00:49:03 "Run ./xmrig -o 127.0.0.1:3333. Note that you don't need to specify wallet address for xmrig. Wallet address set in xmrig config will be ignored!" 00:49:11 if xmrig doesn't have my wallet address 00:49:24 then how does it know work? 06:42:19 Are you running p2pool? 06:43:57 The p2pool daemon interacts with the other p2pool participants, constructing blocks with your wallet address when its your turn to get a share 06:44:34 Xmrig is just a mining tool, it doesn't sync with the network and make blocks 06:45:28 It simply downloads the block templates from p2pool, adjusts nonces until the PoW result hits a certain difficulty target, and then returns it back to the p2pool daemon 06:46:34 Notice that you have you provide your wallet address to the p2pool daemon with the `--wallet` flag 06:47:13 Maybe try asking in #haveno-lounge:monero.social 08:06:19 https://discuss.privacyguides.net/t/trusted-monero-remote-nodes/21444 08:20:22 Fake nees 08:20:24 News 08:21:05 Current guidance is here 08:21:32 > I recommend to stop using 3rd party remote nodes immediately. Run your own node instead. If you can't avoid using a 3rd party node, make sure you trust the node operator. 08:22:01 https://www.reddit.com/r/Monero/comments/134jbdt/security_advisory_new_attack_from_malicious/ 08:23:01 205GB+ for a full node or 80GB+ * 08:24:51 >Given these two things, I think we should compile a list of recommended remote nodes to use alongside your Monero wallet 08:24:53 providing a public list of nodes just opens the door for a public list of node traffic to watch. 08:24:55 No wallet aside from CLI have ssl pinning, so you can forget about trusting your connection to any remote node 08:25:24 fyi pruned nodes gives same level of privacy as a full node. So don't let storage be a reason to not to run one 08:25:42 I2p, onion and ssh port forwarded nodes are the only secure method of connecting to your own node remotely 08:25:45 fyi pruned nodes gives same level of privacy as a full node. So don't let storage be an excuse to not to run one 08:26:39 can the remote node also see our utxos balance ? which happens in case of other chains 08:26:50 No, not your balances 08:26:51 Noo 08:26:54 <321bob321:monero.social> I have lollies 08:26:55 Not at all 08:35:22 <321bob321:monero.social> “Secondly, while Monero people would love it if everyone ran their own independent node to mitigate this problem,” 08:35:23 <321bob321:monero.social> Would make plowsof happy 08:43:08 letsencrypt makes running an https node very easy, I use caddy to run a front end for my node, then just copy over the certificate to my monero node. I created a custom script to inotifywait the letsencrypt certificate and automatically copy over the cert and restart my moneronode. 09:16:57 No wallet aside from CLI have ssl pinning, so you can forget about trusting your connection to any remote node <- But .onion nodes don't even have SSL, so that solves it. 09:19:01 Onion and i2pd nodes are e2e encrypted and dont need ssl 09:19:22 ofrnxmr, there's no reason to assume that SSL is safe 09:19:25 You need a domain, dont you @waywardson 09:19:55 Yep 09:19:57 Juliu, i never said it was, i said the opposite 09:20:26 I thought that was irony 09:20:51 yes, you need a domain. either pay for a domain or get a free on a freedns.org 09:21:06 you can get free subdomains... 09:21:16 and wayward, your letsencrypt connection can be MITM'd and my wallet wont know the difference 09:21:17 On the other hand, if you assume SSL to be unsafe, why not directly assume your crypto doesn't work? 09:21:31 freedns.afraid.org i meant 09:21:53 ?, ssl certs are centralized as are domains 09:21:53 If your wallet uses SSL, which the cli one does 09:22:37 your connection will be sure. All you have to do is type the https address in a browser and you'll know if your isp blocking a connection 09:22:41 Cli does, but (as said before) _no_ other wallets have ssl pinning 09:22:46 Theyll silently accept