<f​r33_yourself:monero.social> So does this mean that a nation-state could trivially stop all monero traffic in their jurisdiction by requiring that ISPs block certain ports? Or is it not so trivial / simple?

<o​frnxmr:xmr.mx> Yes, trivially

<f​r33_yourself:monero.social> Is there any counter play that people in that jurisdiction could make to connect to the network and relay transactions?

<o​frnxmr:xmr.mx> Using tor and not having inc connections

<f​r33_yourself:monero.social> what is the downside to not having incoming connections? Also what would happen if Tor was blocked as well?

<o​frnxmr:xmr.mx> It centralized the network

<f​r33_yourself:monero.social> Does no incoming connections mean that other nodes don't see your node? or what does that mean?

<o​frnxmr:xmr.mx> if only 10% of the network has incoming connections, then all peers must connect through them

<f​r33_yourself:monero.social> And if Tor / I2P / VPNs were blocked then one would be out of luck right?

<o​frnxmr:xmr.mx> All outgoing connections can only be made to nodes that allow incoming connections. If there are 10 nodes, 9 of them behind tor, all 9 can only connect to the 10th node

<f​r33_yourself:monero.social> And if it is trivial for governments to require such port blocking then why haven't they tried this monero or bitcoin in the past?

<o​frnxmr:xmr.mx> Bitcoin iant trivial. Bitcoin has blockchain sync over onion and i2p

<f​r33_yourself:monero.social> why doesn't monero have that? Just because it would take way too long for Monero's initial download sync over Tor / I2P?

<o​frnxmr:xmr.mx> no, because monero fears sybil attacks

<o​frnxmr:xmr.mx> Really no other reason that i'm aware of.

<o​frnxmr:xmr.mx> Monero doesnt use torcontrol or i2p-sam to auto generate onion/i2p hostnames, so its also trivial right now for nodes to lie about their onion/i2p addreses

<f​r33_yourself:monero.social> The concern would be that someone would just spin up a bunch of malicious nodes over Tor or I2P? that is why Monero doesn't have it? Isn't it this specific point a strength for Bitcoin as compared to Monero?

<o​frnxmr:xmr.mx> that someone would just setup 100k onions all pointing to malicious nodes

<f​r33_yourself:monero.social> Has China or other authoritarian regimes tried to block Bitcoin or Monero port traffic before though? Or is it just that the governments don't care that much yet

<o​frnxmr:xmr.mx> its easier to generate onions than it is to acquire ip addresses

<o​frnxmr:xmr.mx> Probably the latter

<o​frnxmr:xmr.mx> They know that if they do something aggressive that we'll respond by improving monero

<f​r33_yourself:monero.social> That makes sense regarding onion generation being easier than IP addresses, but how come Bitcoin hasn't faced this issue or is it just that they aren't worried about it

<f​r33_yourself:monero.social> What could be done to improve Monero if they try to block port traffic within a country at the ISP level? What could be a possible improvement?

<f​r33_yourself:monero.social> I guess that may be one reason why you can still see both Bitcoin and Monero nodes on the node maps in China

<f​r33_yourself:monero.social> monerohash.com/nodes-distribution.html

<f​r33_yourself:monero.social> China has seven nodes that are shown on this map

<o​frnxmr:xmr.mx> Encrypt p2p traffic, randomize ports, some sort of check to ensure that each node only has 1 valid onion address

<3​21bob321:monero.social> Rav?

<o​frnxmr:xmr.mx> The latter could also help with the issue where malicious nodes are just proxying to real nodes

<3​21bob321:monero.social> real_ip_header X-Forwarded-For;

<3​21bob321:monero.social> DOH when?

