[XMR] Monero - A secure, private, untraceable cryptocurrency

[stoffu]

Can someone please explain the difference between a secret and public view key.  I think I get it but want to be sure I understand it correctly. Can you give me an example of how secret key would be used vs. a public key.  

It's a general concept called public key cryptography common to many crypto systems including cryptocurrencies like Bitcoin and Monero. Abstractly speaking, a secret key is some random secret data of sufficient length (so that others can't reproduce it by attack or accident), and a public key is the result of some transformation of the secret key defined by the protocol:

Code:

P := COMPUTE_PUBKEY(x)

Importantly, you can't reverse-compute the secret key 'x' from the public key 'P'. Public keys are meant to be posted publicly, and in cryptocurrencies, they constitute wallet addresses.

The most critical role of the scheme for cryptocurrencies is message signing. Here, a message is essentially a transaction itself:

Code:

m := HASH("I, who owns funds assigned to these public keys, approve their transfer to those public keys")

The signer (i.e. the wallet owner) can generate some special piece of data called signature by using both the message and his secret key:

Code:

s := SIGN(m, x)

and importantly, this data satisfies the following special condition:

Code:

CHECK(m, P, s) == 1

Here, these functions (HASH, SIGN, CHECK) are all defined by the protocol. Importantly, the correct signature (with respect to a public key 'P') can be generated only by the one who knows its secret key 'x'. In other words, for any other wrong keys y != x, the resulting (fake) signature will always fail to check:

Code:

CHECK(m, P, SIGN(m, y)) == 0

Each transaction is accompanied by its signature, and each node in the network independently verifies that all the signatures are valid, ensuring the integrity of the system.

Another feature which is particularly important to Monero is key exchange (Diffie–Hellman, often called ECDH). This allows two parties to generate a shared secret key without ever transmitting their secret keys:

Code:

d1 := SHARED_SECRET(r, A)
d2 := SHARED_SECRET(a, R)

Here, 'a' and 'r' are secret keys and 'A' and 'R' are their corresponding public keys. Thanks to the design of the crypto scheme, 'd1' and 'd2' are guaranteed to be equal. In Monero, 'a' is the view secret key held by the receiver, and 'r' is the transaction secret key generated by the sender. This is the basis of the stealth addressing scheme which randomly generates destination public keys even when sending to the same wallet address.

[1714800571]

1714800571

[1714800571]

1714800571

[1714800571]

1714800571

[je@ngrey83]

Cool, these days the price goes up, is this because there is an impact of the bitcoin hardfork issue so many users are diverting to altcoin including Monero?

I like to believe that Monero is just one of the best coins out there.
And one of the few that is actually different and not a fork of bitcoin of sorts.
Other factors matter but this should be the core reason for people to buy XMR

[Chicken_76]

Yes, am using the current version. I started monerod.exe in a command window and as soon as it was synced, I left it running and started CLI in a new cmd window. Got the same result... Balance: 0 This is not looking good. Is there a command to show past transactions in the CLI wallet?

In the command-line wallet type:
 rescan_bc

[haampharco]

At the moment, investing in XMR is better than bitcoin. There are so many types of bitcoin and it makes investors confused.

[dEBRUYNE]

I'm not sure if this is where to post my question, but here goes:
I created and deposited Monero into a wallet months ago. I decided to update my wallet software, but when I give it my 25 word seed, it opens with nothing in the wallet. What am I doing wrong?

What did you enter as restore height?

[dEBRUYNE]

Can someone please explain the difference between a secret and public view key.  I think I get it but want to be sure I understand it correctly. Can you give me an example of how secret key would be used vs. a public key. 


Also been away from this forum for a long bit, got to catch up.  What is the current status of the official wallet?  Like I said have not been keeping up. 

Thanks.

