00:13:25 Aha. 00:14:32 I think i've seen this subnet in the blocklist 00:14:42 The IP is connecting to my node, sending a ping command to stay alive. Then whenever I get a new transaction come in, it sends request 1007 00:15:06 this log level 1 00:15:33 What does request 1007 do? 00:15:49 RECEIVED_NEW_TRANSACTIONS, like 50ms laters send 1007 00:15:59 chatgpt says NOTIFY_NEW_TRANSACTIONS 00:16:15 hmm 00:20:26 https://github.com/monero-project/monero/issues/9496 00:21:13 chatgtp? 00:22:13 im just asking chatgpt what the hell command-100X means in the level 1 logs 00:22:37 there this weird node connecting to peoples node and doing funky stuff with transactions 00:22:43 I think its trying to break dandelion++ 00:23:15 it's known: https://github.com/monero-project/research-lab/issues/126 00:25:55 Smells like Chainalysis. 00:27:13 yea 00:28:07 Banning IPs won't be an effective solution, as that would only address a temporary symptom rather than the underlying problem. However, if we encourage users to use TOR or I2P when sending transactions, it could render eavesdropping attempts futile. What are your thoughts on this approach? 00:30:25 some of my nodes are both clearnet and tor 00:34:03 I should probably add enable-dns-blocklist 00:35:05 it would be a good solution, however our Tor impl is not perfect: https://dl.acm.org/doi/abs/10.1145/3589335.3651487 (going to fixed). Plus with the amount of nodes they run it's a network security risk as well 00:35:14 it would be a good solution, however our Tor impl is not perfect: https://dl.acm.org/doi/abs/10.1145/3589335.3651487 (going to be fixed). Plus with the amount of nodes they run it's a network security risk as well 00:43:08 How will this be fixed? 00:43:42 tx-proxy 00:44:46 Isn't this already supported? 00:45:05 Use it ? 00:45:24 boog900 00:45:38 should i stop having my nodes priority-node connect to each other 00:45:38 Oh nvm this is a different issue 00:45:59 I don't understand. 00:46:14 If a public client sends a transaction through one of my public nodes 00:46:34 and my public nodes choose my other public nodes as that anonymity stage for dandelion 00:46:54 by not inserting the nodes incoming onion address to the end of the peer list message + by randomly re-routing txs over, currently they only do 1 Tor hop 00:46:56 these trackers can connect to all my public nodes to try and pick up the fluff stage 00:47:09 but this is is probably unlikely 00:47:46 my nodes are unlikely to choose my priority nodes as the initial anonymity stage dandelion all time. 00:47:56 its I assume 1/the number of nodes you are currently connected to 00:48:22 I don't think Tor is a good solution for the long term, though. Considering that most nodes are suspiciously located in Germany, which may be run by Interpol, is it possible to migrate to I2P instead? 00:48:23 only outbound connections are used to stem, I would just ban the nodes: https://github.com/Boog900/monero-ban-list/tree/main 00:48:57 is priority node in bound our outbound connection? what if two nodes have priority-node for each other 00:49:28 that means they are always connected 00:49:38 you can use I2p with monero now, it gets priority for routing your txs if you set Tor as well. 00:50:07 says you have 50 outbound connections 00:50:25 then every 1/50 transactions you get, you'll send it to your other node your are priority connected to 00:50:49 we should probably disable sending txs to priority nodes imo 00:51:10 > is priority node in bound our outbound connection? 