20:06:14 So does this mean that a nation-state could trivially stop all monero traffic in their jurisdiction by requiring that ISPs block certain ports? Or is it not so trivial / simple? 20:06:37 Yes, trivially 20:08:08 Is there any counter play that people in that jurisdiction could make to connect to the network and relay transactions? 20:09:07 Using tor and not having inc connections 20:09:44 what is the downside to not having incoming connections? Also what would happen if Tor was blocked as well? 20:12:29 It centralized the network 20:13:06 Does no incoming connections mean that other nodes don't see your node? or what does that mean? 20:13:14 if only 10% of the network has incoming connections, then all peers must connect through them 20:13:53 And if Tor / I2P / VPNs were blocked then one would be out of luck right? 20:14:13 All outgoing connections can only be made to nodes that allow incoming connections. If there are 10 nodes, 9 of them behind tor, all 9 can only connect to the 10th node 20:14:21 And if it is trivial for governments to require such port blocking then why haven't they tried this monero or bitcoin in the past? 20:14:51 Bitcoin iant trivial. Bitcoin has blockchain sync over onion and i2p 20:15:45 why doesn't monero have that? Just because it would take way too long for Monero's initial download sync over Tor / I2P? 20:16:06 no, because monero fears sybil attacks 20:16:17 Really no other reason that i'm aware of. 20:17:23 Monero doesnt use torcontrol or i2p-sam to auto generate onion/i2p hostnames, so its also trivial right now for nodes to lie about their onion/i2p addreses 20:17:25 The concern would be that someone would just spin up a bunch of malicious nodes over Tor or I2P? that is why Monero doesn't have it? Isn't it this specific point a strength for Bitcoin as compared to Monero? 20:18:04 that someone would just setup 100k onions all pointing to malicious nodes 20:18:21 Has China or other authoritarian regimes tried to block Bitcoin or Monero port traffic before though? Or is it just that the governments don't care that much yet 20:18:29 its easier to generate onions than it is to acquire ip addresses 20:18:40 Probably the latter 20:19:08 They know that if they do something aggressive that we'll respond by improving monero 20:19:35 That makes sense regarding onion generation being easier than IP addresses, but how come Bitcoin hasn't faced this issue or is it just that they aren't worried about it 20:20:22 What could be done to improve Monero if they try to block port traffic within a country at the ISP level? What could be a possible improvement? 20:20:57 I guess that may be one reason why you can still see both Bitcoin and Monero nodes on the node maps in China 20:22:18 https://monerohash.com/nodes-distribution.html 20:22:33 China has seven nodes that are shown on this map 20:23:45 Encrypt p2p traffic, randomize ports, some sort of check to ensure that each node only has 1 valid onion address 20:24:16 <3​21bob321:monero.social> Rav? 20:24:27 The latter could also help with the issue where malicious nodes are just proxying to real nodes 20:25:27 <3​21bob321:monero.social> real_ip_header X-Forwarded-For; 20:25:47 <3​21bob321:monero.social> DOH when? 20:25:50 Gotcha thanks for the intel. I guess another big risk for users would be if they don't block traffic, just throw people in jail or something like that if their ISP catches them using Monero's software. It would increase the risk of using Monero relative to fiat in that area 20:26:17 <3​21bob321:monero.social> Will bring my node to jail with me 20:26:30 <3​21bob321:monero.social> Free power and interwebz 20:30:36 I also wonder why the first producer (manufacturer) of ASICs for Bitcoin did NOT spin up enough machines to control a large portion of network hashrate 60%+ . It seems like it would've been fairly profitable, the only reason I could think they wouldn't is spooking people into dumping. Like couldn't the first ASIC manufacturer have fairly easily controlled a large portion of BTC ha 20:30:36 shrate back in the day? 20:31:39 This is why i shit on cake for their service bulletin 20:32:03 Why not connect to the tor nodes? 20:32:13 Making connections to cakes service bulletin shows everytime you open the wallet, even if youre not using their node 20:32:29 wdym? 20:32:49 The 9 nodes using tor dont have incoming connections 20:32:53 They canr be connected to 20:33:05 onion service .. 