<f​r33_yourself:monero.social> Gotcha thanks for the intel. I guess another big risk for users would be if they don't block traffic, just throw people in jail or something like that if their ISP catches them using Monero's software. It would increase the risk of using Monero relative to fiat in that area

<3​21bob321:monero.social> Will bring my node to jail with me

<3​21bob321:monero.social> Free power and interwebz

<f​r33_yourself:monero.social> I also wonder why the first producer (manufacturer) of ASICs for Bitcoin did NOT spin up enough machines to control a large portion of network hashrate 60%+ . It seems like it would've been fairly profitable, the only reason I could think they wouldn't is spooking people into dumping. Like couldn't the first ASIC manufacturer have fairly easily controlled a large portion of BTC ha<clipped message>

<f​r33_yourself:monero.social> shrate back in the day?

<o​frnxmr:xmr.mx> This is why i shit on cake for their service bulletin

<r​oot:kimapr.net> Why not connect to the tor nodes?

<o​frnxmr:xmr.mx> Making connections to cakes service bulletin shows everytime you open the wallet, even if youre not using their node

<o​frnxmr:xmr.mx> wdym?

<o​frnxmr:xmr.mx> The 9 nodes using tor dont have incoming connections

<o​frnxmr:xmr.mx> They canr be connected to

<r​oot:kimapr.net> onion service ..

<o​frnxmr:xmr.mx> monero doesnt do blockchain sync over onion/i2p

<r​oot:kimapr.net> anyway this is probably the reason

<o​frnxmr:xmr.mx> Doesnt support*

<f​r33_yourself:monero.social> I don't know if that is really that big of a deal though... I mean even if they coordinated with Law enforcement they would at best be able to do timing attacks

<o​frnxmr:xmr.mx> its a big deal if you think that using a tor node hid the fact that you were using monero

<f​r33_yourself:monero.social> That is a good point

<o​frnxmr:xmr.mx> Meanwhile your isp knows that you opened your cake wallet a few times a week

<o​frnxmr:xmr.mx> Cake has onion for the fiat api, onion for exchanges, but the service bulletin is a (completelt useless) feature that is clearnet only

<o​frnxmr:xmr.mx> It can be disabled, but its enabled by default. Need to _know_ about its existence if youre going to disable it

<f​r33_yourself:monero.social> I guess the good thing about Monero is that even if your ISP (and possibly by extension the government in the area) know that you are using it, they don't necessarily know who you are transacting with (unless they can tell by other ISP data from other connections made) and also don't know the size of the transactions.

<s​olar:monero.social> They can't even be sure if you're transacting at all

<f​r33_yourself:monero.social> Based on this conversation I would say it is probably easier for the government to punish people using Monero than using gold or silver to transact though. Obviously they are very different mediums of exchange though as you can't transact trustlessly over the internet with metals

<o​frnxmr:xmr.mx> Yes they can

<o​frnxmr:xmr.mx> If you send a tx over clearnet, the rpc call is easily MITM to be plain text

<s​olar:monero.social> I would assume people who run monero nodes would use their own node for rpc

<o​frnxmr:xmr.mx> Rpc payload for submitting a transaction is very much different from p2p traffic or syncing

<o​frnxmr:xmr.mx> Unless you use tx-proxy, dandelion can be defeated as well

<o​frnxmr:xmr.mx> thats why we have so many malicious proxy spy nodes

<o​frnxmr:xmr.mx> Dandelion works in a very specific way. Meaning that there is a very specific setup that can be run on the proxy to try to sybil a node to determin the source of a tz

<o​frnxmr:xmr.mx> Tx

<o​frnxmr:xmr.mx> Tx-proxy and anonymous-inbound make what could be a deterministic dandelion attack become an estimate

<0​xfffc:monero.social> Interesting discussion.

<f​r33_yourself:monero.social> Does this mean that if someone was connected to their own node at home via a phone (cake wallet) at a supermarket, then the tx amount could be MITM'd? I'm a bit skeptical that this would happen in frequently in practice, but could the transaction details be intercepted?

