[XMR] Monero - A secure, private, untraceable cryptocurrency

[mmortal03]

In theory, could my anonymity be compromised by too many other people publishing their view keys?

Well let's assume everybody did. Then you would have a coin where all transactions are traceable (except yours, and yours would be the only ones left so...). That's obviously not the goal here, but if everybody wants that, there's nothing you can do. You can't hide a needle without a haystack.

However, it is indeed not good to encourage too much reliance on view keys. That's why, for example, MRL-0004 has an alternate method for auditing of individual transactions that does not involve the broad brush of a view key.

I know you guys aren't aiming to be alphabet proof but perhaps one day in the future it could be a goal and it is concerning because we might imagine that some mass surveillance agency might be able to put together a rather comprehensive database of view keys.

Once the view key has been seen by someone other than yourself, consider the privacy of that address compromised and migrate funds to a secure (private) address. Better yet, never share a view key except for purpose specific, (single use?) addresses.  Let them watch a vacant house all they want.

Correct. View key is 1/2 of your private key. It makes sense to share this for specific reasons, but not in general.

Is there a way to do watch-only wallets, without the view key sitting on the watch-only computer?

[cAPSLOCK]

In theory, could my anonymity be compromised by too many other people publishing their view keys?

Well let's assume everybody did. Then you would have a coin where all transactions are traceable (except yours, and yours would be the only ones left so...). That's obviously not the goal here, but if everybody wants that, there's nothing you can do. You can't hide a needle without a haystack.

However, it is indeed not good to encourage too much reliance on view keys. That's why, for example, MRL-0004 has an alternate method for auditing of individual transactions that does not involve the broad brush of a view key.

I know you guys aren't aiming to be alphabet proof but perhaps one day in the future it could be a goal and it is concerning because we might imagine that some mass surveillance agency might be able to put together a rather comprehensive database of view keys.

Once the view key has been seen by someone other than yourself, consider the privacy of that address compromised and migrate funds to a secure (private) address. Better yet, never share a view key except for purpose specific, (single use?) addresses.  Let them watch a vacant house all they want.

Correct. View key is 1/2 of your private key. It makes sense to share this for specific reasons, but not in general.

Is there a way to do watch-only wallets, without the view key sitting on the watch-only computer?

I can't imagine a way that could work...

[mmortal03]

Right at this moment I'd say this is a super solid play:

-snip gigantic image-

should go post it in their thread with the caption

*cough* just sayin

i wouldn't do it because i don't have the constitution for trolling but it would be funny.

That was what I wanted to do first.  But to be honest all the trolling has be kinda of worn out, and I have no hard feelings to the DASH camp.  I think they are at more risk because of today's developments in monero than they realize.

I also think the Monero community is only beginning to wake up to what xmr.to + shapeshift + database means in terms of our utility.

Dude, I'm all awake about that. All I'll need -- once the database is out -- to convince others to buy in and use it will be an easy way to go from USD (or equivalent) to XMR. Then we'll be set. Trezor integration would also be nice, but let's not get ahead of ourselves.

[osensei]

Are you relatively new to monero? Viewkey and payment_ID are things unique to Monero (I think). There is no equivalent in bitcoin (because there is no need).

Maybe this is somehow off topic, still.. does viewkey actually work? Or is there some info I've missed about when is it planned to be done?

oh good point. I don't know. I just assume it works because its always talked about as one of the cool things about Monero.

The view key does work at the protocol level, although there is no implementation available to the user right now.

AFAIK (and please correct me if I'm wrong) the only known implementation is in MyMonero, which uses the view key to, I think, identify your transactions, thus giving MyMonero the ability to know your balance and the value of your transactions, but they still can't know where the coins come from or where they are going to, nor can spend them. That's the price you pay for the ease of use of MyMonero.

[medusa13]

please do not burn chainradar for this mistake. yes it was abused by people to spread fud, but c'mon, who belives this shit anyway, we all know monero is secure
i have nothing to do with them, but i really reckon this was just a bad coincidence at the wrong time.

[fluffypony]

Are you relatively new to monero? Viewkey and payment_ID are things unique to Monero (I think). There is no equivalent in bitcoin (because there is no need).

