:38 BlueyHealer: you need to be more specific in your worries. What exactly are you worried about? What kinds of past mistakes could impact future ones (again, what?)? 10:45:08 I meant the transactions I made via clearnet from that wallet - would they have an impact on what I would do with the wallet going further? Would transferring to a new wallet help? 10:46:27 That's better. So, if I am understanding you correctly, one of your worries is that you think that your enotes ("your xmr coins") might be associated with your clearnet IP, and that in the future, as you keep using your enotes, you think that this association might persist? 10:47:38 Yeah, and whatever funds would get into this wallet afterwards. I am reading materials on XMR now but still not quite grasping this. 10:48:23 I think the privacy worries you have with incoming, new coins into your wallet aren't related to your "past mistake" of using clearnet nodes. 10:49:41 Each monero transaction that spends an enote ("coin") also presents to the blockchain 15 other decoys. As such an obfuscation piles upon one another on the blockchain, your own coins will get mixed in with others'. 10:50:02 The line between your coins and others' coins, to an outside observer, will blur. 10:51:20 So, putting some time interval between the times that you've used clearnet nodes, and then spent your own coins using the onion nodes; that time interval plays to your advantage, imo. The longer it is, the more obfuscated and untraceable the supposed link will be. 10:58:44 BlueyHealer: also, see this video in order to understand the tracing capabilities of chainalysis from last year: https://vimeo.com/1009284260 10:58:50 Ah, good to know. Also... Is the decoy selection relying on the node or something else too? Could a node mix in known decoys? 10:59:21 mentioned on the website? 10:59:53 nope, registred from google 11:00:07 "Could a node mix in known decoys?" <--- I suppose a malicious node could do that, although I am quite uneducated in this topic. 11:01:14 I either missed that or haven't read far enough. 11:03:11 google what? 11:03:13 you mean real IP address? 11:18:07 The wallet decides which indices to pick. The node can't substitute other keys or the tx will fail to verify. 11:18:51 A node *might* be able to decide which outputs they want in a tx, then manufacture a fake distribution that has only these, and claim the chain has just 16 outputs on it. 11:19:17 Not sure if that'd work. I don't want to spend time trying, but if somone here wants to... 11:19:59 (ie, that node would send the wallet info that would induce it to pick the outputs the node wants it to use) 11:20:26 Ah, will look into this. 11:20:36 Now, it would be tamper evident, if you keep logs (or even check the "here what was selected" line on confirmation. 11:21:34 "A node *might* be able to decide which outputs they want in a tx, then manufacture a fake distribution that has only these, and claim the chain has just 16 outputs on it." <--- so yeah, isn't this the "textbook definition" of a malicious node providing a remote wallet its known decoys? 11:21:44 The node only sends output distribution, i.e. how many outputs are in each block 11:21:56 it can probably manipulate this output to make wallet pick some specific outputs 11:22:15 Yes, but I was thinking it'd claim 0 everywhere except on the places it wants you to pick. 11:22:16 But it needs proof of concept 11:22:31 sech1: that sounds like it supports my initial, uneducated intution. 11:23:21 FCMP++ will cleanse everything. 11:23:47 would be nice if someone could create a prrof of concept 11:24:54 proof* 11:25:37 Even if the daemon cannot induce the wallet to create a tx with that data, it actually allows the daemon to tell at least one output of yours: 11:26:11 it sends the wallet a distribution with 16 outputs, and then the wallet asks for all these plus an extra one. Which has to be yours. Very unlikely to be one of the 16. 11:26:49 Actually, there'll be some uncertainty, the wallet asks for 2.5 times 16 IIRC. So the daemon would have to claim 40 on the chain. 11:27:32 It could send a distribution where a single block has these 40 or so outputs, and all belong to the attacker, and all are spent already 11:28:07 Why would spendness matter ? 11:28:29 And yes, no uncertainty actually. I was wrong there. 11:29:41 If they are spent or not doesn't matter, yes. If the all belong to the attacker 11:29:47 *they 11:32:21 Oh, can't work, fortunately: // sanity check THROW_WALLET_EXCEPTION_IF(m_rct_offsets.offsets().back() >= OUTPUT_DISTRIBUTION_MAX_OUTPUT_SUM, error::wallet_internal_error, "Unrealistic number of outputs in output distribution"); 11:32:44 (that's 100000000) 11:34:23 Ah, I remembered adding something like this: 11:34:24 THROW_WALLET_EXCEPTION_IF(m_rct_offsets.back() <= max_rct_index, 11:34:25 error::get_output_distribution, "Daemon reports suspicious number of rct outputs"); 11:35:20 Nevermind then. Was interesting to think about, even if it was thought of before. 11:37:46 Where is that code? I can't find it 11:37:53 wallet2.cpp 11:38:23 not in the master branch 11:38:33 Oh. Maybe just in Townforge then... 11:38:57 No, in monero master, line 9149. 