[XMR] Monero - A secure, private, untraceable cryptocurrency

[osensei]

https://github.com/warptangent/bitmonero/commit/35b1500536a98e02ea459ca6ccb42e8248de43a8
^^^
There is the code to restore a MyMonero wallet to simplewallet. Finding the right way to add it to master is the trick (as the derivation is a bit different to simplewallet) - do we stick to the current long-mnemonic derivation, and then use the MM derivation for short-mnemonics? Or do we provide a short version of the current long-mnemonic derivation, plus an extra short derivation for MyMonero-style keys?

Until we figure out the most appropriate way to integrate this it'll sit in this commit, but it can ALWAYS be integrated and released by any number of the 25 Monero core contributors in the event of MyMonero's sudden and unexpected demise:)

Good to know that

I want to say that I never meant anything in a negative way about MyMonero. I was just stating the things as I saw them. I believe MyMonero is very well done and provides a great service, and I never doubted that the seed/keys implementation would eventually come out . It's just that if I were to use MyMonero I would like to be sure that I can always access my funds, regardless of the availability of the service.

[fluffypony]

@fluffypony: is there a security flaw when using a simplewallet seed (25 words) to log in mymonero? is it recommended?

No, it's just easier to memorise / store 13 words (and the reduction in key space is somewhat negligible).

Just remember that MyMonero is a convenience service where you're giving out your view key and you accept the fact that it physically cannot be as secure as a full wallet on a full node.

[Arux]

I want to say that I never meant anything in a negative way about MyMonero. I was just stating the things as I saw them. I believe MyMonero is very well done and provides a great service, and I never doubted that the seed/keys implementation would eventually come out . It's just that if I were to use MyMonero I would like to be sure that I can always access my funds, regardless of the availability of the service.

in my case i like mymonero because i'm sure i can always access my funds regardless of the availability of my full node 

mymonero is definitively a trump card!

[opennux]

There's no need spreading fud in the roadmap thread.

Calling out lying scammers for who and what they are not "fud", it is the duty of any person of integrity. Something you would know nothing about.

Quote: "If you see fraud and don't shout fraud, you are a fraud"
  -- Nassim Taleb (author or Black Swan and Anti-fragility; credit to opennux for the quote).

I'll give you a few more, and they are readily applicable in the space:

Most people are sceptical about the wrong things and gullible about the wrong things.

If you take risks and face your fate with dignity, there is nothing you can do that makes you small; if you don't take risks, there is nothing you can do that makes you grand, nothing.

You will get the most attention from those who hate you. No friend, no admirer and no partner will flatter you with as much curiosity.

Success is about honour, feeling morally calibrated, absence of shame, not what some newspaper defines from an external metric.

Economics make homeopath and alternative healers look empirical and scientific.

[Anon136]

Didn't you wanted mainstream?

https://www.reddit.com/r/Bitcoin/comments/326ba2/someone_is_poking_around_at_my_coins/

Bitcoin wasn't made for mainstream.

Describe the primary use for your coinbase account
Describe the source of your incoming bitcoin transactions
Indicate the source of your income for bitcoin purchases
What's the nature of your outgoing transfers and what services are they related to
...
Please know that we take privacy ... very seriously.

It's like the twilight zone.

I don't think I will be using coinbase any longer. Next time I want to buy bitcoin ill just reach out to the community on the forums here and leverage my impeccable reputation.

[boomboom]

Didn't you wanted mainstream?

https://www.reddit.com/r/Bitcoin/comments/326ba2/someone_is_poking_around_at_my_coins/

Bitcoin wasn't made for mainstream.

Describe the primary use for your coinbase account
Describe the source of your incoming bitcoin transactions
Indicate the source of your income for bitcoin purchases
What's the nature of your outgoing transfers and what services are they related to
...
Please know that we take privacy ... very seriously.

It's like the twilight zone.

I don't think I will be using coinbase any longer. Next time I want to buy bitcoin ill just reach out to the community on the forums here and leverage my impeccable reputation.

That's crap, can't wait for decentralised exchanges!

