00:01:07 bobboiplays pronouns are it/that 00:01:17 yes 00:01:52 its hr/him 00:01:58 its he/him 00:04:50 Yours are? I doubt it 00:05:24 You doubt a biological male? 00:05:58 There are no biological males, you bigot 00:06:08 tf you mean 00:07:00 You hurd me 00:07:18 so the presence of a penis doesnt mean a man 00:07:30 Correct 00:07:35 When people talk about that kind of stuff I don't even know if they're ironic or not these days. 00:07:48 Nah bro this idiot 00:08:04 i feel attacked 00:08:23 Can you attack me in Monero Offtopic instead, before we get in trouble 00:08:29 I feel like Im being lied to 00:08:33 ok 00:08:48 On https://www.getmonero.org/resources/moneropedia/remote-node.html i found only one explanation of why remote nodes is risky: "Node operators can link transactions to IP addresses", so, if i use i2p/tor for connecting to them , there is no other issues(Except i dont support decentralization on monero in such case)? Or remote node also can send me fake transaction, for example? 00:09:36 no there is also decoy selection issue. Your wallet needs information to properly select decoy and trust the node for that. 00:10:00 If you use a remote node you don't trust, it can give you intentionally wrong decoy informations for you to build a weak ring 00:10:06 If youre the only person using the node, its also easy for them to link your tx's together 00:10:37 in this case he would likely be using Tor 00:10:58 not link to your ip, but to link the tx to one another 00:11:09 thank you 00:11:22 As follow up tx are likely to reference old tx as decoy 00:20:26 Then use your own local node 00:23:32 That literally leaks all of your tx 00:40:50 ?? 00:42:06 Only you can see your Transactions because you have the Private View Key 00:44:38 Only you can see your tx info. Everyone can see your txid 00:44:59 Info, meaning amount + sender + receiver 00:45:46 If your using own local node in either remote or locally no one should see your ip or tx 00:45:53 To be specitic: using your own node (out of the box) leaks your node as the origin of the transaction 00:46:18 This is assuming that you run the node from home and behind a router 00:46:36 But no ip or any other info 00:46:37 And? Node is running over Tor 00:46:46 Yes ip ... 00:47:09 Your node is attached to an ip address ... 00:47:24 Peers know who send them what 00:47:34 Peers know who sent them what 00:47:36 > <@ofrnxmr:xmr.mx> To be specitic: using your own node (out of the box) leaks your node as the origin of the transaction 00:47:38 And? Node is running over Tor and the TXs can not be linked together because you get every 5-10 minutes an New IP 00:47:48 Tor.. 00:48:08 ^ 00:48:09 ofrnxmr he is right 00:48:10 now bend 00:48:14 now bow to your king 00:48:25 I said "out of the box" 00:48:48 If you add --tx-proxy or --proxy, then the results change 00:49:27 But saying "just run your own node if you want privacy" is bad advice 00:50:15 i disagree 00:50:39 the decoy selection safety alone is already more important than the IP origin 00:50:52 Just run your Node in an Whonix VM 00:51:04 Its not if you want privacy 00:51:54 Knowledge that your IP sent a specific txid a 1:21AM is an issue 00:52:01 So if im using my own local host on the clearnet with no proxy and its process my transaction are you saying that my local node will leak my IP?? 00:52:12 Yes 00:52:18 So if im using my own local node on the clearnet with no proxy and its process my transaction are you saying that my local node will leak my IP?? 00:52:23 less an issue than txid, ring is completely transparent 00:52:32 less an issue than ring is completely transparent 00:53:09 Yes. As you are an outgoing only proxy. 00:53:12 Damn then kayaba gave bad advise yesterday 00:53:30 what advice exactly did he gave? 00:54:36 I asked him question on Monero talk about the malicious nodes and he went into a bit detail let find it give me a minute 00:54:53 > <@syntheticbird:monero.social> what advice exactly did he gave? 00:54:54 I asked him question on Monero talk about the malicious nodes and he went into a bit detail let me find it give me a minute 00:54:58 anyway, Cuprate will rule upon this land and you will fall into Ferris Kingdom. 00:55:04 be ready to pray our crab god 00:55:29 Its been ~1minute 00:55:37 really not 00:55:51 My clock says :54 -> :55 00:56:07 very funny ofrnxmr 00:56:09 Looks like 1minute to me! 00:56:11 \* take fentanyl \* 00:56:15 Now it says :56! 