Maybe this is somehow off topic, still.. does viewkey actually work? Or is there some info I've missed about when is it planned to be done?

oh good point. I don't know. I just assume it works because its always talked about as one of the cool things about Monero.

The view key does work at the protocol level, although there is no implementation available to the user right now.

AFAIK (and please correct me if I'm wrong) the only known implementation is in MyMonero, which uses the view key to, I think, identify your transactions, thus giving MyMonero the ability to know your balance and the value of your transactions, but they still can't know where the coins come from or where they are going to, nor can spend them. That's the price you pay for ease of use of MyMonero.

Yes - MyMonero only has your view key, not your spend key, so no way to touch your funds without your involvement:)

We plan to add a viewkey scanner command-line app soon-ish. SOOON. SOOOOOOOOOOOOON!

[aminorex]

The most important thing is to provide a documented interface to stable functionality.  Apps like a viewkey scanner are then trivial and will be produced without core resources.

A lot of those interfaces come for free with LMDB, just not the crypto.

[e-coinomist]

Yeah, I guess I wasn't specific enough.
I'm looking for a way to create a provably unspendable burn address.
Meaning it should be obvious, for example contain a lot of consecutive X's.

keep generating wallets until you get one with a lot of x's.
this vanity address generator exists
https://monerotalk.org/t/vanity-address-generator/134
https://github.com/ehmry/monero-vanity
so you'll essentially publish the viewkey?

The idea is that nobody will have the private key so nobody will have the possibility to spend the funds.
I want to generate an address, to which it's highly improbable anyone will have the private key.

EDIT: Counterparty created such a BTC address back in the days of their launch

Couldn't you still take the same advice I gave but then take whatever address was given and replace the first 10-15 characters with something along the lines of "xxxxxmoneroxxxxx", then again, the viewkey would no longer work so you wouldn't be able to view it anyway. Interesting.

Vandalay23, if you create a "burn address" and publish the viewkey of it, as GingerAle suggested, and built some empire on these foundations, people can trust those fundations since the viewkey allows watching ballances sneaking out of that address.
They could trust even for the spendkey beeing deleted, however that would be naive.

And guys we know only sure way for burning money is woman (fyri http://www.alternet.org/story/48856/why_sexist_language_matters    )

[tifozi]

Listen the interview with our core dev Fluffypony on LetsTalkBitcoin:

https://letstalkbitcoin.com/blog/post/ltb-e202-understanding-monero

Anon136, this is what you were asking for right?  

I was asking for it, too. Top notch work, fluffypony!

Great job fluffypony

@50:35 Rubber Hose CryptAnalysis 

[mmortal03]

In theory, could my anonymity be compromised by too many other people publishing their view keys?

Well let's assume everybody did. Then you would have a coin where all transactions are traceable (except yours, and yours would be the only ones left so...). That's obviously not the goal here, but if everybody wants that, there's nothing you can do. You can't hide a needle without a haystack.

However, it is indeed not good to encourage too much reliance on view keys. That's why, for example, MRL-0004 has an alternate method for auditing of individual transactions that does not involve the broad brush of a view key.

I know you guys aren't aiming to be alphabet proof but perhaps one day in the future it could be a goal and it is concerning because we might imagine that some mass surveillance agency might be able to put together a rather comprehensive database of view keys.

Once the view key has been seen by someone other than yourself, consider the privacy of that address compromised and migrate funds to a secure (private) address. Better yet, never share a view key except for purpose specific, (single use?) addresses.  Let them watch a vacant house all they want.

Correct. View key is 1/2 of your private key. It makes sense to share this for specific reasons, but not in general.

Is there a way to do watch-only wallets, without the view key sitting on the watch-only computer?

I can't imagine a way that could work...

Having it stored there, but encrypted with a user password, maybe?

[onemorexmr]

Listen the interview with our core dev Fluffypony on LetsTalkBitcoin:

https://letstalkbitcoin.com/blog/post/ltb-e202-understanding-monero

Anon136, this is what you were asking for right?  

good work, fluffypony!
and i didnt hear any breathing..