[aminorex]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

[saddambitcoin]

Didn't you wanted mainstream?

https://www.reddit.com/r/Bitcoin/comments/326ba2/someone_is_poking_around_at_my_coins/

Bitcoin wasn't made for mainstream.

[coinbase kyc]

It's like the twilight zone.

I don't think I will be using coinbase any longer. Next time I want to buy bitcoin ill just reach out to the community on the forums here and leverage my impeccable reputation.

try localbitcoins for traders in your area. Or there might even be a bitcoin ATM, I noticed there are several in my location now. ATMs make it very easy to purchase anonymously. You do end up paying a premium for these coins but it can be nice sometimes for the convenience of not having to meet up with a stranger and hope everything goes well  

[Anon136]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

Sure you could use secret sharing to cooperatively develop a seed but how would you derive a view key pair or public spend key without either party knowing the seed and without also developing a private spend key in the process?

[aminorex]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

Sure you could use secret sharing to cooperatively develop a seed but how would you derive a view key pair or public spend key without either party knowing the seed and without also developing a private spend key in the process?

Simplest hack is to require a trusted third party to emit the secrets, distribute the shares.　　I know that is déclassé but it works, no code to write except to implement the automated bank, which is not a complicated script.  (Finding a fiduciary with suitable infrastructure and standing, willing to host, is a bit dicey.)

[smooth]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

Yes I interpreted the original "part of the seed" that way. If you just mechanically split a 128 bit seed in half without secret sharing it isn't very secure.

[Hueristic]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

Yes I interpreted the original "part of the seed" that way. If you just mechanically split a 128 bit seed in half without secret sharing it isn't very secure.

That would be for you guys to decide on, I am not a cryptographer. That's why I intentionally left that portion vague. I'm trying to flesh out the idea, however/if ever you guys use it that is up to you. I'm pretty sure this team of Devs could kick something like this out pretty quickly.

Unless I'm missing something it should be trivial? If not what would be the issue? Certainly not the choice of encryption right?

[smooth]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

Yes I interpreted the original "part of the seed" that way. If you just mechanically split a 128 bit seed in half without secret sharing it isn't very secure.

That would be for you guys to decide on, I am not a cryptographer. That's why I intentionally left that portion vague. I'm trying to flesh out the idea, however/if ever you guys use it that is up to you. I'm pretty sure this team of Devs could kick something like this out pretty quickly.

Unless I'm missing something it should be trivial? If not what would be the issue? Certainly not the choice of encryption right?

There are ways of generating a shared secret without a central party knowing the secret, but they are complicated. The case where MyMonero simply knows the secret and gives out shares to the parties is easy, but is also incompatible with the usual (and important) premise of MyMonero never knowing the spend key.

[Hueristic]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

Yes I interpreted the original "part of the seed" that way. If you just mechanically split a 128 bit seed in half without secret sharing it isn't very secure.

That would be for you guys to decide on, I am not a cryptographer. That's why I intentionally left that portion vague. I'm trying to flesh out the idea, however/if ever you guys use it that is up to you. I'm pretty sure this team of Devs could kick something like this out pretty quickly.

Unless I'm missing something it should be trivial? If not what would be the issue? Certainly not the choice of encryption right?

There are ways of generating a shared secret without a central party knowing the secret, but they are complicated. The case where MyMonero simply knows the secret and gives out shares to the parties is easy, but is also incompatible with the usual (and important) premise of MyMonero never knowing the spend key.

Understood but I am assuming this would be a burn address and without a trusted party for arbitrator how can you stop extortion of release?

[smooth]

In that case only both parties together would be able to retrieve the funds.

Better way is with secret sharing.  Same result as multisig, without the need of multisig.

Yes I interpreted the original "part of the seed" that way. If you just mechanically split a 128 bit seed in half without secret sharing it isn't very secure.

That would be for you guys to decide on, I am not a cryptographer. That's why I intentionally left that portion vague. I'm trying to flesh out the idea, however/if ever you guys use it that is up to you. I'm pretty sure this team of Devs could kick something like this out pretty quickly.