a self signed cert 09:23:03 The centralized authority can MITM 09:23:05 And monerod issues self signed certs by default 09:23:26 If you can't trust your DNS-host, how do you know your bank is actually your bank? 09:23:36 I trust cloudflare lol 09:23:45 It really is much easier to just make your node available over Tor 09:23:52 That's a really dumb thing to do 09:24:01 I'm quite certain all trust is unjustified, and that they're all working together with the CIA 09:24:04 or the gui wallet should be updated to authenticate SSL 09:24:11 Because youre using a browser that checks the certs against a centralized authority 09:24:26 yes, your browser and operating system comes installed with trusted roots certificates 09:24:32 waywardson, how? Self-signed certs are used for encryption, but they are not assigned by an authority 09:24:45 I use a lets encrypt certificate 09:25:00 We would need a certificate authority that is trusted by the system that can be issued by another central authority? 09:25:02 you need a (rented) domain for that 09:25:03 Right, but not all users may have domains 09:25:06 ^ 09:25:11 Users want it to 'just werk' 09:25:13 ofrnxmr, how do you know mybank.com being mapped to 123.123.123.123 should not actually map to 231.231.231.231 ? 09:25:21 DNSSEC 09:25:22 DNSSEC Juliu 09:25:30 Both will have certs, both will look valid to you 09:25:42 +1 :D lol 09:25:46 ofrnxmr, yeah, exactly. And if using remote - I don't see a reason not to use an .onion. Maybe if the ISPs have been especially nasty about blocking bridges, but this has not happened yet. 09:25:47 can a node be on both tor and public net 09:25:50 No, malicious one will not have certs that are from a valid CA 09:25:51 DNSSEC 09:26:02 Yes wayward 09:26:03 Sure waywardson 09:26:04 waywardson, yes 09:26:05 Obviously for p2p traffic and syncing with the blockchain tor would be too slow 09:26:11 Unless they compromised the private keys/have full control of DNS+other challenges, no 09:26:18 but for rpc tor is fast enough 09:26:18 recanman, it's a centralized system. They can likely manipulate it as they want 09:26:39 That system does not have cross-checking, as far as I know. It's a pure hierarchy 09:26:50 as for i2p, I believe many isps will get mad at you for doing i2p traffic 09:26:54 Running i2p or onion for rpc is dead simple 09:26:56 certificate authorities? Yes. Literally in the term, AUTHORITY 09:26:59 and free 09:27:17 Ive been running my i2p router for years 09:27:18 waywardson, there have been instances when people got in trouble for i2p? 09:27:18 but simply using tor, most isps won't care 09:27:38 How come waywardson? 09:27:49 You can disable transit on i2p if you want 09:27:50 recanman, well, it could probably be solved differently. Decentralized. With more than just one higher instance having to very the cert 09:28:03 some VPS hoster will not allow you to connect to other i2p traffic, or disallow proxying in their rules 09:28:15 But i only disable transit on mobibe 09:28:24 but as I said, simplying connect to a tor entry node would be fine. 09:28:31 Wayward? Lol, making stuff up now, are we 09:28:38 Sure, I guess, Juliu, but that is not how it is now, and it will most definitely not change 09:28:57 Vps cant stop you from connecting to other i2p traffic. Thats nonsense 09:29:04 recanman, because the powers that are do not have a motivation to improve anything 09:29:05 no, my hosting contract says I cannot use my node for proxying like tor or acting as a public vpn 09:29:21 they know you are connected to other i2p peers 09:29:39 by ip 09:29:44 CAs are generally not seen as a deficit\ by most 09:30:05 I thought you meant residential ISP waywardson 09:30:15 Again, you can `disable transit` on i2p very easily 09:30:16 Cryptography is just hoaxary anyway 09:30:51 translation: Math is fake. Thanks julio 09:30:57 I'm using a commercial hosting provider in the US 09:31:04 ofrnxmr, cryptography is not based on math 09:31:12 so am i 09:31:16 is general p2p traffic allowed waywardson? 