[XMR] Monero - A secure, private, untraceable cryptocurrency

[saddambitcoin]

If I use openalias to pay example.domain.com in simplewallet, doesn't my IP address get stored in some time-stamped log on the domain.com nameserver? Anyone who hacks or subpoenas the nameservers could learn who paid whom, right?

Maybe.  There are some name servers that claim not to log, though you can't really verify this. Also, in most cases your request goes through intermediate name servers (at your ISP, or google, or some such).

However, for maximum privacy you probably don't want to use this feature.

In that instance, what about using mymonero.com? Then it wouldn't be your IP making the request, would it?

[1714160936]

1714160936

[1714160936]

1714160936

[1714160936]

1714160936

[smooth]

If I use openalias to pay example.domain.com in simplewallet, doesn't my IP address get stored in some time-stamped log on the domain.com nameserver? Anyone who hacks or subpoenas the nameservers could learn who paid whom, right?

Maybe.  There are some name servers that claim not to log, though you can't really verify this. Also, in most cases your request goes through intermediate name servers (at your ISP, or google, or some such).

However, for maximum privacy you probably don't want to use this feature.

In that instance, what about using mymonero.com? Then it wouldn't be your IP making the request, would it?

Yes that's right. Mymonero could be logging your access (which could be avoided by using Tor, assuming you trust Tor) and does have your view key (no way to avoid this) and could itself be logging your transactions, so there is still a potential loss of privacy compared to running your own node over i2p. That is going to be the gold standard eventually. I'm not sure how openalias is going to work over i2p, but I'm sure we'll come up with something. Openalias is one of those standards that can work over almost anything, since it is just an appropriately formatted text string.

[bclcjunkie]

just a little thought i was having on my mind.. based on no of articles and discussions taking place lately, looks like year 2015 is going to set solid footwork towards crypto currency regulation and come hard on exchanges that don't follow regulatory framework. that will probably incite more interest towards darkcoin first since it's more marketed but the neverending issues surrounding its master nodes and premined stash may prove to be disastrous in the end turning all that avalanche of attention to monero... by then monero should be ready for all that love...  

just to reiterate coinbase already received approval to be fully regulated, gemini is next on the list... i don't know how you guys see it but i see this very bullish for monero in the long run.. As soon as monero's targets are achieved and get stable i'm expecting it to start picking up a lot more interest from exchanges and merchants...

http://www.coindesk.com/anonymous-bitcoin-backgrounder-policymakers/

[generalizethis]

just a little thought i was having on my mind.. based on no of articles and discussions taking place lately, looks like year 2015 is going to set solid footwork towards crypto currency regulation and come hard on exchanges that don't follow regulatory framework. that will probably incite more interest towards darkcoin first since it's more marketed but the neverending issues surrounding its master nodes and premined stash may prove to be disastrous in the end turning all that avalanche of attention to monero... by then monero should be ready for all that love...  

just to reiterate coinbase already received approval to be fully regulated, gemini is next on the list... i don't know how you guys see it but i see this very bullish for monero in the long run.. As soon as monero's targets are achieved and get stable i'm expecting it to start picking up a lot more interest from exchanges and merchants...

http://www.coindesk.com/anonymous-bitcoin-backgrounder-policymakers/

I think it's going to be more an issue of dm operators migrating from TOR to I2P. DM operators will do what is in their best interest, not have consumers dictate the coin they should use to them; they're taking the brunt of the risk and they supply the product that the consumer wants--good luck telling them that they should use a coin because it has better marketing. When's the last time you saw a drug dealer with a cc reader? And before anyone jumps on me and says, "Oh, but Monero's so much more than the dark markets, ect,..." I've never said otherwise. What I am saying is that dm is the market that can make or break Monero. Do you think a CEO is going to entrust the secrecy of a project on a coin that failed publicly with dm? I wouldn't....

[dopecoindude]

Ttt... If a core dev starts to use drug examples, it will be harder to explain that privacy is not just illegal stuff Smiley

stealth address + ring signature = the privacy part of CryptoNote. Cryptonote is more than privacy; it is also less constrained parameters which, for instance, render any Cryptonote immune to the 1 MB blocksize that affect Bitcoin. The CryptoNote protocol has "no hard limit" (whitepaper, sic), which helps scalability. Not counting the "chosen transparency that is the viewkey and later auditable addresses, like fluffy mentionned it on reddit

On top of this, Monero added some more features, like tail emission to mitigate the predicted loss of interest of miner for a crypto if all they have left is transaction fees, openalias (granted, it can be used with more than Monero, even Bitcoin), mnelmonic seed (AFAIK, only Bitcoin has it, whith Electrum).

