09:13:42 <housemate> which marketplaces are people using on the tor and i2p networks, nowadays..?
14:56:16 <br-m> <letscage.com:matrix.org> housemate: nice try diddy
15:01:32 <br-m> <helene:unredacted.org> @letscage.com:matrix.org: i'm sure they were asking about mullvad, right?
15:01:34 <br-m> <helene:unredacted.org> right?
15:03:53 <br-m> <fijxu:nadeko.net> nice try fed
15:34:02 <DataHoarder> https://blocks.p2pool.observer/proofs now has SupportXMR view key as well, unknown if they will post it on their site yet but details were shared for them to be public
15:35:03 <DataHoarder> looking at https://blocks.p2pool.observer/pools that's 71% of all blocks last week have a direct verifiable proof
20:12:35 <br-m> <vlnst:nope.chat> Hi!
20:12:35 <br-m> <vlnst:nope.chat> Can anyone explain how connections to Monero nodes work in general?
20:12:35 <br-m> <vlnst:nope.chat> For what and when is rpc-ssl used (is it even used at all)?
20:12:35 <br-m> <vlnst:nope.chat> Why doesn't this guide https://docs.getmonero.org/running-node/monerod-systemd cover it?
20:12:35 <br-m> <vlnst:nope.chat> If I want to run a node for a specific group of people on a domain with login:password protection, is it recommended to use certificates? And should I use the ones from the domain or the ones generated by monero-gen-ssl-cert?
20:13:08 <Cindy> you mean when using mTLS?
20:18:54 <br-m> <vlnst:nope.chat> Cindy: I don't know what mTLS is. I just saw the rpc-ssl option and was wondering what it is used for and how connection between users and nodes are secured
20:19:34 <Cindy> oh i thought you were talking about using certs to authenticate
20:19:39 <Cindy> instead of login:password
20:25:04 <br-m> <eddie:oblak.be> SSL/TLS is used to encrypt connections, it has less to do with authentication/authorization
20:25:33 <Cindy> TLS is used to encrypt connections, but mTLS is used to also provide autheticatio
20:25:38 <Cindy> mutual TLS*
20:26:13 <br-m> <eddie:oblak.be> yeah it's sort of authentication, true
20:29:29 <br-m> <eddie:oblak.be> it's very similar to passwordless ssh
20:31:27 <br-m> <eddie:oblak.be> But to answer @vlnst:nope.chat question, afaik the TLS on the rpc endpoints is used to prevent eavesdropping between the nodes.
20:32:05 <Cindy> and probably impersonation
20:32:23 <br-m> <eddie:oblak.be> > If I want to run a node for a specific group of people on a domain with login:password protection, is it recommended to use certificates?
20:32:23 <br-m> <eddie:oblak.be> Yes, if you make the endpoint public
20:32:37 <Cindy> i wanna ask
20:32:41 <br-m> <eddie:oblak.be> otherwise a mitm can intercept the credentials
20:32:53 <Cindy> is it possible to make your own blockchain in monerod
20:33:07 <Cindy> for testing
20:33:23 <br-m> <eddie:oblak.be> there should be a regtest mode I suppose?
20:34:30 <br-m> <eddie:oblak.be> I've done it with bitcoin only, so far, but I assume it will exist for monero too 
20:36:57 <Cindy> i saw it in a tutorial or something
20:37:40 <br-m> <vlnst:nope.chat> I see most public Monero nodes don't use TLS (the clearnet ones). Does that mean people use nodes without any encryption? How bad can it be?
20:39:41 <br-m> <eddie:oblak.be> It's not great
20:40:26 <Cindy> https://github.com/moneroexamples/private-testnet/blob/master/README.md
20:40:31 <Cindy> this was the tutorial lol
20:41:02 <Cindy> how to make a private LAN blockchain
20:41:04 <br-m> <eddie:oblak.be> The communication between 2 nodes is not that problematic I would think, but between wallets and nodes should be private. correct me if I'm wrong
20:41:28 <br-m> <vlnst:nope.chat> @eddie:oblak.be: Thank you for the explanations
20:47:17 <br-m> <reaster:matrix.reaster.dev> hi, i have a tech question,
20:47:17 <br-m> <reaster:matrix.reaster.dev> i'm running my own node since a log time actually, selfhosting, used to have my port 18080 and 18089 open, (i also had a tls redirection using a reverse proxy)
20:47:17 <br-m> <reaster:matrix.reaster.dev> recently i setup un cloudflare proxy (mostly to hide my ip)
20:47:17 <br-m> <reaster:matrix.reaster.dev> so using my reverse proxy tls i have access to my rpc node connection, ok
20:47:18 <br-m> <reaster:matrix.reaster.dev> but is my node still "accessible" trough p2p? like how does it broadcast it's ip to others nodes? 