To add to stoffu's post. The secret view key is a, whereas the public view key is A = a*G (G = the basepoint). Note that secret / private keys are commonly called scalars, whereas public keys are referred to as points. The private view key will allow you to decrypt a transaction that was sent to your address, because, as stoffu said, you can perform a*R = D (D is the shared secret) and check whether D == D'. By contrast, the public view key is used for (i) constructing your public address and (ii) generating a shared secret by the sender, i.e., the sender will generate the shared secret r*A = D'. More information can be found here:

https://monero.stackexchange.com/questions/1230/why-is-the-viewkey-able-to-track-incoming-transactions-but-not-outgoing-transac/

https://monero.stackexchange.com/questions/1409/constructing-a-stealth-monero-address/

https://monero.stackexchange.com/questions/764/how-is-the-one-time-address-generated-from-the-public-address

https://monero.stackexchange.com/questions/277/why-are-monero-addresses-so-long/

https://monero.stackexchange.com/questions/980/what-are-the-public-viewkeys-and-spendkeys/

[sgjenks01]

I'm not sure if this is where to post my question, but here goes:
I created and deposited Monero into a wallet months ago. I decided to update my wallet software, but when I give it my 25 word seed, it opens with nothing in the wallet. What am I doing wrong?

What did you enter as restore height?

zero
I think I may know the issue. The monero-wallet-cli.exe always starts by asking the name of the wallet. At the time I created the wallet (months ago), I recorded the 25 word seed. I didn't know the wallet name mattered. So, when I give it a name, it's not the correct name and then it wants to create a new wallet.

Now the question: Is there a way to recover without having the wallet name?

[Anon136]

Can you run Monero miner through TOR? If yes, what change would need to made to the bat file on the opening page? I'm using Windows.
thanks

Using Tor

While Monero isn't made to integrate with Tor, it can be used wrapped with torsocks, if you add --p2p-bind-ip 127.0.0.1 to the monerod command line. You also want to set DNS requests to go over TCP, so they'll be routed through Tor, by setting DNS_PUBLIC=tcp or use a particular DNS server with DNS_PUBLIC=tcp://a.b.c.d (default is 8.8.4.4, which is Google DNS). You may also disable IGD (UPnP port forwarding negotiation), which is pointless with Tor. To allow local connections from the wallet, you might have to add TORSOCKS_ALLOW_INBOUND=1, some OSes need it and some don't. Example:

DNS_PUBLIC=tcp torsocks monerod --p2p-bind-ip 127.0.0.1 --no-igd

or:

DNS_PUBLIC=tcp TORSOCKS_ALLOW_INBOUND=1 torsocks monerod --p2p-bind-ip 127.0.0.1 --no-igd

TAILS ships with a very restrictive set of firewall rules. Therefore, you need to add a rule to allow this connection too, in addition to telling torsocks to allow inbound connections. Full example:

sudo iptables -I OUTPUT 2 -p tcp -d 127.0.0.1 -m tcp --dport 18081 -j ACCEPT

DNS_PUBLIC=tcp torsocks ./monerod --p2p-bind-ip 127.0.0.1 --no-igd --rpc-bind-ip 127.0.0.1 --data-dir /home/amnesia/Persistent/your/directory/to/the/blockchain

./monero-wallet-cli

However, there is one gotcha to be careful about that is not (yet) mentioned in the README file. Each daemon has a node ID stored in the p2pstate.bin file. If you switch between Tor and clearnet, this node ID can be used to link the two, associating an IP address with your Tor session.
To avoid this issue either:
Always run over Tor, never over clearnet (not even one time); or
When switching between Tor and clearnet (in either direction), delete the p2pstate file. This will generate a brand new random node ID.
Even when using method #1 you still may wish to periodically delete p2pstate.bin to avoid having your Tor sessions potentially associated with each other.
In the future this node ID will need to be replaced with a different mechanism, but for now, take care and protect your privacy.
Finally, when running over Tor and receiving transactions, you must be careful to ensure that your view of the Monero network is not poisoned by exit node spoofing. To do this check the top hash using the diff command in your daemon, and compare it with the top hash shown on trusted sites such as well-known chain explorers. You can also run your own node on clearnet and use it only for receiving transactions, but not sending.