<o​frnxmr:xmr.mx> Yes

<f​r33_yourself:monero.social> Dang haha that is rough haha

<o​frnxmr:xmr.mx> Rpc-ssl is set to autodetect by default, which defaults to "on", but it uses a self-signed cert. Self-signed certs can be "firesheep'd"

<o​frnxmr:xmr.mx> Since most wallets dont actually check certs, its easy to mitm the cert without the wallet user noticing

<f​r33_yourself:monero.social> What if you had two laptops at home both connected to the same wifi router and one laptop runs monerod while the other is only ever used as a wallet for transacting? Would your ISP still be capable of intercepting transaction details between the two devices on the same home network?

<o​frnxmr:xmr.mx> If you use clearnet with no cert, its all plain text and can be eavesdropped w/o any work

<o​frnxmr:xmr.mx> The two devices on same LAN = no

<f​r33_yourself:monero.social> two devices on same wifi network at one's residence. could the ISP MITM them?

<o​frnxmr:xmr.mx> but its very possible for your isp to know if your node is the origin of the tx

<o​frnxmr:xmr.mx> Not unless they have a backdoor in your router, monitoring local traffic

<o​frnxmr:xmr.mx> The traffic across the lan should be private to the router.

<o​frnxmr:xmr.mx> but if your node does NOT have incoming connections, its easier for isp to know that you are the tx origin node

<f​r33_yourself:monero.social> but in the case where you are using cell service (3g) at the supermarket and connecting to your node at home, then in that case you could be MITM'd and either your cell carrier or ISP at home could intercept the size of the transaction you are sending?

<o​frnxmr:xmr.mx> Your isp would know whether your network is accepting incoming connections to your monerod.

<o​frnxmr:xmr.mx> again, the best "fix" for this is to use anonymous-inbound and tx-proxy

<o​frnxmr:xmr.mx> They can intercept the whole rpc request and every detail in it

<f​r33_yourself:monero.social> Thank you ofrn for continuing to share your knowledge by the way. Very helpful to better understand what information can be known by which parties.

<o​frnxmr:xmr.mx> The requests for blocks to sync the wallet, the request for decoy distribution, and the submission of the tx

<o​frnxmr:xmr.mx> you can try this on your own. Use pcapdroid, view the payload of the rpc calls, send a transaction

<o​frnxmr:xmr.mx> You can enable ssl on the rpc call and then enable MITM in pcap droid to see the info decrypted

<f​r33_yourself:monero.social> Cool, I'm personally not so concerned about that but mostly about transaction size and details. So it sounds like in a scenario with a crazy dragnet the intelligence agencies could be logging all rpc requested transactions for Monero? Do you think something like this is likely / possible in the US for example since they have a sophisticated intelligence agency and collect a lot of data?

<o​frnxmr:xmr.mx> doesnt wvem have to be sophisticated

<o​frnxmr:xmr.mx> "Hey google. Give me a list of users with monero wallets installed"

<o​frnxmr:xmr.mx> "hey isp, anytime a user connects to any of these popular node ip addresses, record the payload"

<o​frnxmr:xmr.mx> If targetted user "hey isp, run a packet analysis on any user that has monero wallets installed. I want all monero wallet rpc info"

<f​r33_yourself:monero.social> So the order of operations would be a simple as: (1) Gov agency wants to capture as much info on monero users as possible (2) they request all ISPs and cell service providers to log all rpc requests made over clearnet (3) Transaction amounts are then in clear to the service providers and the government (4) RingCT only prevents viewers of the blockchain from knowing transaction amounts

<o​frnxmr:xmr.mx> transaction amounts are obfuscated

<o​frnxmr:xmr.mx> Those are hidden by the wallet before being transmit to the node

<m​onerobull:matrix.org> ringsigs have nothing to do with amounts and will be replaced soon anyways

<f​r33_yourself:monero.social> This seems like the more troublesome scenario but it still doesn't change my use case that much

<o​frnxmr:xmr.mx> The main thing this would reveal is which mobile user submit the txid, to which node and potentially which wallet it used

<f​r33_yourself:monero.social> so even cell service carriers and isp's can't intercept the transaction amount?

<f​r33_yourself:monero.social> ^ Even with Man in the middle?