00:58:17 https://www.youtube.com/live/jxPulIjhXwg?si=zfqV-VUOYAPVbtrx go to 1:25:29 time mark 00:59:13 Sorry about delay daylight saving just kicked in😎 01:00:30 I believe he might mentioned cuprate or something similar it was over 2 hours of talk 01:03:09 Ok I mean he is right on the fact that you should use a VPN/Tor, and regarding local node he didn't explicited the obvious assumption that the first node which receive your tx in dandelion++ stem phase should be *"trusted"*. 01:03:35 when you are in outgoing only at least 01:03:39 "if dandelion ++ is secure" 01:03:47 You can't be certain of that obviously 01:04:57 "other nodes cant see which node first broadcasted the transaction" statement hinges on dandelion++ being secure (which is isnt) 01:05:19 yep it's a mistake 01:05:20 Is it secure 01:05:37 Linkinglion and (booger900's banlist) has been spying on monero since at lease 2020 01:05:48 dandelion++ safety assumes that any participants of the network is capable of receiving and emitting. Which isn't the case for outgoing only mode 01:05:50 it's real 01:06:01 It's not just ofrnxmr on drugs telling you that 01:06:08 Yeah, I mentionned that many time 01:06:16 I was in this room wondering why using --tx-proxy wasn't standard since before dandelion++ existed but that's just me 01:06:57 Lyza, dont u remember the tx-proxy has a lot of bugs :) 01:06:59 Had* 01:07:02 Damn so my opsec is fucked in away except i use vpn 01:07:08 And still does have 1 very bad one 01:07:20 I so do remember :( 01:07:23 or Tor 01:07:31 or an inbound compatible node 01:07:35 somewhere on a VPS 01:08:16 if you use tx-proxy, your node wont broadcast any of your rpc tx from your own node 01:08:44 (thats why its callex tx-proxy). It uses your onion/i2p peers to send the tx 01:09:24 it _only_ effects rpc traffic, so latency isnt really an issue 01:10:26 I use VPN just for my wallet but my node is on clearnet and tor though i rare use tor 01:10:34 The privacy leak there is if youre connecting to the node over clearnet, w/o ssl. The isp can see the tx on its way to the node 01:10:41 I use VPN just for my wallet but my node is on clearnet and tor though i rarely use tor 01:10:51 My nodes all use tx-proxy for tor and i2p 01:11:00 Always use le HTTPS 01:11:06 the green lock means secure 01:11:18 don't go shopping if the lock is red 01:11:28 Plowsof's nodes do too. So if you send a tx to a plowsof onion, it will be broadcasted by someone elses node. 01:11:32 most wallets don't support self-signed SSL certs very well making it hard to avoid mitm unless you buy a womain and register a certificate 01:11:34 /me locks [@syntheticbird:monero.social](https://matrix.to/#/@syntheticbird:monero.social) in a kennel 01:11:55 100% Https always 01:11:56 Most wallets dont do any cert pinning :P 01:11:58 You'll be safe in there. 01:12:19 Mitm self signed certs is a simple matter 01:12:52 So for sending tx to remote nodes that dont have a CA signed cert, its best to use onion/i2p 01:14:42 I dont mind syncing my wallet over clearnet, but i usually will switch to my onion if i need to send a tx 01:16:03 Always remember your threat model, using monero alone is already best practice for average joe 01:16:06 So if I run my node behind VPN will work? 01:16:40 yes 01:16:51 If you trust your VPN provider 01:17:24 Tor is probably easier 01:17:42 tor is definitely easier for tx-proxy 01:17:49 Ok problem solved turns out mullvad was running and i forgotten about it 01:18:57 your node has a peerid 01:19:24 But will need to move my node to different device and run tor behind 01:19:39 Why? 01:20:20 i2p is so sexy tho 01:20:41 mullvad is the solution to all our problem 01:22:59 My node on one my Ryzen 9 7950X no need I going move it to my RPI4 once my RPI5 comes so move HA to it 01:23:37 What does this have to do with tor? 01:26:31 My bad i misread your question 01:27:00 no 01:27:06 be harsh 01:27:22 don't let ofrnxmr make you feel guilty 01:28:18 😂 but i really did misread now when look at im wtf am talking about 01:28:21 Apology accepted! Too late, synbhebird 01:29:49 Is there any work happening with p2p encryption i do remember reading a few years back that it was supported as it incresses the attack surface 01:30:05 Is there any work happening with p2p encryption i do remember reading a few years back that it wasnt supported as it incresses the attack surface 01:31:44 Yea but its not active 01:33:12 Probably for that reason 01:33:13 Bitcoin has multiple types of peers. Monero should do something similar 01:34:13 https://github.com/monero-project/monero/pull/8996 01:35:14 Wouldn't that increase the vulnerabilities? 