Wow I get in a plane and Bitcointalk goes nuts in my absence:)

I think I'm going to start by addressing some of the concerns in BlockaFett's first post. I'd like to note, having read through this thread, that BlockaFett has not contacted me at all to discuss his concerns. I would really have appreciated that as being the first step here, but no matter.


It is absolutely correct that I can see information on MyMonero accounts that others obviously cannot.


I think you're misunderstanding how the viewkey works. I can see funds that are received, but I can't see which signature in an input is the correct one, so there's very little information I can exploit. At best I can see funds moving between MyMonero accounts, but I have no way of determining whether funds have been transferred out to an exchange or anything like that. Thus I cannot possibly use the information to give me information on dumps, and I cannot possibly know about "pumps" without simultaneously having access to everyone's BTC wallets.

I'd also like to point out that we have never claimed that Monero is the "most decentrazlied coin" (sic), and we definitely don't claim it is the "most anonymous". I'd be hard-pressed to define "most decentralised", but clearly Bitcoin is the only cryptocurrency with enough hashpower and a sufficient distribution of nodes to be called "most decentralised". In terms of anonymity, the ZeroCoin/ZeroCash cryptocurrency (as and when it is released) will offer privacy that is nearly absolute, and is thus would earn the crown of "most anonymous". It has other issues (such as cryptography that is untested and not yet sufficiently reviewed), but Monero definitely does not lay claim to that.

I think this may be your misinterpretation of what people are claiming.


I'm not sure the relevance of this or what connection you're trying to make here. Are you implying that it is bad for me to be building out services for the cryptocurrency ecosystem? Or is the implication that trying to publicly raise funds is bad? I don't see an issue with either - I/we didn't raise any funds in the end with VertPay, and we pivoted off that and repositioned ourselves to create a more generalised solution. I'm still not understanding what your implication is.


You are 100% correct on this. As has been pointed out in this thread already, though, I have made an effort, through MyMonero, to host a giveaway on Bittrex and try and shift some volume there. This is at odds with your implication that somehow I am in cahoots with Poloniex, profiting off their dominance.


The core team does not have visibility on MyMonero's data. Additionally, there are several GUI wallets that the website links to and that plenty of people use. And, too, the CLI wallet is not particularly difficult. Lastly, we put work on the GUI on the back-burner last year after the block 202612 attack, and we indicated publicly why we had to do this. It is imperative that we work to ensure everyone's funds are secure, rather than prematurely shove out some GUI.

Nonetheless, the code for the work we had done on the GUI has been made public: https://github.com/monero-project/monero-core so anyone can work on it and release it.

The CryptoNote GUI wouldn't work with Monero as our code is too differentiated, and there are fundamental changes we've made to the way wallets work and store data, and the way they communicate with the daemon.

Again, we have never claimed to be the "most secure and untraceable coin". Bitcoin is the most secure. ZeroCoin/ZeroCash will be the "most untraceable" (to its detriment, when coupled with the whiz-bang cryptography).


No, we do know. Git is an amazing tool for being able to step back and look at where code comes from. You can use git-blame yourself on the crippled code, and you can also check where we caught the issues and updated them:

https://github.com/monero-project/bitmonero/commit/3cc45e9324a402aee91e2f46861b2ca393d711aa
https://github.com/monero-project/bitmonero/commit/44f61c3965d569c288520b75356ad3bdc68b47d1

And correlate that with mining hashrate at the time. You will observe that there was a rise in hashrate when we released those changes, not days/weeks before.

Let me ask you something: why would we have made those changes to the hashing algorithm that quickly and released them publicly, when we could instead have quietly mined for weeks or months before making those changes public?


By the same token, Bitcoin is "potentially *setup* as a scam", as the core developers have access to information that nobody else does. Bitcoin's core maintainers know about features before they're even announced / released, and they could trade on that information. There is no fix for this, other than (I guess) to treat it as insider trading and regulate it accordingly. Trying to fix this problem right now is truly out of scope for Bitcoin, and is dramatically out of scope for us.


As mentioned, there's little to no useful information I can gleam from MyMonero that would give me some edge in trading.

Every exchange can make use of their internal state, and they have WAY more access to information than MyMonero does. They can have their systems automatically pull their orders if there's a buy that will hit them, they can do all sorts of stuff. One need only look at Mtgox's Willy bot to see what exchanges can get up to. We have no way of verifying that Coinbase, Bittrex, btc-e, Bitstamp, Cryptsy, BitFinex, etc. *don't* abuse their internal state / information. So what are we going to do about it? Never use an exchange again?