20:33:28 monero doesnt do blockchain sync over onion/i2p 20:33:29 anyway this is probably the reason 20:33:36 Doesnt support* 20:34:00 I don't know if that is really that big of a deal though... I mean even if they coordinated with Law enforcement they would at best be able to do timing attacks 20:34:57 its a big deal if you think that using a tor node hid the fact that you were using monero 20:35:39 That is a good point 20:35:41 Meanwhile your isp knows that you opened your cake wallet a few times a week 20:36:46 Cake has onion for the fiat api, onion for exchanges, but the service bulletin is a (completelt useless) feature that is clearnet only 20:37:18 It can be disabled, but its enabled by default. Need to _know_ about its existence if youre going to disable it 20:45:57 I guess the good thing about Monero is that even if your ISP (and possibly by extension the government in the area) know that you are using it, they don't necessarily know who you are transacting with (unless they can tell by other ISP data from other connections made) and also don't know the size of the transactions. 20:46:33 They can't even be sure if you're transacting at all 20:48:20 Based on this conversation I would say it is probably easier for the government to punish people using Monero than using gold or silver to transact though. Obviously they are very different mediums of exchange though as you can't transact trustlessly over the internet with metals 21:01:22 Yes they can 21:02:00 If you send a tx over clearnet, the rpc call is easily MITM to be plain text 21:02:47 I would assume people who run monero nodes would use their own node for rpc 21:02:50 Rpc payload for submitting a transaction is very much different from p2p traffic or syncing 21:04:46 Unless you use tx-proxy, dandelion can be defeated as well 21:05:17 thats why we have so many malicious proxy spy nodes 21:06:18 Dandelion works in a very specific way. Meaning that there is a very specific setup that can be run on the proxy to try to sybil a node to determin the source of a tz 21:06:20 Tx 21:07:48 Tx-proxy and anonymous-inbound make what could be a deterministic dandelion attack become an estimate 21:08:31 <0​xfffc:monero.social> Interesting discussion. 23:14:22 Does this mean that if someone was connected to their own node at home via a phone (cake wallet) at a supermarket, then the tx amount could be MITM'd? I'm a bit skeptical that this would happen in frequently in practice, but could the transaction details be intercepted? 23:16:35 Yes 23:16:56 Dang haha that is rough haha 23:17:36 Rpc-ssl is set to autodetect by default, which defaults to "on", but it uses a self-signed cert. Self-signed certs can be "firesheep'd" 23:18:23 Since most wallets dont actually check certs, its easy to mitm the cert without the wallet user noticing 23:18:40 What if you had two laptops at home both connected to the same wifi router and one laptop runs monerod while the other is only ever used as a wallet for transacting? Would your ISP still be capable of intercepting transaction details between the two devices on the same home network? 23:18:49 If you use clearnet with no cert, its all plain text and can be eavesdropped w/o any work 23:19:09 The two devices on same LAN = no 23:20:05 two devices on same wifi network at one's residence. could the ISP MITM them? 23:20:07 but its very possible for your isp to know if your node is the origin of the tx 23:20:45 Not unless they have a backdoor in your router, monitoring local traffic 23:21:49 The traffic across the lan should be private to the router. 23:21:50 but if your node does NOT have incoming connections, its easier for isp to know that you are the tx origin node 23:22:01 but in the case where you are using cell service (3g) at the supermarket and connecting to your node at home, then in that case you could be MITM'd and either your cell carrier or ISP at home could intercept the size of the transaction you are sending? 23:23:03 Your isp would know whether your network is accepting incoming connections to your monerod. 23:23:04 again, the best "fix" for this is to use anonymous-inbound and tx-proxy 23:23:27 They can intercept the whole rpc request and every detail in it 23:23:50 Thank you ofrn for continuing to share your knowledge by the way. Very helpful to better understand what information can be known by which parties. 