Unless I'm missing something it should be trivial? If not what would be the issue? Certainly not the choice of encryption right?

There are ways of generating a shared secret without a central party knowing the secret, but they are complicated. The case where MyMonero simply knows the secret and gives out shares to the parties is easy, but is also incompatible with the usual (and important) premise of MyMonero never knowing the spend key.

Understood but I am assuming this would be a burn address and without a trusted party for arbitrator how can you stop extortion of release?

Secret sharing can do all the usual multisig-ish things like having 2/3, 3/5 and so forth. So you could divide the secret between two parties and an arbitrator (2/3) for example. The hard part is still the setup though.

[aminorex]

just in case its not obvious to anyone (unlikely): dropping a symmetry requirement, the fiduciary and the escrow agent would typically be the same

[Vandalay23]

Hey Monero Community !!

Can anyone please guide me on how to create a custom Monero burn address, or generally in the Cryptonote protocol?

Will appreciate your kind help.

Create a wallet in a live environment in ram with a super long password (100+ characters) and don't write down it or the seed. Send your coins to the address. Why do you want to burn your coins?

Yeah, I guess I wasn't specific enough.
I'm looking for a way to create a provably unspendable burn address.
Meaning it should be obvious, for example contain a lot of consecutive X's.

keep generating wallets until you get one with a lot of x's.

this vanity address generator exists

https://monerotalk.org/t/vanity-address-generator/134

https://github.com/ehmry/monero-vanity

so you'll essentially publish the viewkey?

The idea is that nobody will have the private key so nobody will have the possibility to spend the funds.

I want to generate an address, to which it's highly improbable anyone will have the private key.

EDIT: Counterparty created such a BTC address back in the days of their launch

Couldn't you still take the same advice I gave but then take whatever address was given and replace the first 10-15 characters with something along the lines of "xxxxxmoneroxxxxx", then again, the viewkey would no longer work so you wouldn't be able to view it anyway. Interesting.

Will this address be valid? will it be possible to send coins to this address? will it be checksum approved?

Even if it did work, it wouldn't serve the purpose because without a viewkey, you can't prove what the address holds. And since the viewkey is derived from the private key, you won't have a valid viewkey.

I think the best course of action would be to somehow provably create a wallet address without ever retaining the files, seed words, and password. Then you'd still have a view key to see the balance but coins could never be spent. Not sure how you overcome the "trust factor".

The idea I thought of is to create 2 addresses, one normally generated address with public viewkey and the other one a burn address without viewkey at all as no one as access to it.
Burn process can be done in 2 steps: send the coins to first wallet and from this one to the burn address.
That way the transactions are visible to the public but no one has access to the receiving address.

Now, I'm not familiar with the Cryptonote checksum rules
Can anyone create an address with as many X's as possible and a valid checksum??

Bumping this one.
will pay 0.05 btc to the one who can create this address.

[Globb0]

Monero Price rises again after a sharp fall down to 0.003 BTC

Cool.

What is interesting to me is that, due to BTC fluctuations, XMR has been sitting at $0.82 USD for several days now.
https://moneropric.es/

Cool, is there a chart of the calculated price over time?

[DirtyUniverse]

I was switched my cpus to DASH mining but now i again switch to XMR.. I fell in love with Monero.

I want to write a post about Monero. I have personal blog (https://mehti.net) and tutorial blog (https://uzmanlarim.com). i writing in turkish language, however i can translate english into turkish. Can someone give me unique words about monero to introduce to the turkish folks. I can write guide for mining, create & download wallets etc, i just need description about monero.

Please PM me.

[wpalczynski]

I was switched my cpus to DASH mining but now i again switch to XMR.. I fell in love with Monero.

I want to write a post about Monero. I have personal blog (https://mehti.net) and tutorial blog (https://uzmanlarim.com). i writing in turkish language, however i can translate english into turkish. Can someone give me unique words about monero to introduce to the turkish folks. I can write guide for mining, create & download wallets etc, i just need description about monero.

Please PM me.

Try getmonero.org.  Lots of material there.

And Welcome!!