09:31:36 there rules are no proxying traffic. 09:32:08 Cryptography is based on what, julio? Biology? 09:32:09 As ofrn said, disable transit 09:32:10 anyway, as I said, connecting to a tor open node is not an issue 09:32:17 yea, I would just disable i2p 09:32:29 Wayward, what are you using, adobe's free tier vps or smthn? Lok 09:32:39 Connecting to a Tor open node is an issue, they're BLOCKED! 09:32:40 ofrnxmr, cryptography is based on obfuscation, on unproven assumptions, and mostly on the ignorance and trust of the people using it 09:32:46 Disabkle transit* not disable i2p 09:32:48 Yeah, who is your hosting provider waywardson? Lol? 09:32:50 Only a bridge. 09:33:12 Cryptography is based on math, julio. Smh 09:33:25 see if I gave away my hosting provider then you would all know what public node I am kek 09:33:33 He is trying to say that it is based on unproven assumptions, which makes it a hoax 09:34:07 Well, I suggest you switch, because your provider seems to suck 09:34:08 ofrnxmr, there is not a single mathematical proof that any crypto system works. Not one 09:34:09 it is a hoax. I am satoshi, and fluffypony is monero's ceo 09:34:36 Monero has a CEO? 09:34:40 Let me guess, the earth is flat too, yeah? 09:34:50 Juliu, I'm in the running for it 09:34:52 I also run a public node on my home isp as well 09:34:53 Yes monero has a ceo, and yes i am satoshi 09:34:55 vote for me 09:34:57 ofrnxmr, as I said above, you are just demonstrating your ignorance and trust 09:34:59 I could use i2p for that 09:35:13 We are just joking, there is no CEO 09:35:21 recanman, I know 09:35:35 You can use i2p to forward TO your vps from home if youd like 09:35:43 I'm not joking. 09:36:06 ofrnxmr, please link me to a proof for a working crypto system. Just one. I don't even care which one 09:36:21 You really believe monero is decentralized? Its not. Its built by feds, and it has a ceo. Also a premine, and an inflation bug 09:36:27 Its all fake 09:36:33 Such a proof would also proof P != NP and make me win a million dollars :D 09:36:34 Youre all naive 09:36:48 most money is fake debt anyway 09:36:50 Signed, juliu 09:37:14 ofrnxmr, not all. recanman knows what I'm saying is true 09:37:25 #mathIsFakeNews 09:37:33 Cryptography is not based on math 09:37:53 Yes i know, its biology 09:37:58 is it? 09:38:16 Isn't it? 09:38:18 ofrnxmr, why not stop playing the ignorant clown and learn something new? Or do you think you already know it all? 09:38:27 post quantum monero 09:38:48 "Post quantum" cryptography is still a hoax that does not even work against a normal computer 09:39:10 It is all theoretical 09:39:11 If i thought i knew it all, i wouldn't know it all, i'd only think i did. (i know i know it all) 09:39:13 proof? 09:39:22 quantum computing = VC money scam 09:39:27 recanman, sadly it's not. There is no mathematical theory for it all 09:39:33 Look at discussion earlier today in offtopic 09:39:53 waywardson, "post quantum" cryptography has little to do with quantum computing 09:39:54 I mean quantum supremacy. The concept is theoretical 09:40:16 word salad 09:40:24 post quantum cryptography are crypto algorithims that can't be broken by a quantum computer 09:40:43 e.g lattice-based or multivariate ciphers ^ 09:40:46 "Quantum supremacy" was never proven and likely never will. It's just BS. And it got renamed since the "politically correct" fascists don't like the word "supremacy" anymore 09:40:58 What did it get renamed to Juliu? 