I think it's going to be more an issue of dm operators migrating from TOR to I2P. DM operators will do what is in their best interest, not have consumers dictate the coin they should use to them; they're taking the brunt of the risk and they supply the product that the consumer wants--good luck telling them that they should use a coin because it has better marketing. When's the last time you saw a drug dealer with a cc reader? And before anyone jumps on me and says, "Oh, but Monero's so much more than the dark markets, ect,..." I've never said otherwise. What I am saying is that dm is the market that can make or break Monero. Do you think a CEO is going to entrust the secrecy of a project on a coin that failed publicly with dm? I wouldn't....

I talk about drugs all day long with DopeCoin as you said consumers don't dictate the coin they use for them, it is the DM operator who sets the tone for it so you are spot on. We got listed on SRR. We have no shame in saying so. Its about what the DM wants.

edit: keep in mind SRR actually eats up your coins so providing an extra layer of privacy as the alt-coin is converted over to Bitcoins.

[jehst]

There are really only 2-3 major DMs at any given time and only a handful of gambling sites doing all the volume with a handful of administrators in charge of them. Major corporations are also command-and-control topdown hierarchical organizations. Most of the world's wealth is also concentrated among few people. Therefore, the choice to adopt new currencies for corporate finance, offshore banking  or DMs alike will come down to decisions made by a very small number of highly intelligent, sophisticated, ultraparanoid people.

Already, several people have been arrested in connection with IP analysis. Several Coinbase accounts have been shut down in connection with blockchain analysis. Amazon and any other corporation will cooperate with LE to quietly comandeer hosted DRK masternodes. It's just a disaster waiting to happen. Any discerning leader is going to realize that.

There is a reason why people around the world are using AK-47s. It's not because Kalashnikov had a degree in marketing.

[fluffypony]

If I use openalias to pay example.domain.com in simplewallet, doesn't my IP address get stored in some time-stamped log on the domain.com nameserver? Anyone who hacks or subpoenas the nameservers could learn who paid whom, right?

Maybe.  There are some name servers that claim not to log, though you can't really verify this. Also, in most cases your request goes through intermediate name servers (at your ISP, or google, or some such).

However, for maximum privacy you probably don't want to use this feature.

This has already been covered in the OpenAlias standard, although this functionality is not yet available in simplewallet -

In order to ensure that lookups do not betray the user's privacy it is best to implement DNSCrypt from OpenDNS, and force resolution via a DNSCrypt-compatible resolver. Dependent on your use-case, you may choose to bake DNSCrypt into your software, or bundle dnscrypt-proxy along with your application.

There are only a handful of DNSCrypt compatible resolvers worldwide, and fewer still that additionally support DNSSEC validation, support Namecoin resolution, and don't log DNS requests. Additional DNS resolvers that meet these criteria will be launched and operated by OpenAlias and by contributors in the coming months. In order to make your life easier, you can get a list of available resolvers that have DNSCrypt operational on port 443 by fetching the A records from any of the following domains:

• resolvers.openalias.org
• resolvers.openalias.ch
• resolvers.openalias.se
• resolvers.openalias.li

These resolver records will be maintained, and if a malicious resolver is found it will be removed. It is, therefore, prudent to poll this list regularly within the application, either on-request or at least once every 24 hours.

[illodin]

And of course:

Regarding Darkcoin as it's mentioned in that PR material - there is a statement, that says "if these Masternodes are compromised by a malicious actor, then the anonymity can be broken".

Compromising 100% of the masternodes (thousands, not hundreds) is no easy feat, and if you're dealing with an adversary that can accomplish that, then they are powerful enough they can surely just simply compromise your personal computer and save a lot of time and money.

And, let's even assume that they compromise 100% of the nodes for a while - they could only spy on the pre-mixing that happens during that time. They can't break anonymous transfers that have already happened, and they can't break anonymous transfers that happen if the coins have already been anonymized previously. Trying to take over the whole masternode network would just be a lot of effort for questionable gains.

[smooth]

Trying to take over the whole masternode network would just be a lot of effort for questionable gains.

It is no more "questionable gains" than the people who would run the nodes for profit. If you want to spy, you still get the profit plus the information.