11:39:37 ah, it has different name there 11:39:40 Ah the first one comes from feather mods I merged into TF long ago. The second one is mine, from ages ago. 11:41:58 Oooh, might be able to bypass this check: 11:42:50 Claim 0 everywhere, except on the places you want to the wallet to pick, and put the real number of outputs on the last slot. The wallet will never pick those as they're 10 block locked. 11:43:00 So that goes past the sanity checks. 11:43:10 Back in the race ^_^ 11:45:28 Quick sanity check against this might be to check every slot has >= 1 (the min number of coinbase outs). 11:45:49 (after rct coinbases becomes mandatory) 11:46:16 moneroomoo: would that be assuming that the malicious node operators do not possess coinbase outputs? 11:46:34 Then again, it's not enough: someone will ask for N-1 coinbases and still disclose their real out... 11:46:43 I don't think so. 11:54:47 Maybe make the output distribution built-in up until some block, like monerod checkpoints 11:55:50 Yes, or a hash of the first N distriution slots, and update N with every release. 11:56:08 Depends on the size of it I guess. 15:39:20 Is the Matrix server down for other people too? 17:12:04 Yes 17:54:32 (the monero.social Matrix seems unreachable for me from both accounts, this is a test message attempt at 16:28 UTC from my monero.social account.) 17:55:02 yep 17:55:02 PSA. monero.social Matrix homeserver is down. If you still want to participate in today's MRL meeting or just hang with us while CS fixes it, use a different homeserver or join through IRC. 18:07:30 IRC FTW 18:07:55 Just as I borked my Matrix install's media capabilities. 18:44:00 > Hello, 18:44:02 > 18:44:04 > We have received a copyright complaint under our Terms of Use and Copyright Policy from Chainalysis about the following materials uploaded by your user account to archive.org: 18:44:06 > 18:44:08 > https://archive.org/details/chainalysis_XMR 18:44:10 > 18:44:12 > The above materials have been disabled. If you believe that this copyright complaint was in error, you may file a counter-notice (as described under the question "How do I submit a copyright complaint counter-notice?"). If you seek more information about the copyright claim, for instance, identification of the particular allegedly infringed work(s), please let us know. 18:44:14 > 18:44:16 > You are only permitted to upload materials that you have the rights to. The Internet Archive disables accounts that repeatedly violate the copyrights of others. Thank you for ensuring that your use of archive.org abides by our Terms of Use. 18:44:18 > 18:44:20 > -- 18:46:04 p- pwease stop sharing our silli video 🥺🥺 19:02:03 haha funny i2p torrent go brr 19:02:29 based 19:03:50 "look babe there is at least one peer that's pulling the chainalysis IRS leak video. Let's share it with him." 19:10:03 test 19:11:16 yea the monero.social matrix server is fine right 19:30:17 everyone talks about this chainalysis video. I already trust noone and know that everything I do on clearnet is logged. Will it make me wiser? 19:31:30 https://vimeo.com/1009284260 19:32:38 thanks. wonder if I can download that 19:32:48 yt-dlp should work 19:33:03 I have an i2p-magnet link for it as well 19:33:20 magnet:?xt=urn:btih:d371d4e4cb9a3760ef79e94fde0b8edf22062e49&dn=Chainalysis+Presentation+on+Monero+to+IRS+-+August+2023&tr=http://tracker2.postman.i2p/announce.php 19:33:27 yeah, please paste the magnet. 19:33:29 awesome 19:35:57 bitcoinist dot org is back? 19:36:56 Was it away? I'm somewhat new to matrix and just picked a server that looked ok. 19:38:15 welcome 👋 19:38:24 Thanks :) 19:45:53 Main takeaways iirc: 19:45:54 - run your own node, or at the very least use onion remote nodes 19:45:56 - don't use exodus or other wallets which use non-standard fee rates 19:45:58 - avoid spending multiple related outputs at the same time 19:46:00 - use a proxy if you need to use exchanges or swap websites 19:47:07 If you're already using common sense and these best practices you should be okay 19:48:15 "avoid spending multiple related outputs at the same time" <--- this one stin{g,k}s. 19:49:33 I do run my own node, at least. Common sense is not so common, I heard. 19:49:34 Anyway, I'm not worried for my own sake, but am always curious about knowing what the potential enemy is doing. 19:49:55 @t​sjk:bitcoinist.org ++ 21:42:15 I have a clearnet link if you want: 21:42:16 https://v.nostr.build/D4Nzp22vRF35IRnz.mp4 21:43:44 Thanks. I already got it now. :) 21:59:32 And this link has stayed up since day 1 https://odysee.com/chainalysis-monero-tracing:e 21:59:48 What if we do a no chainalysis november and spread this video everywhere for a month 22:29:54 I'm not that well versed in monero's current decoy selection algorithm I just know that it isn't using gamma distributions. Does monero now sometimes choose decoys from years in the past even when the change output is like a day old? 22:30:41 https://xmrchain.net/tx/88f1e62b4156ef99272ab889207026d85badff3fb20a623f8f33d9bc1aab4971 in this transaction for example there are two really old utxos and the rest are relatively new so would it be a fair guess to say the 2 oldest outputs in the ring are probably real 22:30:47 Or does the algorithm account for that 22:47:32 Dsa for old decoys is indeed not that good 22:48:35 Bulk of the decoys get selected from very recent outputs , but MRL thinks that’s the best approach 22:48:58 Anyways with mythical fcmp this won’t be a problem 23:03:19 Interesting IG I'll just trust MRL!! 23:58:22 It’s a shell game. Always has been.