01:36:40 No 01:36:59 It would decrease the requirement for every peer to be used for everything 01:38:52 https://github.com/monero-project/monero/issues/7078 01:40:10 Oh, youre asking about p2p, i thought you were asking about this^ 01:41:12 Self-signed certs are easy to MITM 01:41:27 And your node wouldn't know the difference 01:41:57 > Eclipse attacks cannot be prevented either - an attacker can hijack TCP sessions, and the local node doesn't know whether a MitM is occurring or whether the remote node has changed pubkeys (dynamic IP or settings change). 01:44:34 They trying acheive similar objects 01:45:46 > <@ofrnxmr:xmr.mx> Oh, youre asking about p2p, i thought you were asking about this^ 01:45:48 They trying acheive similar objectives 01:46:11 This isn't about p2p encryption but about having peers work as a team instead of all peers behaving the same 01:46:36 Oh ok 02:32:48 I just check port fowarding in Mullvad has been stopped so running vpn behind node not looking good 02:44:43 <321bob321:monero.social> yeah they all stopped it 02:44:54 <321bob321:monero.social> i think airvpn works, but never used it 03:05:06 Get a 5$ vps and forward port to your node with your own wireguard vpn 05:40:10 From where 06:55:03 https://kycnot.me/?t=service&q=&xmr=on 06:55:33 kyun, servers guru 07:01:43 Thankz 07:32:26 ?is first node should be "trusted" for network privacy, or another reason 07:45:08 wallets should definitely warn when connecting to self signed certs (or not using tls) 08:22:50 Thats the default 08:23:12 Would be a _lot_ of warnings 09:16:53 Why hosting an Node on an VPS?? 09:17:00 I would host it locally 09:17:10 I would host it local 09:21:24 You don't have to have the node on all the time, right? You can just sync it when it is needed for use? 09:22:24 hello 09:22:36 does using a VPN prevent mining on monero? 09:24:17 yes if the vpn blocks the pool communication 09:24:37 ok, i can try mining with the VPN turned off to see what happens 09:24:50 is there a way to configure the VPN to prevent that 09:25:09 If the Pool hoster blocks the VPN * 09:25:13 it just depends on your vpn whatever services they block or something 09:25:16 . 09:25:19 oh, i am hosting locally 09:25:52 are you gonna mine on a free vpn no u wont they block torrenting too etc 09:25:57 FYI i am new to monero. i am just trying to mine for the first time 09:26:13 Yes if you start it every week then it takes around 15 minutes to full sync 09:26:16 no this is not a free VPN, i am able to torrent just fine 09:26:27 > <@m-relay:monero.social> You don't have to have the node on all the time, right? You can just sync it when it is needed for use? 09:26:28 Yes if you start it every week then it takes about 15 minutes to full sync 09:26:40 i'm actually syncing atm 09:26:56 Get mullvad. 09:27:00 but i get an error when i start mining 09:27:05 it's error 13 i believe 09:27:10 Which error 09:27:17 Message 09:27:40 sorry i am syncing atm, about 2000 blocks left 09:27:50 but i can test it out and give you the output 09:28:06 i can also disable the VPN and test it without it 09:28:23 I think you need to have the node synced 100% 09:28:41 > <@m-relay:monero.social> sorry i am syncing atm, about 2000 blocks left 09:28:42 I think you need to have the node synced 100% otherwise you cant mine the new blocks 09:28:48 it's at 1650 blocks remaining 09:29:26 yes i was doing this before when i was synced. i can try running with the CLI so i can get an output of what's happening 09:29:35 1490 blocks 09:29:47 1370 09:30:24 it may just function with the VPN off, which will be kind of disappointing 09:31:17 It will only function when you have your node 100% synced. 09:31:55 yes, i am waiting for the node to sync. but this issue happened while the node was synced 09:32:27 811 blocks remaining 09:32:54 so i am also using "gupax" in addition to "monero-gui" 09:33:04 in both cases, i was unable to mine 09:34:03 i also have IPv6 blocked 09:34:18 though my general firewall settings are pretty open now 09:34:56 351 blocks 09:36:00