I've also said that it's a dumb argument to say "he's such a nice guy", because the best scammers *are* nice guys. That's precisely what con men do for a living. Knowing me is largely irrelevant and I would recommend that any trust is given based on my history and dealings with people. Sources of information could include, for example, the Bitcoin OTC web of trust: http://bitcoin-otc.com/viewratingdetail.php?nick=fluffypony

Additionally, one could consider that I had access to the Mintpal funds. Ferdous asked me for assistance because he couldn't gain access to the wallet (he was struggling to get it restored because it was in an older wallet format, and 0.8.8.6 didn't have the ability to restore that format, which is something we've subsequently fixed). Ferdous had no idea if the funds were still in that wallet. I could easily have told him that they were unfortunately stolen, and then just kept them for myself. It is no wonder that Ferdous said on Twitter: "IMO @fluffyponyza is one of the most honest, smartest and hardest working individuals in this space."

Now to answer some other things that have popped up:


At that stage when we wanted to raise funds there was quite a bit of backend development that had been done, all self-funded. We raised $0 because we cancelled the fund-raising as it was clear it was too controversial. This lead to some internal changes and a complete refocus of what we wanted to achieve, and a bit of a state of flux for a few months. After this was resolved we began working on the project again in the 2nd half of 2014.

BlockaFett's timing seems to be a little off, as by the time the VertPay funding was scrapped (middle of May, 2014) the Monero core team had already been formed, and we had forked the project away from thankful_for_today (after he refused to accede to the community's wishes). Thus I didn't "move on" to Monero, I was doing both simultaneously (as I continue to do).


This is 100% correct, but it is also old (as in it predates MyMonero's official launch). Why you're seeing a very old version of the main page is beyond me, but that version of account.js hasn't been around for many, many months. I've confirmed on multiple systems that index.html is passing the correct account.js, and that account.js does not contain that old code. Additionally, you're passing ?2, which is a cachebuster value that we use to ensure nobody is receiving a cached version. Whilst this doesn't match the cachebuster value right now (?4) it still shouldn't have served up such a very, very old file. This could very well be an issue introduced when we were deploying a Phonegap-based QR code scanner on Tuesday morning, but that was rolled back after an hour as it caused endless issues in its detection of mobile devices. To make doubly-sure that this isn't occurring anymore I've cleared every possible server-side cache that could have been serving it.

In order to confirm that this functionality was indeed accidental (in that it was poorly thought through) and also removed ages ago I checked archive.org. The most recent capture of MyMonero is from May 13th, 2015 (https://web.archive.org/web/20150513233042/https://mymonero.com/#/) and has the following account.js: https://web.archive.org/web/20150513233042/https://mymonero.com/js/services/account.js?1 - you can confirm in that, and older versions, that there is no cookie-storage code.

It is important to note JavaScript-based wallets are never going to be really safe, and MyMonero is no exception. I've said before that MyMonero is merely a stopgap solution until we have libraryise completed (so that third-party GUI developers can better hook into core functions) and/or we've found an SPV-style solution (our current work is on using a bloom filter for viewkeys instead of passing the raw viewkey) for lightweight wallets. In fact, the website even says quite clearly: "The clients below are ideal if you are using Monero for the first time".

BlockaFett, I appreciate very much that you have clearly indicated your bias. I understand, too, that you have an inherent desire to ensure people don't get screwed over, and I applaud that. But this is going to become a mud-slinging session and you know it. Whatever answers and responses I've provided above you won't be satisfied with, and eventually it is going to become a frustrating "shouting" match that will only leave things more confusing for the casual reader. I would like to suggest that we find some time for a Skype chat or a phone call to discuss this using a medium that is a little more immediate than Bitcointalk, and you or I can report back afterwards. I understand that you lack time and energy to invest into this, and I understand that. Having just arrived back home from Europe I can assure you that I don't have much time for a back-and-forth on Bitcointalk, but I do absolutely want you to be able to flesh this out and discuss it with me. I am more than happy to make myself available to you for discussion, and if there's anything specific in my answers above that you'd like me to clarify publicly I am also happy to do so.

Didn't you say you were going to come and throw tomatoes at me?

What happened, did you get scared? Was othe's promise to throw a beer bottle at you too much for you?

(inb4 "I'm a CEO, I didn't have time")

Request for comments: https://forum.getmonero.org/4/academic-and-technical/303/a-formal-approach-towards-better-hard-fork-management

Why do you have a "VIP" picture as your profile pic? Fake it till you make it, eh?