23:24:04 The requests for blocks to sync the wallet, the request for decoy distribution, and the submission of the tx 23:26:09 you can try this on your own. Use pcapdroid, view the payload of the rpc calls, send a transaction 23:26:22 You can enable ssl on the rpc call and then enable MITM in pcap droid to see the info decrypted 23:26:31 Cool, I'm personally not so concerned about that but mostly about transaction size and details. So it sounds like in a scenario with a crazy dragnet the intelligence agencies could be logging all rpc requested transactions for Monero? Do you think something like this is likely / possible in the US for example since they have a sophisticated intelligence agency and collect a lot of data? 23:26:59 doesnt wvem have to be sophisticated 23:27:19 "Hey google. Give me a list of users with monero wallets installed" 23:27:51 "hey isp, anytime a user connects to any of these popular node ip addresses, record the payload" 23:28:29 If targetted user "hey isp, run a packet analysis on any user that has monero wallets installed. I want all monero wallet rpc info" 23:29:16 So the order of operations would be a simple as: (1) Gov agency wants to capture as much info on monero users as possible (2) they request all ISPs and cell service providers to log all rpc requests made over clearnet (3) Transaction amounts are then in clear to the service providers and the government (4) RingCT only prevents viewers of the blockchain from knowing transaction amounts 23:29:40 transaction amounts are obfuscated 23:30:00 Those are hidden by the wallet before being transmit to the node 23:30:11 ringsigs have nothing to do with amounts and will be replaced soon anyways 23:30:32 This seems like the more troublesome scenario but it still doesn't change my use case that much 23:31:01 The main thing this would reveal is which mobile user submit the txid, to which node and potentially which wallet it used 23:31:03 so even cell service carriers and isp's can't intercept the transaction amount? 23:31:25 ^ Even with Man in the middle? 23:31:26 Correct 23:31:37 Correct 23:32:14 Tx amounts are are "prefectly" hidden before being broadcast 23:32:18 Ah that is a relief. Because it would weaken Monero's privacy to governments and internet providers. Seems that isn't the case though. Thanks again for your responses it is very useful. 23:33:33 Npnp. The main takeaway is "use tx-proxy and anonymous-inbound on the node" and "use onion/i2p nodes when not local" 23:36:35 In your opinion what are the biggest advantages of having say 5% of one's net worth in Monero versus Gold? In my opinion the advantages of holding Monero are (1) If you lack physical security such as a home invasion/raid a private key is easier to hide than a physical good like gold (2) If you have to pick up and move across borders in an emergency / urgently, you can carry more m 23:36:36 onetary value in a Monero private key than you could in physical gold 23:37:44 I think gold / metals aren't realistic forms of value storage anymore 23:37:55 why is that? 23:38:26 because nobody can accept them and they arent divisible or useful 23:39:29 A very high level of scarcity can be bad for a currency as well 23:39:37 they didnt start making coins out of cheap metals simply because they wanted to rip people off, but also because silver has better uses than money 23:39:49 Gold seems to prove well in worst-case scenarios, not for everyday use (lol) 23:39:55 Gold might prove well in worst-case scenarios, not for everyday use (lol) 23:41:21 monero has more risk involved. You never know is some bug is going to wipe out the tech 23:41:24 I agree that Gold isn't very divisible in a trustless manner (gold dust not practical for commerce). I disagree to some extent regarding Gold's use for high value transactions. Plus I can see how it would be prudent to hold some Gold in case there is a critical bug in Monero or the power goes out for a prolonged period (mostly a third world problem) 23:41:25 Right 23:41:38 Yeah. 23:42:04 Something interesting that I'd want to explore at some point in my life is using radio for maintaining a blockchain 23:42:18 Like north carolina during the hurricane. Monero not very useful 23:42:24 But neither is gold. 23:42:38 Monero is scarcer than Gold presently though haha. Monero's supply (assuming no inflation bug has been exploited) is diluted by less than 1% a year. Gold is closer to 1.5% or 1.75%. Not to mention that there is likely more Monero lost each year than above ground gold lost 23:42:54 There is the New Packet Radio standard over VHF, 500kbps effective bitrate, which is more than enough 23:43:18 monero isnt harder to divide or distribute than gold 23:43:33 Yep. You're assuming the future in mining for gold is stable though 23:43:40 Pros and cons for each 23:45:23 That is what I mean. That is why I think it could be prudent to hold both as hedges for different scenarios. Both are diluted less than fiat currencies and can be self-custodied. Gold is a good hedge against fiat currency losing Purchasing Power and some sort of prolonged power outage or critical bug in Monero. Monero is a good hedge against fiat currency losing Purchasing Power a 23:45:24 nd is useful if you have to pickup ship and cross borders quickly. 