00:51:11 outbound 00:51:13 > what if two nodes have priority-node for each other 00:51:15 No clue, probably which eve connects first has the peer as outbound 00:51:17 ever* 00:51:59 > we should probably disable sending txs to priority nodes imo 00:51:59 why? 00:52:06 yea, so the stem phase may be sent to your priority nodes 00:52:15 and an advesary knows what your public nodes are 00:52:24 they can connect to your public nodes and listen for transactions 00:52:50 obviously its unlikely that all your stem transmits will go to another priority node you have 00:52:55 buts its possible 00:54:53 I don't see how that's a problem, they would still need your node to connect to a spy and for that spy to be chosen as a stem 01:37:36 Done: 01:37:37 https://github.com/sethforprivacy/simple-monerod-docker/commit/cea9d8c83738f8164f8d8e09648c916c571c1571 01:37:39 Note that anyone running the image WITHOUT setting any custom flags/configs will get the ban list automatically applied, but anyone customizing the config at all (most people) will need to add this line to their command or config: 01:37:41 `--ban-list=/home/monero/ban_list.txt` 01:37:43 OR 01:37:45 `ban-list=/home/monero/ban_list.txt` 01:37:47 The ban list itself is the latest from boog900 but is locally pinned as I didn't want to pull in an external repo I have no control over at build time. If there are major updates to the list please let me know. 01:38:34 I've subscribed to changes to the repo so will do my best to keep up with it. 01:40:45 Seth For Privacy: Thank you! 01:48:46 hmm 01:48:53 If I use a vps with an ipv6 range 01:49:33 I can host at my house a proxmox node. On there I can put tiny stupidly underpowered (half fractional cpu, 1gb ram, lots of swap) vms on them. I can route the traffic from the vms to each ipv6 address on my vps 01:49:49 this can like fight the war against these fake proxy nodes 01:50:14 the nodes don't have to be fast enough for public rpc access, just used for p2p 01:51:44 As more and more legitimate nodes emerge, I assume that this threat will have fewer impacts, since the probability of a spy node being selected as one of the D++ nodes becomes much smaller? 01:52:03 or dandelion++ gets replaced 01:52:05 As more and more legitimate nodes emerge, I assume that this threat will have fewer impacts, since the probability of a spy node being selected as one of the D++ leaves becomes much smaller? 01:52:33 What alternatives are there? I'm not aware of any. 01:56:49 Tor / i2p 01:57:26 Forcing only Tor and I2P usage? 01:57:54 honestly I agree, tor is just much better solution overall. A fully synced node doesn't use that much bandwidth anyway. 01:58:26 We need more nodes on tor. It's also a lot easier to host tor entry nodes than exit nodes 01:58:53 Basically anyone can host a tor entry node, so, hopefully it wouldn't be too much of a strain on the tor network. 02:35:22 --tx-proxy 02:36:38 Tor/i2p should be bundled, run out of the box 02:37:10 Or maybe that monerod gui can do it ? 03:43:23 dear elongated. 03:43:30 we appreciate your suggestion 03:43:35 you have no idea. 03:43:36 NO IDEA 03:43:51 of how it was a challenging TO TRY to get i2p bundled in monero 03:44:06 There were DRAMA 03:44:10 cross-community drama 03:44:52 GUI route then 03:56:21 Leave that to the wallet developers to implement. Can't make the GUI and CLI be Tor-only, or Tor by default. That's just a pipe dream... 04:05:54 Kovri* 04:33:42 <321bob321:monero.social> Use feather if you want tor 04:36:18 Pipe dream 04:41:27 <321bob321:monero.social> If i hit you with the pipe you will dream it 04:44:55 Pipe wallet 05:14:55 Hit me with your pipe, daddy! 🍆 06:22:09 Which wallet has gui for monerod? Monero-gui is almost dead; feather has daemon gui on roadmap for months/yrs 06:22:09 Plug n play tor/i2p for monerod would be very good 06:40:59 How do you think if Monero goes above $200? I don't know whether I should hold it or not 06:42:16 Sell and sleep 06:46:46 Wut u mean wallet GUI for monerod? Maybe monerod gui stuff by eve... plowsof! You know this one! 06:47:17 Yes, by @everoddandeven:monero.social. 06:47:19 Yah 06:47:32 Just read Revuo. 💅 06:47:58 Here. https://www.revuo-xmr.com/weekly/issue-218/ 06:48:10 Yah, I hope it does tor/i2p by default 06:48:17 https://github.com/everoddandeven/monerod-gui 06:49:46 Does it already have tor/i2p or wip ? 06:50:33 I don't know and I frankly don't care. That nym is in the community matrix room or in Revuo, ask them directly. 