Forgot to add - my travels have disrupted the Missive schedule, but we're trying to get everything back on track now:)

Can confirm I'm back, see GPG signed message below (my GPG key is in the Monero source tree):

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is to confirm I have recovered my Bitcointalk account.

Also we've had awesome and successful Monero meetups in Brussels, Paris, and Berlin. Tomorrow I talk in Berlin again at the Bitcoin meetup (but this time on the subject of OpenAlias), and then on the weekend I am presenting on Monero at Bitcoinference in Amsterdam.

Hopefully after that things go back to normal:)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVY4iIAAoJEFVDLfMczU/NunAH/A4pRLDQi/Hs57GlIvcMcbAO
qfFqHnFB54uPb2VHR/YrcpR1raYA77qozKqQl1ELSyHXcoALsrOT9LDlkL0uYlpj
1wNRVLOedAD210DfGIzW3uI1Az5+LRZ0fq5JkTApadxeotDc+4g4k7hA+/6j1Anw
2VCQNdsJwylXxlcph4cilTLWNDKjNIQ3s5bbscOS3BUAsugOKyRKUKPxDrD5D6yT
Q05dakuClvpJ/MSwiKneP1/kNVGbfH4LYoviGjHJbYw5maUxWzCV9gI3iVWTOBii
U86OWPry4Ln3e9fvrRqGfmVUsgWkScX0Dg5Nh/X4P9LukhUypZsg0PhsNC8P2c8=
=0PCz
-----END PGP SIGNATURE-----

We already have a defined URI format that has been implemented in MoneroX, MyMonero, and others: http://monero.wikia.com/wiki/URI_formatting

The issue is that a URI alone doesn't fix it. Electrum has supported Bitcoin URIs since forever, but due to a py2app bug they don't work on OS X anymore. We're replacing it with cz_freeze to resolve the issue, but that's a ways away. Also it's easy to cut and paste the address and amount into Electrum.

I think that there are 3 things we need to do, in order of importance:

1. Wallets should pop up a confirmation box if there's no payment ID
2. Ratify and implement stealth payment IDs (much shorter), can be expressed in both serialised and non-serialised formats
3. Extend OpenAlias to support dynamic requests (I have some ideas around this that I'll hopefully flesh out with ThomasV from Electrum when I'm back in Berlin this coming weekend)

Compile and use Github head instead of the previous tagged release, and you'll end up with this:



That's testnet and mainnet.

You only need the .keys file, everything else can be discarded.

Also the .keys file doesn't change with ongoing use, and is encrypted with your wallet password, so you only need to back it up when you create the wallet:)

You can send it with a payment ID you make up, and then let cAPSLOCK know what the payment ID was. Or just tell him before you send the donation, and then let him know the transaction ID (which we will confirm for him).

zomg I get to quote myself again, this is turning out to be my Kanye week!

I'm having fun and enjoying myself, you should try it sometime:)

PS. Wrote you a limerick:

There once was a troll known as Primer
Whose insults were simply to-die-fer
It's a snap being mean
When you're behind a screen
And in mom's basement you're a resider

Preparing for tonight's meetup in Brussels, Belgium.

Step 1: take tourist selfie at Grand Place because you have to do the tourist thing:



Step 2: go to Delerium with binaryFate and try (several) beers:



Step 3: eat "a big ham with a potato" (this is an actual description as given to me) at a famous restaurant:



Step 4: ride in the smallest elevator ever (seriously, you can just barely fit two people sideways):



Step 5: polish off presentation over a proper Flemish breakfast:



Now I'm ready! See everyone who's coming in Brussels later:)

http://www.meetup.com/Bitcoin-Brussels/events/221909098/

Can confirm, OS X compilation fixed (my primary work platforms are OS X and FreeBSD, so I'm normally quick to find / fix issues there...Windows notsomuch)

Alles hat ein Ende, nur die Wurst hat zwei

That's a great idea, I'd support that 100%. Even if we only raised a small amount for e month it would be something that could be repeated every year:)

There are three ways:

1. Make something creative! You don't need permission to use Monero artwork and resources, and all the content / images / podcasts on getmonero.org are covered by a Creative Commons CC BY 3.0 license (see: https://getmonero.org/legal/copyright), so feel free to reuse and remix.