<o​frnxmr:xmr.mx> Correct

<o​frnxmr:xmr.mx> Correct

<o​frnxmr:xmr.mx> Tx amounts are are "prefectly" hidden before being broadcast

<f​r33_yourself:monero.social> Ah that is a relief. Because it would weaken Monero's privacy to governments and internet providers. Seems that isn't the case though. Thanks again for your responses it is very useful.

<o​frnxmr:xmr.mx> Npnp. The main takeaway is "use tx-proxy and anonymous-inbound on the node" and "use onion/i2p nodes when not local"

<f​r33_yourself:monero.social> In your opinion what are the biggest advantages of having say 5% of one's net worth in Monero versus Gold? In my opinion the advantages of holding Monero are (1) If you lack physical security such as a home invasion/raid a private key is easier to hide than a physical good like gold (2) If you have to pick up and move across borders in an emergency / urgently, you can carry more m<clipped message>

<f​r33_yourself:monero.social> onetary value in a Monero private key than you could in physical gold

<o​frnxmr:xmr.mx> I think gold / metals aren't realistic forms of value storage anymore

<f​r33_yourself:monero.social> why is that?

<o​frnxmr:xmr.mx> because nobody can accept them and they arent divisible or useful

<r​ecanman:kernal.eu> A very high level of scarcity can be bad for a currency as well

<o​frnxmr:xmr.mx> they didnt start making coins out of cheap metals simply because they wanted to rip people off, but also because silver has better uses than money

<r​ecanman:kernal.eu> Gold seems to prove well in worst-case scenarios, not for everyday use (lol)

<r​ecanman:kernal.eu> Gold might prove well in worst-case scenarios, not for everyday use (lol)

<o​frnxmr:xmr.mx> monero has more risk involved. You never know is some bug is going to wipe out the tech

<f​r33_yourself:monero.social> I agree that Gold isn't very divisible in a trustless manner (gold dust not practical for commerce). I disagree to some extent regarding Gold's use for high value transactions. Plus I can see how it would be prudent to hold some Gold in case there is a critical bug in Monero or the power goes out for a prolonged period (mostly a third world problem)

<r​ecanman:kernal.eu> Right

<r​ecanman:kernal.eu> Yeah.

<r​ecanman:kernal.eu> Something interesting that I'd want to explore at some point in my life is using radio for maintaining a blockchain

<o​frnxmr:xmr.mx> Like north carolina during the hurricane. Monero not very useful

<o​frnxmr:xmr.mx> But neither is gold.

<f​r33_yourself:monero.social> Monero is scarcer than Gold presently though haha. Monero's supply (assuming no inflation bug has been exploited) is diluted by less than 1% a year. Gold is closer to 1.5% or 1.75%. Not to mention that there is likely more Monero lost each year than above ground gold lost

<r​ecanman:kernal.eu> There is the New Packet Radio standard over VHF, 500kbps effective bitrate, which is more than enough

<o​frnxmr:xmr.mx> monero isnt harder to divide or distribute than gold

<r​ecanman:kernal.eu> Yep. You're assuming the future in mining for gold is stable though

<r​ecanman:kernal.eu> Pros and cons for each

<f​r33_yourself:monero.social> That is what I mean. That is why I think it could be prudent to hold both as hedges for different scenarios. Both are diluted less than fiat currencies and can be self-custodied. Gold is a good hedge against fiat currency losing Purchasing Power and some sort of prolonged power outage or critical bug in Monero. Monero is a good hedge against fiat currency losing Purchasing Power a<clipped message>

<f​r33_yourself:monero.social> nd is useful if you have to pickup ship and cross borders quickly.

<r​ecanman:kernal.eu> Certainly agree

<r​ecanman:kernal.eu> Fault tolerance. Have multiple forms of payment

<r​ecanman:kernal.eu> Fault tolerance and redundancy. Have multiple forms of payment

<r​ecanman:kernal.eu> Credit/debit card, cash, Monero, precious metals. Best not to rely on one form of value exchange

<f​r33_yourself:monero.social> Yes, neither Monero or 1 oz gold coins would be useful for transacting in the hurricane and flooding scenario you describe. paper fiat would be best for transacting. But once you get to the otherside of the event you still have the valuable / scarce gold or Monero that you had before the crisis event. Neither would be practical media of exchange in that scenario but both would've <clipped message>

<f​r33_yourself:monero.social> held their value through that specific scenario.