09:41:13 waywardson, every encryption can be broken, even by my C64 09:41:27 sure, just wait for the universe to die heat death 09:41:39 recanman, I can't remember. I think it got renamed to "quantum advancement" or something like that 09:41:58 hmm, okay 09:42:03 Google's "proof" of "quantum supremacy" was a lie anyway 09:42:31 waywardson, the "heat death" of the universe is also a lie 09:42:36 Not even close to word salad. Maybe tongue twister, but the statement is very clear 09:42:41 the entire quantum computing market is only $5 billion which is a drop in the bucket in the tech market 09:43:05 its a lot of hype for something not even worth 1% of the tech market cap 09:43:07 Quantum computers will slowly vanish over the next decades, I think 09:43:37 But for "post quantum" cryptography you don't need a quantum computer 09:44:15 Actually, it's not even said that a "post quantum" encryption system would actually work against a quantum computer. So far they're just considering Shor's algorithm, I think 09:44:29 Shor's is for factoring primes, will affects RSA 09:45:09 waywardson, there's a paper proving that an efficient algorithm to factor integers would also lead to an efficient algorithm for that elliptic curve stuff 09:45:30 Btw, you can't factor primes 09:45:33 then we would need to move to lattice crypto 09:45:41 factoring p*q 09:45:49 waywardson, it's all the same crap 09:46:24 And it's NOT based on math 09:47:16 there aren't even any powerful quantum computers anyway 09:47:29 I personally strongly belief that cryptography is impossible. Not just conventional, but also quantum encryption 09:47:52 waywardson, yes. Not yet. But technology advances exponentially 09:48:20 (which is also why constant goods should get exponentially cheaper over time, which people never seem to understand) 09:48:56 the most recent computer hardware trends are more cost for more performance 09:49:27 probably since there is such high demand for die space due to ai hype 09:49:35 waywardson, why not solve efficient parallelization and then use multiple computers crack encryption in polynomial time? 09:50:22 doesnt shors algorithim say we can crack solving p*q in polynomial time 09:50:32 On a quantum computer, sure 09:50:36 yes 09:50:48 Do you have a quantum computer in your basement? I don't 09:51:04 Are we still talking about monero / nodes 09:51:11 I knew you're an CIA agent all along!!! 09:51:23 Wait, we're talking about monero? 09:51:35 we talking about crypto atm but we can go back to monero 09:51:56 So I'm going to add tor to my current https node 09:51:58 What kind of encryption does monero even use? 09:52:06 and i2p? 09:52:16 maybe i2p on my home node 09:52:24 p2p? None @juliu 09:52:28 Juliu is prone to off-topic 09:52:28 randomx 09:53:02 k4r4b3y, well, I'd say I'm more like talking about the core of Monero. The very fundamentals. It's sad you guys always consider this to be offtopic 09:53:20 Juliu: can't blame me for that specific prejudice. 09:53:24 I want to get one of the custom tor addresses though were like the first 10 characters you choose, you have to randomly generate a lot of keys though 09:53:39 k4r4b3y, it's almost as if you guys assume Monero to work, no matter what 09:53:46 No, you can mine a tor/i2p address 09:54:02 waywardson: generate your own tor/i2p addys 09:54:17 yea im trying to get a vanity tor address 09:54:28 waywardson: how many chars long? 09:54:37 you can even mine a monero wallet vanity address 09:54:57 nice 09:55:06 waywardson, what problem would Tor actually solve? Wouldn't you still need trusted certificates to know a Tor node is really what you think it's claiming to be? 09:55:07 probably 10, unless that is impossibly too long 09:55:18 waywardson: 10 is quite long 09:55:18 Tor uses public private keys 09:55:44 10 should take a long unless lucky 09:55:57 on a 4 core computer how long can I expect for only 1 day of compute time 09:56:06 waywardsom, how does public-key encryption solve the problem of a man in the middle, or a doppelganger? 09:56:09 I have an 8 char long one at karapara.kyun.li, and it took me half an hour or so to gen. Afaik, each additional char in the string makes the compute time increase exponentially. 09:56:32 16-cores + 16 threads took me about 8 hours for 8-character 09:56:40 (recanman prefix for my tor site) 09:56:53 Wait no, four hours 09:57:04 racanman, I have a technical question for you: How would a black-box that can efficiently invert SHA256 help us to mine Bitcoin? 