[stslimited]

Regarding Darkcoin as it's mentioned in that PR material - there is a statement, that says "if these Masternodes are compromised by a malicious actor, then the anonymity can be broken".

Compromising 100% of the masternodes (thousands, not hundreds) is no easy feat, and if you're dealing with an adversary that can accomplish that, then they are powerful enough they can surely just simply compromise your personal computer and save a lot of time and money.

And, let's even assume that they compromise 100% of the nodes for a while - they could only spy on the pre-mixing that happens during that time. They can't break anonymous transfers that have already happened, and they can't break anonymous transfers that happen if the coins have already been anonymized previously. Trying to take over the whole masternode network would just be a lot of effort for questionable gains.

Relying on masternodes for privacy requires luck and trust.

[MoneroMooo]

Anywhere I can bet on Superbowl with XMR?

It's not up just yet, but Tippero will have this enabled sometime in the next couple days. It was supposed to go up for the cricket games in february but this seems like a good occasion to debut it early

I'll post details when it's ready.

[fluffypony]

Regarding Darkcoin as it's mentioned in that PR material - there is a statement, that says "if these Masternodes are compromised by a malicious actor, then the anonymity can be broken".

Compromising 100% of the masternodes (thousands, not hundreds) is no easy feat, and if you're dealing with an adversary that can accomplish that, then they are powerful enough they can surely just simply compromise your personal computer and save a lot of time and money.

And, let's even assume that they compromise 100% of the nodes for a while - they could only spy on the pre-mixing that happens during that time. They can't break anonymous transfers that have already happened, and they can't break anonymous transfers that happen if the coins have already been anonymized previously. Trying to take over the whole masternode network would just be a lot of effort for questionable gains.

I don't want to get too off-topic, as this is a Monero thread, but there are a couple of points to bear in mind:

1. We don't even need an attacker with the NSA's scope. Law enforcement like the FBI can easily get the legal right to wiretap masternodes. Many of these masternodes run on virtualised machines, which means the hosting provider can snoop the OS status and memory. Virtually all of them could be under the purview of LEA, and thus long-term monitoring would be invisible.

2. Over and above that, there's massive incentive for masternode operators to make extra money by selling access to their logs. Not every operator is a rational actor, not every operator is a libertarian.

3. As long as operators earn based on what they process there will be an incentive for masternode operators to attack each other. This is a classic case of Prisoner's Dilemma.

The most concerning is 3, as there really is little that can be done to fix that. You can't evenly split rewards, as then there's no longer an incentive for a masternode to be honest (not that there's much incentive for that right now). When this has been mentioned before the knee-jerk reaction is "they'll never do that!" However, one need only take a look at how Bitcoin mining pools operate to see that this is a very real problem. Two references that make for good reading are: Ittay Eyal's "The Miner's Dilemma", and the paper "When Bitcoin Mining Pools Run Dry" by Aron Laszka et. al. This is, of course, quite a well-known issue amongst those in the know: 1, 2, 3

If anyone wants to continue this conversation feel free to start a new thread, otherwise we can go back to talking about Monero:)

[jehst]

Compromising 100% of the masternodes (thousands, not hundreds) is no easy feat, and if you're dealing with an adversary that can accomplish that, then they are powerful enough they can surely just simply compromise your personal computer and save a lot of time and money.

1. Do you need to compromise 100% of masternodes to yield useful data? Would 50% or 80% yield nothing useful? No, with time and luck and hard work, compromising less than 100% of the network could yield results.

2. Just because an adversary has the willing cooperation of some cloud service providers doesn't mean that this adversary can magically break all encryption at the click of a button. Not every adversary is all-powerful.

Every Fortune 500 company is a target for corporate espionage. Every black market organization is a target for law enforcement. The simple fact is that there are far more potential targets available than there are pursuers. Like a hawk choosing his target amongst a flock of pigeons, your adversary will choose the targets that are easiest. The weakest. As the saying goes, you don't need to run faster than the bear or swim faster than the shark; you just need to be faster than your friend.

So four members of the high school swim team are swimming in the ocean. Danny "Donuts" Dollar is an obese 1st year student who was forced onto the swim team by his parents.
Billy "The Bicycle" Bitcoin is a bronze medalist slacker who often misses swim practice and mainly focuses on cycling, not swimming. Donnie "The Dolphin" Darkcoin, is a hard working 4th year veteran of the swim team who consistently takes second. Mario "The Missile" Monero is both hardworking and a genetically gifted 3rd year athlete who is being lauded as the next Michael Phelps. As they frolic and play in the ocean, three hungry sharks approach. Who is going to live to swim another day? Maybe all. Maybe none.