2. Contribute to the website. There's a small learning curve to understand the layout of the website source and to learn the basics of Kramdown (the Markdown flavor we use), but once that's done then you just have to create a GitHub account and use the "edit" button on the various .md files in the site repo (https://github.com/monero-project/monero-site). For instance, to edit the "node" Moneropedia page just navigate to the page on GitHub (https://github.com/monero-project/monero-site/blob/master/knowledge-base/moneropedia/node.md) and click the edit pencil icon at the top right of the preview (only shows when you're logged in I think). GitHub will guide you through the fork-and-PR process:)

3. Add to the ecosystem. You can do this by creating a store / website / app that uses Monero, or convincing someone to accept Monero (without badgering them or acting like a vacuum cleaner salesman / religious nut / fair trade organic save the whales level 5 vegan), or by noting that you accept Monero when selling stuff on eBay / Craigslist / Gumtree / whatever.

Above all remember that you don't need to ask permission to do anything. The worst that can happen is you do something and it isn't well received, but at this stage everyone is so hungry for the ecosystem to grow that you could sell horse poop deliveries for Monero and it'd be a hit.

smooth is a self-appointed nothing.

I am a self-appointed nothing.

We are both stewards of the Monero project by virtue of our early involvement and leadership. We speak for ourselves, and when we speak for the Monero Core Team we will always prefix the statement by saying something like "we (the Monero Core Team) think teal is the best shade of blue/green". We may use the "monero" Bitcointalk / forum.getmonero.org account to make such a posting, or GPG sign it, or use URS to sign it, or whatever.

smooth is entirely, absolutely, completely entitled to say whatever he wants as an individual, and I will defend his right to do so even to my detriment. Obviously if he suddenly said something on behalf of the Core Team that was incorrect I would discuss it with him and/or correct him publicly, as I hope he would do for me.

If you don't like smooth just say you don't like him. Nobody here is obligated to like anyone:)

But beyond that it's untraceable once you're on the Monero blockchain. In other words, in the following example it is pretty much untraceable when using Tor:

1. Create a Monero account with https://mymonero.com
2. Go to https://shapeshift.io and tell it you want to convert from BTC to XMR (to your MyMonero address) for your amount plus a little extra. To give you an example, ShapeShift tells me 1 BTC = 481.9701 XMR right now.
3. Go to https://xmr.to and use their rate to convert your XMR (less, say, 0.03 XMR for a 3kb mining fee) to the BTC equivalent and pay your destination BTC address. Using my example, the 481.9401 XMR is worth 0.959060799 BTC (so slippage is just over 4%)
4. Pay the XMR address and payment ID provided by xmr.to using a relatively high mix-in value on MyMonero

It doesn't matter whether MyMonero is subpoenaed and has to submit your viewkey, or ShapeShift is hacked, or anything like that. The connection from MyMonero to xmr.to cannot be traced or reversed. For added goodness you could send the coins to yourself on MyMonero, or to multiple MyMonero accounts, all providing an additional break in the chain. To understand why this works it is good to familiarise yourself with the way Monero works, perhaps starting with the LetsTalkBitcoin podcast on the subject: https://letstalkbitcoin.com/blog/post/ltb-e202-understanding-monero


Mining is quite out of reach to most, and it actually doesn't help that much - you still need to use your coinbase UTXOs to make a payment, and that's the part that's at-risk.

Nobody claimed Monero was "100% anon", from a cryptographic perspective. In other news, your Bitcoin private keys can be brute-forced and aren't "100% safe". Also, 2048-bit AES encryption isn't "100% uncrackable". All three of these examples deal with cryptographically negligible scenarios, which is what andytoshi refers to in that StackExchange post when he says that Monero's anonymity is "weaker than total anonymity". The step from Monero's cryptographically untraceable (ie. for incoming transactions there are many possible senders whose involvement is equiprobable) and unlinkable (ie. for any two outgoing transactions it is impossible to prove they were sent to the same person) transactions to "total anonymity" is VERY slight, and thus the amount of "weakness" is important only from the perspective of cryptographic absolutes, and only under certain models as well (the random oracle model, in particular). The cryptographic negligibility is only for incoming transactions, and requires ownership of a substantial number of blockchain TXOs to even begin to hope to correctly choose the correct input signer from a group.

andytoshi and gmaxwell's AOS paper has, to some degree, been superseded by the observations made in a recent Monero Research Lab paper, "MRL-0004: Improving Obfuscation in the CryptoNote Protocol".

I backed it for the same reason. They've got a little GUI Linux OS running on it already, so I think Tails will be fine.