06:51:49 You don’t care if it’s easy to deploy tor/i2p for monerod ? Anyways thanks 06:54:54 Yes, I do not care. 06:55:01 Also. 06:55:57 Wallet developers don’t want to deal with monerod 06:56:10 https://docs.getmonero.org/running-node/monerod-tori2p/ 06:57:07 Right... They make wallets that connect telepathically to thankful_for_today excel spreadsheet and that is how most XMR wallets work. How could I miss that... 06:57:59 They don’t want to manage monerod 😅 you are so dense 06:58:18 Pour dissolvent solution over my head! 06:58:57 Anyways, Feather has a built-in Tor daemon, Mysu has a built-in Tor daemon. 06:59:09 GUI and feather haven’t done anything on daemon management front for years, which other wallet is left ? 06:59:25 I still don't get what you mean by this, at all. 06:59:36 Dude those are just connecting to remote node , not managing daemon 06:59:39 Feather can be Tor-only if user chooses to. 06:59:56 You can connect to your own local node through Tor too, you dumb nuts. 07:00:22 This is the monerod-gui https://github.com/everoddandeven/monerod-gui , most likely a feature requestbas these where not part of the original bounty thatbfunded itn, i can confirm soon 07:00:40 lol 😂 seriously go and read the come again tomorrow morning 07:00:47 Ok retard. 07:00:50 lol 😂 seriously go and read the conv again tomorrow morning 07:01:03 Check the mirror 07:01:31 It says ur qt. Let's go on a date where you try to explain with apples and a whiteboard wtf you mean by monerod and wallets... 07:01:39 Because you are still making zero sense. 07:02:03 Want a remote note? Use a remote node. 07:02:05 Have a local node? Use local node. 07:02:07 Clearnet? Clearnet. 07:02:09 Tor? Tor. 07:02:18 And you can’t make sense of words 07:02:25 What the fuck do you keep mumbling about a monerod and tor and daemons and wallet daemons bs? 07:02:32 Lol. 07:02:38 Take the bickering to another room 07:02:55 Don’t reply if you don’t understand 07:03:03 I am asking so you explain to me. 07:03:06 But you haven't? 07:03:30 Unless you are the one who doesn't know what he's saying? 07:03:34 🤔 07:04:31 If there a plug and play daemon management gui app which has tor/i2p for monerod ? 07:07:16 This is the only monerod GUI stuff to date. Like I said 30 messages above, ask that nym or open an issue in the repository... 07:08:07 And I was discussing about it but you wanted to argue for no reason 07:08:48 Anyways hope you mature at some point in your life 07:10:45 Only fruits mature! 07:10:50 They get ripe! 07:11:12 But what can we discuss about when you can go straight to the source! 07:11:43 Indeed, I'll go wrap my head in newspaper and sit still for 3 days to see if I 'mature' enough for your standards. Have a wonderful Thursday! 07:21:38 Oh this isn't the workgroup channel, i should have known as there wasn't 1000 messages running in circles 07:26:34 Happy international volunteer day, everyone! 🥳 The prestigious XMR workgroups celebrate all together in this beautiful day! https://nationaltoday.com/international-volunteer-day/ 08:19:40 hello. Is this the official monero app? It says is not verified. https://flathub.org/apps/org.getmonero.Monero 08:46:41 check getmonero.org 10:13:58 Be careful, the "Monero" app is a squatter, as as monero.com. It is owned by cake wallet, and is NOT the monero project. 10:14:49 (they're believed to not be scammers though) 10:22:58 moneromooo, you should see haveno.com 10:24:05 Monero.com doesnt pretend to be anything official, (and the links on getmonero are to cakewallet.com) 10:25:08 there is no official anything, even the monero-projects github wallet is the "reference" wallet. you probably mean trusted / safe .. good question 10:26:04 haveno.com states that they host the official source code repository 10:27:25 Monero.com makes no such claims and doesn't try to misrepresent as being an "official" or even a community project 10:29:05 The only possible confusion for monero.com is the url. Haveno.com tries to portray itself as _the_ "official" haveno and repo 10:33:02 I have no idea about haveno, sorry. I only vaguely follow. 