[illodin]

Regarding Darkcoin as it's mentioned in that PR material - there is a statement, that says "if these Masternodes are compromised by a malicious actor, then the anonymity can be broken".

Compromising 100% of the masternodes (thousands, not hundreds) is no easy feat, and if you're dealing with an adversary that can accomplish that, then they are powerful enough they can surely just simply compromise your personal computer and save a lot of time and money.

And, let's even assume that they compromise 100% of the nodes for a while - they could only spy on the pre-mixing that happens during that time. They can't break anonymous transfers that have already happened, and they can't break anonymous transfers that happen if the coins have already been anonymized previously. Trying to take over the whole masternode network would just be a lot of effort for questionable gains.

I don't want to get too off-topic, as this is a Monero thread, but there are a couple of points to bear in mind:

1. We don't even need an attacker with the NSA's scope. Law enforcement like the FBI can easily get the legal right to wiretap masternodes. Many of these masternodes run on virtualised machines, which means the hosting provider can snoop the OS status and memory. Virtually all of them could be under the purview of LEA, and thus long-term monitoring would be invisible.

2. Over and above that, there's massive incentive for masternode operators to make extra money by selling access to their logs. Not every operator is a rational actor, not every operator is a libertarian.

3. As long as operators earn based on what they process there will be an incentive for masternode operators to attack each other. This is a classic case of Prisoner's Dilemma.

The most concerning is 3, as there really is little that can be done to fix that. You can't evenly split rewards, as then there's no longer an incentive for a masternode to be honest (not that there's much incentive for that right now). When this has been mentioned before the knee-jerk reaction is "they'll never do that!" However, one need only take a look at how Bitcoin mining pools operate to see that this is a very real problem. Two references that make for good reading are: Ittay Eyal's "The Miner's Dilemma", and the paper "When Bitcoin Mining Pools Run Dry" by Aron Laszka et. al. This is, of course, quite a well-known issue amongst those in the know: 1, 2, 3

1. FBI has no jurisdiction in Russia, China, or anywhere else but USA. Fact is, a lot of people run their nodes in Amazon etc right now because that's what the first tutorials for running a node told them to. When/if Darkcoin becomes so big that some agencies actually get interested in it enough to try to spy on, the rewards from running a masternode will be large enough to afford your own dedicated servers in where ever you choose.

2. But not every operator will, and then your spy operation will fail and you just paid huge amounts of money for nothing. You'll need either (almost) everything or you'll fail.

3. The higher the incentive to ddos other masternodes, the higher the price must be. And the higher the price is, the stronger nodes you can afford to run. Also, this is something that the devs are aware of, and working towards a solution:

Future updates to Darkcoin are expected every few months, and will include such things as encrypted multipath communication technology, which is already in the works, this will add another layer of privacy to the system as it will allow users to communicate with the network securely without exposing their IPs and will also hide the identity of the Darksend mixing nodes making it extremely difficult, if not impossible, for third parties to spy on users information. It uses multi-path routing so users can send more than one encrypted message using different routes on the mesh network for redundancy.

One of the greatest objections to InstantX from the Bitcoin community was the possibility to DOS the selected masternodes that are responsible for consensus voting.

This would stop the consensus voting forcing the network to evaluate transactions using the mining network, bring the first confirmation from 10-20 seconds back to 2.5 minutes. While not a terrible issue, it’s something we can deal with by hiding the masternode identities and using a token based routing system to pass messages back and forth. This will be discussed in great detail in the v2 of the Darkcoin whitepaper.

To build a network that can withstand attacks, the masternodes must not publish their IPs. To do this we’re going to utilize a new multipath communication technology. This will add another layer of privacy to the system as it will allow users to communicate with the network securely without exposing their IPs and will also hide the identity of the Darksend mixing nodes making it extremely difficult, if not impossible, for third parties to spy on users information.

It uses multi-path routing so users can send more than one encrypted message using different routes on the mesh network for redundancy. This will allow us quick communication, robustness and anonymous two way communication.

If anyone wants to continue this conversation feel free to start a new thread, otherwise we can go back to talking about Monero:)

Agree, now we can go back to Monero.

[stslimited]

1. FBI has no jurisdiction in Russia, China, or anywhere else but USA. Fact is, a lot of people run their nodes in Amazon etc right now because that's what the first tutorials for running a node told them to. When/if Darkcoin becomes so big that some agencies actually get interested in it enough to try to spy on, the rewards from running a masternode will be large enough to afford your own dedicated servers in where ever you choose.