<o​frnxmr:xmr.mx> My multiple forms

<o​frnxmr:xmr.mx> base, ape, ssj, ssj2, ssj3

<o​frnxmr:xmr.mx> Oh, of payments

<f​r33_yourself:monero.social> This is true. I agree 100%. Monero is more divisible and can be transported way way faster than Gold across distances. My main reason behind thinking it is smart to own some gold is that there could still be problems with Monero and gold is a better store of value than fiat over time. Plus gold is fungible and marketable (unlike houses or other durable goods).

<r​ecanman:kernal.eu> Yes, of course

<r​ecanman:kernal.eu> It is not smart to have a single point of failure in anything

<r​ecanman:kernal.eu> Regardless if we are talking about currencies or servers or whatever

<o​frnxmr:xmr.mx> cash, debit, credit, monero, barter goods and services for some iou

<f​r33_yourself:monero.social> I think this is a fair assumption. It could be a false assumption, but historically gold has been the physical commodity with the best features as money and the highest above ground stock to flow ratio

<o​frnxmr:xmr.mx> I want the entire monero infra on aws. Like thorchain

<r​ecanman:kernal.eu> Yeah. Just something to consider

<o​frnxmr:xmr.mx> (/s)

<r​ecanman:kernal.eu> Assuming Monero's protocols/software are sound (theoretically), Monero would be a 'safer' option supply-wise

<o​frnxmr:xmr.mx> Gold has not had the best features

<o​frnxmr:xmr.mx> Thats why paper iou's for gold were created

<o​frnxmr:xmr.mx> and why fake gold alloys were counterfeited, and why coins are ribbed

<o​frnxmr:xmr.mx> (because gold is hard to divide, distribute, store, etc)

<f​r33_yourself:monero.social> I feel like it is sometimes smart to have a single point of failure if you are very confident in that that the thing won't fail. For example, I could see why someone would not want to fiat currency beyond a certain amount (liquidity for emergencies), and as one's savings increase over time they plow the rest into gold.

<o​frnxmr:xmr.mx> just be poor

<r​ecanman:kernal.eu> Hahaha, no

<o​frnxmr:xmr.mx> Have no points of failure

<f​r33_yourself:monero.social> For example, someone may save $20k in fiat and above that amount they may chose to hold the rest in gold, so that as their total savings increase the proportion of their wealth in gold increases as well (as they discontinue stacking fiat)

<r​ecanman:kernal.eu> That's not single point of failure

<r​ecanman:kernal.eu> You still have fiat

<o​frnxmr:xmr.mx> Land > fiat > gold

<o​frnxmr:xmr.mx> Er, i mean, land > fiat and gold

<f​r33_yourself:monero.social> For sure, I agree with you as Monero has a higher existing stock to flow ratio than Gold does. This makes Monero useful relative to fiat who has broken supply dynamics haha

<o​frnxmr:xmr.mx> too bad that nobody owns land anymore w/o paying tax on it ..

<r​ecanman:kernal.eu> Yeah, by nature. The idea of cryptograhically verifying supply was quite a smart one

<r​ecanman:kernal.eu> You're putting trust in humans

<r​ecanman:kernal.eu> When you use fiat

<r​ecanman:kernal.eu> Counterfeiting is also a possibility

<r​ecanman:kernal.eu> But not with Monero (again, assuming protocols are sound)

<f​r33_yourself:monero.social> Yes, paper claims on gold were created to help Gold scale. The failure of owner's to assure they weren't rug pulled was the problem. Of course I agree it would be ideal if there existed a money with high stock to flow that was sufficiently divisible that it could scale in a trustless manner. This didn't exist until crypto showed up though. Fiat is just a coup-de-tat on Gold