09:57:04 Something like that 09:57:11 @recanman:kernal.eu: I guess I was lucky a bit lol 09:57:33 Every miner ever: "I guess I was lucky a bit" 09:57:37 How would it help mine? It would break bitcoin's PoW? 09:57:44 Juliu public key encryptions solves that your data isn't tampered by a man in the middle 09:57:44 Juliu: are you chatgpt? 09:57:49 recanman, how? 09:57:55 k4r4b3y, no? 09:57:55 Sure, you could get them very quickly, but you're breaking the integrity 09:58:02 SHA256 is supposed to be a one-way hash function 09:58:10 I'm going to go sleep. My eyes are closing. Sorry 09:58:25 sha256 technically has collisions 09:58:28 very rare though 09:58:33 waywardson, what would someone keep from pretending he is the computer you want to connect to, and then send you his public key, such that you would send your data to him encrypted in a way that he can read? 09:59:03 Thats where SSL comes in, you can authenticate that the public key he gave you was signed by a root key 09:59:22 recanman, again, how would an efficient SHA256^(-1) help you to mine Bitcoin? I can't see how that would help 09:59:24 or you preexchange keys in a trusted network 09:59:32 and you detect when the public key changes, like with SSH 10:00:04 waywardson, oh, so now you're admitting that you'd need trusted certificated to make "sure" your opponent is who he claims to be 10:00:16 *certificates 10:00:24 or preexchange keys in a trusted environment. 10:00:31 Juliu: are you saying cryptography is just for show? 10:00:46 "sha256 technically has collisions" <--- sauce? Anything available like sha-1 collisions back in 2015 (?) 10:00:48 thats because your ISP can always change your ip packets to a different server 10:01:01 sT0p: Juliu is saying lots of shit 10:01:03 Sure, solve the problem of information-sharing by trustedly shareing information? How clever 10:01:18 k4r4b3y, name one thing I said that's shit 10:01:27 Juliu: read the log 10:01:37 k4r4b3y, name one thing! You can't even name 1 10:01:44 name 1 10:01:46 i saw a lot of shitting crossing my screen 10:01:53 sT0p, yes, cryptography is just obfuscation 10:02:07 what do you mean by that 10:02:18 sT0p, I mean that cryptography can't exist 10:03:09 I would still like to know how only having a black-box SHA256^(-1) algorithm would help us mine Bitcoin 10:03:23 +efficient 10:04:41 People always claim it would, but I can't see how. I think it's not working 10:05:23 you have the sha256 of a block 10:05:54 You have to find a block such that SHA'ring it 2 times leads to a hash that has enough zeros at the beginning, yes 10:06:27 the inverse algorithim wouldn't matter for us, you are trying to find a nonce to add to a bitcoin block that makes the bitcoin block go to a sha256 with certain amount of 0s 10:07:15 Yes, nonce, and since that's too few bits in most cases you also start modifying the comment in the root transaction and do such things 10:07:44 you would have an ever lower chance of randomly finding a sha256 sum that its inverse will be the actual bitcoin block, then if you randomly try to find a nonce that makes a passing sha256sum for a block 10:08:05 a slight data change will drastically change sha256sum 10:08:12 so the inverse would not help you find the nonce 10:08:18 That's why I don't see how an efficient SHA256^(-1) would help us 10:08:38 People always claim it would, but I think that's BS 10:09:02 Does Monero also use SHA256 ? 10:09:31 no 10:09:34 monero uses randomx 10:09:41 I don't know what that is 10:09:53 its a proof of work algorithim 10:10:08 based on what? 10:11:07 its an algorithm the monero project made, look it up. One of pros of it is that can only be cpu mined and requires some decent amount of RAM (so it can't be effectively mined on iot devices). 10:11:41 Is it a zero knowledge proof? 10:12:09 I don't know the inner works of randomx, go to monero-dev 10:15:44