[fluffypony]

Great job fluffypony

@50:35 Rubber Hose CryptAnalysis 

It's the technical term used to describe your password being beaten out of you: http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis

[Anon136]

Listen the interview with our core dev Fluffypony on LetsTalkBitcoin:

https://letstalkbitcoin.com/blog/post/ltb-e202-understanding-monero

Anon136, this is what you were asking for right?  

i dont remember asking for it but im glad it exists and i listened to the whole thing

maybe i did say something about getting monero on LTB. its starting to sound familiar.

[coinits]

...
Honestly, don't get me wrong, but I am very surprised that you as a core dev do not educate your users on how Monero works, but actually reinforce silly FUD. Luckily, the math is neutral to everyone.
...

lol why you no edumacate us fluffypony?

No intend to offend anyone, but I think this whole issue could have been extinguished, not escalated.

Not intend to offend you, but YOUR "bug" + Trolls = escalated.  Fluffypony's time to prove the trolls wrong = extinguished.

What I don't know for sure is if you are on the side of the extinguishers or the escalators.

Seriously.

Perhaps folks like Ricardo will be more patient...  but I have signed no contract to be.  Keep digging.

Guys, my bad, sorry. I edited the post so that it's not offensive.
I'm not in the situation, not following the forum recently, so from my perspective there was no need to test anything with ChainRadar, as the answer is pretty clear: it is impossible.

Secondly, I repeat that it is the issue from since the start of the project, and for all currencies, not just Monero.

Well all seems to be good now, though if there's one tiny bit that bothers me, it's the use of referring to a general body of people that is possibly not exclusive to males as "guys" in the above post, which is still inherently sexist despite how commonly it slips. You can thank Doug Hofstadter for that pet peeve of mine.  

Edit: http://www.alternet.org/story/48856/why_sexist_language_matters
http://www.cs.virginia.edu/~evans/cs655/readings/purity.html

Sorry to go off-topic and delete it if you want but...

Outside of crypto in my day-to-day work life I work on a team that averages about 300 at any given moment. There is about 30% women on the team and they are not offended if they are referred to as 'guys'. They do not seem to like 'gals' at all. It is not sexist; it is a way to acknowledge the group. Saying guys and gals instead of just guys, IMO, is politically correct mumbo jumbo. I find the same with calling Native Americans 'Indians'. I work with Indians and they call themselves Indians. In the media and in the 'politically correct' circles they refer to them as First Nations People or Aboriginals. In Canada the law that governs Indians is called The Indian Act and they live on Indian Reservations. Media will never use the word Indians. There is nothing wrong with it.

[nioc]

what a great group of gals we have here

[vokain]

"You all", "everyone", "they" (which can be singular or plural), etc.

I know people don't mind, but it is an affect of our male-dominant culture that should be made aware of, or in the case of the natives, an affect of an ignorant colonist culture.

[5w00p]

"You all"

I know people don't mind, but it is an affect of our male-dominant culture that should be made aware of.

OK, so maybe we are drifting a bit off-topic, but:

So, "you all" (also pronounced "y'all" where I come from) is the politically correct way to refer to a group of mixed-gender persons?

[vokain]

"You all", "everyone", "they" (which can be singular or plural), etc.

I know people don't mind, but it is an affect of our male-dominant culture that should be made aware of, or in the case of the natives, an affect of an ignorant colonist culture.

OK, so maybe we are drifting a bit off-topic, but:

So, "you all" (also pronounced "y'all" where I come from) is the politically correct way to refer to a group of mixed-gender persons?

Yeah why not

[vokain]

Is that an answer?  

I was honestly asking.

Sorry 5w00p, I use "why not" all the time as, I don't (yet) see any significant reason as to why you should stop yourself from such, as a general life philosophy.

[cAPSLOCK]

please do not burn chainradar for this mistake. yes it was abused by people to spread fud, but c'mon, who belives this shit anyway, we all know monero is secure
i have nothing to do with them, but i really reckon this was just a bad coincidence at the wrong time.

Possibly so, and I know I was coming off a little half cocked... but a few of the comments pissed me off.  And I was comfortable under the circumstances with calling it out...