20:48:16 <br-m> <reaster:matrix.reaster.dev> because no, cloudflare free plan obviously doesn't allow to forward trough the same proxy the ports you want 
20:48:16 <Cindy> you have to expose your P2P port somehow
20:48:24 <Cindy> and yes
20:48:31 <Cindy> cloudflare only lets you forward through HTTP
20:48:44 <Cindy> this is because they're not used to any protocols they could MITM in
20:49:33 <br-m> <reaster:matrix.reaster.dev> it is exposed, if you query the ip and 18080 you'll get my node p2p socket
20:50:11 <Cindy> ah
20:50:26 <br-m> <reaster:matrix.reaster.dev> just now my domain:18080 will not work (like it would before)
20:50:51 <br-m> <reaster:matrix.reaster.dev> but i'm saying probably stupid things because p2p tech never relied on dns names in the first place
20:53:30 <br-m> <eddie:oblak.be> But you are still exposing your home IP due to having the P2P port open there?
20:53:42 <Cindy> ^
20:54:11 <br-m> <reaster:matrix.reaster.dev> yeah, not really an issue to expose my home ip over the p2p,
20:54:11 <br-m> <reaster:matrix.reaster.dev> it's mainly for the rpc connection that the proxy is usefull
20:54:47 <br-m> <reaster:matrix.reaster.dev> because, (i'm not sure) but from the rpc connection, can they really get the ip of my node? not really
20:55:54 <br-m> <eddie:oblak.be> It could be if the RPC responds with its origin Ip in some answer
20:56:03 <br-m> <eddie:oblak.be> But I don't know if that would actually happens
20:56:06 <br-m> <reaster:matrix.reaster.dev> yes if you look at the constellation of all the nodes, you will find my node ip, it's not that much of an issue
20:56:58 <br-m> <reaster:matrix.reaster.dev> @eddie:oblak.be: it couldn't anyway, its dockerized, under a reverse proxy, under a nat, under a proxy, like good luck to get your real ip
20:57:27 <Cindy> if its under a NAT, good luck getting anyone to communicate with you
20:57:45 <br-m> <eddie:oblak.be> Why do you want to proxy then the RPC connection anyway?
20:58:05 <br-m> <eddie:oblak.be> Just curious about the reasoning
20:58:15 <br-m> <reaster:matrix.reaster.dev> but anyway, i suppose the node p2p connection go ask a peer and the peer broadcast the ip that hit it and everyone is happy
20:58:38 <br-m> <reaster:matrix.reaster.dev> Cindy: i'm not that much of a beginner come on, i've setup port forward on my nat
20:59:38 <br-m> <reaster:matrix.reaster.dev> @eddie:oblak.be: so i can give away my rpc connection over a hostname, under 443 and my ip would be obfuscated by the proxy
21:02:16 <br-m> <eddie:oblak.be> and if it's not a problem that peer nodes know your IP, why would it be a problem that rpc consumer know it?
21:03:07 <br-m> <eddie:oblak.be> Or you don't want your own IP tied to the hostname?
21:03:17 <br-m> <reaster:matrix.reaster.dev> @eddie:oblak.be: exactly, got it
21:03:39 <br-m> <eddie:oblak.be> fair enough
21:08:30 <br-m> <reaster:matrix.reaster.dev> on another subject, i use monero since 2years approx, and i'm still reticent to speak about it to my locals shops etc
21:08:44 <br-m> <reaster:matrix.reaster.dev> like crypto theses days got so bad reps 
21:09:39 <br-m> <reaster:matrix.reaster.dev> my family, ok i managed to give them a wallet and explain but they just hold and do nothing
21:49:31 <br-m> <eddie:oblak.be> you have an opportunity to educate the shops, most of them probably have no idea what it actually is
21:49:50 <Cindy> educate on what
21:50:39 <br-m> <eddie:oblak.be> on how to use monero/crypto in a decent manner
21:52:30 <br-m> <eddie:oblak.be> crypto never had a good reputation to begin with..
21:52:53 <Cindy> true
21:53:02 <br-m> <eddie:oblak.be> but that's not because the technology is evil, or made for evil people only.
21:58:04 <br-m> <eddie:oblak.be> The hard part imho is not the bad reputation, but the technological complexity
21:58:41 <Cindy> you think we could have monero integration in PoS systems
21:58:46 <Cindy> (point-of-sale)
21:59:23 <br-m> <eddie:oblak.be> There're already PoS's that support it afaik?
21:59:36 <Cindy> like wut
22:00:38 <br-m> <eddie:oblak.be> Something was used at monerokon, not sure how it is called
22:10:00 <Cindy> eddie: what software, though?
22:10:10 <Cindy> i mean
22:10:19 <Cindy> if it's some custom one, i doubt there'll be adoption
22:13:46 <br-m> <eddie:oblak.be> You mean XMR should be integrated in "classic" PoS software 
22:13:47 <br-m> <eddie:oblak.be> ?
22:13:53 <Cindy> yes
22:14:02 <Cindy> i mean.. PoS systems already let you integrate whatever
22:14:10 <Cindy> i think they run a custom script
22:14:19 <br-m> <eddie:oblak.be> I don't know, I am not very familiar with this
22:14:33 <Cindy> this is how they manage to accept many payment methods and currencies
22:14:44 <Cindy> (i guess, flexible in general)