which marketplaces are people using on the tor and i2p networks, nowadays..?

<letscage.com:matrix.org> housemate: nice try diddy

<helene:unredacted.org> @letscage.com:matrix.org: i'm sure they were asking about mullvad, right?

<helene:unredacted.org> right?

<fijxu:nadeko.net> nice try fed

blocks.p2pool.observer/proofs now has SupportXMR view key as well, unknown if they will post it on their site yet but details were shared for them to be public

looking at blocks.p2pool.observer/pools that's 71% of all blocks last week have a direct verifiable proof

<vlnst:nope.chat> Hi!

<vlnst:nope.chat> Can anyone explain how connections to Monero nodes work in general?

<vlnst:nope.chat> For what and when is rpc-ssl used (is it even used at all)?

<vlnst:nope.chat> Why doesn't this guide docs.getmonero.org/running-node/monerod-systemd cover it?

<vlnst:nope.chat> If I want to run a node for a specific group of people on a domain with login:password protection, is it recommended to use certificates? And should I use the ones from the domain or the ones generated by monero-gen-ssl-cert?

you mean when using mTLS?

<vlnst:nope.chat> Cindy: I don't know what mTLS is. I just saw the rpc-ssl option and was wondering what it is used for and how connection between users and nodes are secured

oh i thought you were talking about using certs to authenticate

instead of login:password

<eddie:oblak.be> SSL/TLS is used to encrypt connections, it has less to do with authentication/authorization

TLS is used to encrypt connections, but mTLS is used to also provide autheticatio

mutual TLS*

<eddie:oblak.be> yeah it's sort of authentication, true

<eddie:oblak.be> it's very similar to passwordless ssh

<eddie:oblak.be> But to answer @vlnst:nope.chat question, afaik the TLS on the rpc endpoints is used to prevent eavesdropping between the nodes.

and probably impersonation

<eddie:oblak.be> > If I want to run a node for a specific group of people on a domain with login:password protection, is it recommended to use certificates?

<eddie:oblak.be> Yes, if you make the endpoint public

i wanna ask

<eddie:oblak.be> otherwise a mitm can intercept the credentials

is it possible to make your own blockchain in monerod

for testing

<eddie:oblak.be> there should be a regtest mode I suppose?

<eddie:oblak.be> I've done it with bitcoin only, so far, but I assume it will exist for monero too

i saw it in a tutorial or something

<vlnst:nope.chat> I see most public Monero nodes don't use TLS (the clearnet ones). Does that mean people use nodes without any encryption? How bad can it be?

<eddie:oblak.be> It's not great

this was the tutorial lol

how to make a private LAN blockchain

<eddie:oblak.be> The communication between 2 nodes is not that problematic I would think, but between wallets and nodes should be private. correct me if I'm wrong

<vlnst:nope.chat> @eddie:oblak.be: Thank you for the explanations

<reaster:matrix.reaster.dev> hi, i have a tech question,

<reaster:matrix.reaster.dev> i'm running my own node since a log time actually, selfhosting, used to have my port 18080 and 18089 open, (i also had a tls redirection using a reverse proxy)

<reaster:matrix.reaster.dev> recently i setup un cloudflare proxy (mostly to hide my ip)

<reaster:matrix.reaster.dev> so using my reverse proxy tls i have access to my rpc node connection, ok

<reaster:matrix.reaster.dev> but is my node still "accessible" trough p2p? like how does it broadcast it's ip to others nodes?

<reaster:matrix.reaster.dev> because no, cloudflare free plan obviously doesn't allow to forward trough the same proxy the ports you want

you have to expose your P2P port somehow

and yes

cloudflare only lets you forward through HTTP

this is because they're not used to any protocols they could MITM in

<reaster:matrix.reaster.dev> it is exposed, if you query the ip and 18080 you'll get my node p2p socket

ah

<reaster:matrix.reaster.dev> just now my domain:18080 will not work (like it would before)

<reaster:matrix.reaster.dev> but i'm saying probably stupid things because p2p tech never relied on dns names in the first place

<eddie:oblak.be> But you are still exposing your home IP due to having the P2P port open there?

^

<reaster:matrix.reaster.dev> yeah, not really an issue to expose my home ip over the p2p,

<reaster:matrix.reaster.dev> it's mainly for the rpc connection that the proxy is usefull

<reaster:matrix.reaster.dev> because, (i'm not sure) but from the rpc connection, can they really get the ip of my node? not really

<eddie:oblak.be> It could be if the RPC responds with its origin Ip in some answer

<eddie:oblak.be> But I don't know if that would actually happens

<reaster:matrix.reaster.dev> yes if you look at the constellation of all the nodes, you will find my node ip, it's not that much of an issue

<reaster:matrix.reaster.dev> @eddie:oblak.be: it couldn't anyway, its dockerized, under a reverse proxy, under a nat, under a proxy, like good luck to get your real ip

if its under a NAT, good luck getting anyone to communicate with you

<eddie:oblak.be> Why do you want to proxy then the RPC connection anyway?

<eddie:oblak.be> Just curious about the reasoning

<reaster:matrix.reaster.dev> but anyway, i suppose the node p2p connection go ask a peer and the peer broadcast the ip that hit it and everyone is happy

<reaster:matrix.reaster.dev> Cindy: i'm not that much of a beginner come on, i've setup port forward on my nat

<reaster:matrix.reaster.dev> @eddie:oblak.be: so i can give away my rpc connection over a hostname, under 443 and my ip would be obfuscated by the proxy

<eddie:oblak.be> and if it's not a problem that peer nodes know your IP, why would it be a problem that rpc consumer know it?

<eddie:oblak.be> Or you don't want your own IP tied to the hostname?

<reaster:matrix.reaster.dev> @eddie:oblak.be: exactly, got it

<eddie:oblak.be> fair enough

<reaster:matrix.reaster.dev> on another subject, i use monero since 2years approx, and i'm still reticent to speak about it to my locals shops etc

<reaster:matrix.reaster.dev> like crypto theses days got so bad reps

<reaster:matrix.reaster.dev> my family, ok i managed to give them a wallet and explain but they just hold and do nothing

<eddie:oblak.be> you have an opportunity to educate the shops, most of them probably have no idea what it actually is

educate on what

<eddie:oblak.be> on how to use monero/crypto in a decent manner

<eddie:oblak.be> crypto never had a good reputation to begin with..

true

<eddie:oblak.be> but that's not because the technology is evil, or made for evil people only.

<eddie:oblak.be> The hard part imho is not the bad reputation, but the technological complexity

you think we could have monero integration in PoS systems

(point-of-sale)

<eddie:oblak.be> There're already PoS's that support it afaik?

like wut

<eddie:oblak.be> Something was used at monerokon, not sure how it is called

eddie: what software, though?

i mean

if it's some custom one, i doubt there'll be adoption

<eddie:oblak.be> You mean XMR should be integrated in "classic" PoS software

<eddie:oblak.be> ?

yes

i mean.. PoS systems already let you integrate whatever

i think they run a custom script

<eddie:oblak.be> I don't know, I am not very familiar with this

this is how they manage to accept many payment methods and currencies

(i guess, flexible in general)