10:33:33 Just take one look at that website :) 10:33:36 Monero.com doesn't pretend is disingenuous. 10:33:49 It's *monero.com*. That's canonical pretending. 10:34:14 Adding "we're not monero" once they got lots of people incoming ensures some will not notice 10:34:25 It's a giant dick move and it's fucking obvious. 10:34:37 It says "monero.com by cake wallet" in the header 10:36:04 indeed the flatpak version is advertised here https://github.com/monero-project/monero-gui 10:38:09 however, it feels a bit untrustworthy for not being a verified app. 10:57:44 The road to verification has been bumpy 10:58:36 flathub giving headaches? 11:00:20 the process is annoying and doesnt really provide any security 11:08:21 not security but a layer of trust. I remember a while ago some wallet got uploaded on flathub and people remained without their money upon using it. 11:16:04 Nothing monero is official 11:16:24 The monero-gui in flathub is maintained by a community member 13:00:05 Revuo Monero Issue 220: November 28 - December 5, 2024. https://www.revuo-xmr.com/weekly/issue-220/ 14:02:12 it is official wallet by The Monero Project 14:03:49 everything maintained by monero-project is official 14:05:28 Lmfao 14:05:59 plowsof and ofrn are the coo and ceo, i think we'd know what is and isnt official 14:06:21 The software is owned by nobody and is maintained by individuals 14:06:33 Nothing is official 14:07:54 Miners, exchanges, node runners choose what is official. Devs choose what they want to work on (cuprare etc). Absolutely nothing is official. 14:07:55 reference software? Sure. Official? No. 14:09:21 choose what is official to them*. The consensus of the network (ring size, ?bulletproof, randomx) might also be considered official. monerod? No. 14:10:42 lmao 14:10:50 would you cool Tor not official? 14:10:54 would you call Tor not official? 14:11:40 nice fantasy 14:12:27 Are you cooked? 14:12:34 Would you call bitcoin core official? 14:12:55 Or bitcoin cash node official? 14:13:21 yes 14:13:30 search what the word "official" means 14:13:35 Then youre an idiot, sorry 14:13:49 skibidi toilet 14:13:58 Bitcoin core is not the official bitcoin implementation 14:14:10 Its just one of them 14:14:33 . 14:14:36 . 14:14:49 Cuprate is just as official as monerod 14:15:22 hell yeah we're going to conquest you all 14:15:24 Funded by community, worked on by community, open source, follows consenaus, shares no code with monerod 14:15:30 keep dodging 14:15:44 this is not what I'm asking 14:15:49 Youre asking about tor 14:16:24 i answer your irrelevant nonsense with an equally absurd response 14:17:08 rando, the correct word is *reference implementation* 14:17:33 Cuprate and Monerod are both official. monerod is the *reference implementation*, cuprate is not 14:17:37 Syntheticbird ^, i said that too 14:18:12 yet* 14:19:02 Monerod is only _the_ reference because its the _only_ reference 14:20:19 no, because it is endorsed by the core team and most importantly is actually the one dictating the direction of the network/cryptocurrency. We could be 100 time better than monerod, if monerod devs take the decision we would not be the *reference*. 14:20:42 Core is 1.5 people and a niocat 14:21:04 Nobody cares what they endorse, if im being perfectly honest 14:21:11 They dont even care 14:21:24 70% of the core team just fucked off without saying goodbye 14:21:42 The other 30% pops their head up when someone complains about money 14:21:54 20/30%** 14:22:42 The remains 10% is articmine, who doesnt get involved in anything but scaling and research 14:23:15 Or ducks their head and dodges the transparency report 14:23:33 Has anyone bothered to sync the old view wallets for xmr? Donations have been coming to that wallet for years 14:26:55 I have several days of scrollback for this channel 0_o 14:27:12