23:45:41 Certainly agree 23:46:19 Fault tolerance. Have multiple forms of payment 23:46:28 Fault tolerance and redundancy. Have multiple forms of payment 23:46:59 Credit/debit card, cash, Monero, precious metals. Best not to rely on one form of value exchange 23:47:35 Yes, neither Monero or 1 oz gold coins would be useful for transacting in the hurricane and flooding scenario you describe. paper fiat would be best for transacting. But once you get to the otherside of the event you still have the valuable / scarce gold or Monero that you had before the crisis event. Neither would be practical media of exchange in that scenario but both would've 23:47:36 held their value through that specific scenario. 23:49:31 My multiple forms 23:49:32 base, ape, ssj, ssj2, ssj3 23:49:37 Oh, of payments 23:50:17 This is true. I agree 100%. Monero is more divisible and can be transported way way faster than Gold across distances. My main reason behind thinking it is smart to own some gold is that there could still be problems with Monero and gold is a better store of value than fiat over time. Plus gold is fungible and marketable (unlike houses or other durable goods). 23:50:30 Yes, of course 23:50:40 It is not smart to have a single point of failure in anything 23:50:50 Regardless if we are talking about currencies or servers or whatever 23:50:55 cash, debit, credit, monero, barter goods and services for some iou 23:51:12 I think this is a fair assumption. It could be a false assumption, but historically gold has been the physical commodity with the best features as money and the highest above ground stock to flow ratio 23:51:32 I want the entire monero infra on aws. Like thorchain 23:51:34 Yeah. Just something to consider 23:51:36 (/s) 23:52:12 Assuming Monero's protocols/software are sound (theoretically), Monero would be a 'safer' option supply-wise 23:52:24 Gold has not had the best features 23:52:34 Thats why paper iou's for gold were created 23:53:04 and why fake gold alloys were counterfeited, and why coins are ribbed 23:53:50 (because gold is hard to divide, distribute, store, etc) 23:54:00 I feel like it is sometimes smart to have a single point of failure if you are very confident in that that the thing won't fail. For example, I could see why someone would not want to fiat currency beyond a certain amount (liquidity for emergencies), and as one's savings increase over time they plow the rest into gold. 23:54:22 just be poor 23:54:24 Hahaha, no 23:54:35 Have no points of failure 23:54:57 For example, someone may save $20k in fiat and above that amount they may chose to hold the rest in gold, so that as their total savings increase the proportion of their wealth in gold increases as well (as they discontinue stacking fiat) 23:55:04 That's not single point of failure 23:55:06 You still have fiat 23:55:34 Land > fiat > gold 23:55:50 Er, i mean, land > fiat and gold 23:56:24 For sure, I agree with you as Monero has a higher existing stock to flow ratio than Gold does. This makes Monero useful relative to fiat who has broken supply dynamics haha 23:56:35 too bad that nobody owns land anymore w/o paying tax on it .. 23:56:52 Yeah, by nature. The idea of cryptograhically verifying supply was quite a smart one 23:56:57 You're putting trust in humans 23:57:00 When you use fiat 23:57:28 Counterfeiting is also a possibility 23:57:40 But not with Monero (again, assuming protocols are sound) 23:58:23 Yes, paper claims on gold were created to help Gold scale. The failure of owner's to assure they weren't rug pulled was the problem. Of course I agree it would be ideal if there existed a money with high stock to flow that was sufficiently divisible that it could scale in a trustless manner. This didn't exist until crypto showed up though. Fiat is just a coup-de-tat on Gold