2. But not every operator will, and then your spy operation will fail and you just paid huge amounts of money for nothing. You'll need either (almost) everything or you'll fail.

3. The higher the incentive to ddos other masternodes, the higher the price must be. And the higher the price is, the stronger nodes you can afford to run. Also, this is something that the devs are aware of, and working towards a solution:

Future updates to Darkcoin are expected every few months, and will include such things as encrypted multipath communication technology, which is already in the works, this will add another layer of privacy to the system as it will allow users to communicate with the network securely without exposing their IPs and will also hide the identity of the Darksend mixing nodes making it extremely difficult, if not impossible, for third parties to spy on users information. It uses multi-path routing so users can send more than one encrypted message using different routes on the mesh network for redundancy.

One of the greatest objections to InstantX from the Bitcoin community was the possibility to DOS the selected masternodes that are responsible for consensus voting.

This would stop the consensus voting forcing the network to evaluate transactions using the mining network, bring the first confirmation from 10-20 seconds back to 2.5 minutes. While not a terrible issue, it’s something we can deal with by hiding the masternode identities and using a token based routing system to pass messages back and forth. This will be discussed in great detail in the v2 of the Darkcoin whitepaper.

To build a network that can withstand attacks, the masternodes must not publish their IPs. To do this we’re going to utilize a new multipath communication technology. This will add another layer of privacy to the system as it will allow users to communicate with the network securely without exposing their IPs and will also hide the identity of the Darksend mixing nodes making it extremely difficult, if not impossible, for third parties to spy on users information.

It uses multi-path routing so users can send more than one encrypted message using different routes on the mesh network for redundancy. This will allow us quick communication, robustness and anonymous two way communication.

If anyone wants to continue this conversation feel free to start a new thread, otherwise we can go back to talking about Monero:)

Agree, now we can go back to Monero.

The FBI has statutory authority by Congress to access any computer anywhere in the world. Jurisdictional considerations ONLY apply to property held by American citizens, and jurisdiction in this context has nothing to do with geography.

The FBI is the state sponsored hacker. They can and do with impunity, hack and penetrate and privilege escalate and data dump and image any machine they can get in to. And they will retrieve data for years before there is ever a trial or court case or conviction. Neither the machine owner or the data center knows anything about it, necessarily.

Back to Masternodes. **WE KNOW WHERE ALL THE MASTERNODES ARE** , they are on Amazon, Digital Ocean, and a small subset are run on other providers and personal computers. Literally simple memory dumps get you the whole path. There is no omnipotent adversary to hypothesize about, they can just do literal memory dumps, constitutionally to US citizens with liberally approved warrants, and with impunity to non-US citizens. The minority of people running masternodes on their raspberry pi's are the only ones that are outside of the dragnet, in this scenario, LEA has all the data they need for most transactions AND then you are trusting the remaining individual ones not to be doing their own transaction monitoring/logging.

Darkcoin isn't at an evolutionary dead end with this reality, they can try to obfuscate IP's of masternodes retroactively, they can try to do that multipath whatever. LEA just goes to the biggest data centers, looks for a particular software process and gets all the same data anyway! Whooooops.

Read a freaking indictment or two, they do this shit all the time. No conspiracies necessary.

[nioc]

Let's say you have a wallet with a balance of 123.45 Monero and you want to transfer all of it.  As a fee will be deducted, how do you do this if you don't know what the fee is ahead of time?

[fluffypony]

Let's say you have a wallet with a balance of 123.45 Monero and you want to transfer all of it.  As a fee will be deducted, how do you do this if you don't know what the fee is ahead of time?

Start at <total> - 0.01 XMR and work your way down from there?

:-P

We'll have to add a function to flush a wallet at some stage.

[NeuroticFish]

Let's say you have a wallet with a balance of 123.45 Monero and you want to transfer all of it.  As a fee will be deducted, how do you do this if you don't know what the fee is ahead of time?

Another solution: Try to do the transaction without any fee. It will fail and the (command line) wallet will tell you what the fee is.
Second try you do with correct values and it works.
At least that's how I did last time, iirc.

[nioc]

I just realized I received advice from both a fluffypony and a NeuroticFish

Thank you both

[bytemuma]

Hello,

is there a torrent with win_64 blockchain?
Thank you.