This is all temporary. Kovri is under heavy development and once released will make all of this obsolete.

[Chicken_76]

zero
I think I may know the issue. The monero-wallet-cli.exe always starts by asking the name of the wallet. At the time I created the wallet (months ago), I recorded the 25 word seed. I didn't know the wallet name mattered. So, when I give it a name, it's not the correct name and then it wants to create a new wallet.

Now the question: Is there a way to recover without having the wallet name?

Look in that folder for files ending in .keys
Those are what you need to access your funds.
For example, if there's a file abc123.keys, you would load the wallet like this:

Code:

monero-wallet-cli.exe --wallet-file abc123

Do this for every .keys file you find and check their balance until you find in which wallet your funds are.

[rickgejr]

Anybody know if this is legitimate?

http://www.pop-coin.co

Not secure. Hidden.

Another XMR Website miner?

[luksbit]

At the moment, investing in XMR is better than bitcoin. There are so many types of bitcoin and it makes investors confused.

What would be your justification for such a statement? I still believe that Bitcoin is still the most reliable investment medium

[TheFuzzStone]

Coглaceн Moнepo oчeнь пepcпeктивнaя мoнeткa, и eё нyжнo имeть в cвoём пopтфeлe

Этo aнглoязычнaя вeткa.

So please go here. If you need additional info in russian language, check our local forum.

[revelacaogr]

warning

PSA: LocalMonero.com has been acquired by a competitor and the competitor is now using it to redirect all traffic to their own site. This is unethical and almost certainly illegal. We've attempted to rectify this situation peacefully but the competitor is refusing to cooperate. Details inside.
by Alex_LocalMoneroLocalMonero Staff

EDIT: We will no longer be replying to this thread, we need to get back to work on the site. Thanks for all the support!
Who are you?

LocalMonero! We've been around for about 3 months and position ourselves to be the Monero equivalent of LocalBitcoins. Many members of the Monero community here on reddit have had experiences with us and so far most people seem to think we're OK.
Can you give me some background on this situation?

LocalMonero is operating from the domain localmonero.co, since we weren't able to acquire the localmonero.com due to being unable to reach the owner of that domain at that time. At that point in time (and even after our August 25 launch) that page had no content, it was parked or squatted by someone.
On August 25th, 2017, LocalMonero officially launched, and this is considered to be the date of establishment in commercial use, protecting our trademark in common law jurisdictions.
On September 5th, 2017 (10 days after our launch), we've noticed that localmonero.com now put up an pre-announcement page, inviting people to leave their email to be notified on localmonero.com's launch. Here's that page archived.
Obviously, we got worried, and so we immediately also applied for an EU trademark just in case (since EU isn't common law, and in EU trademark law the first to apply are the ones who get the trademark protection, and not the ones who first establish a brand in commercial use). Thankfully, we were the first to apply, no other "LocalMonero" trademark existed when we submitted our application. We've also attempted to contact the owners of localmonero.com once again, to no avail.
On November 16th, 2017 (~2.5 months after our launch), localmonero.com's registration updated, possibly indicating a new owner..........

https://np.reddit.com/r/Monero/comments/7g5vhi/psa_localmonerocom_has_been_acquired_by_a/

[pönde]

I am using monero v0.11.1.0 on Linux Ubuntu


I created a full wallet with CLI. It took about 4 minutes to sync with remote node.

I created a view only wallet with CLI. It will take maybe an hour to sync with remote node.

I created a full wallet with GUI. It took about 7 minutes to sync with remote node.

I created a view only wallet with GUI it will take maybe many hours to sync with remote node.


Why there is such a huge difference sync time?


Anyway when I sync any of those wallets to localhost, to the blockchain on my own laptop, the sync seems to be very fast. Just a few minutes. Then only the blockchain sync to other nodes takes time, but it has to be done from scratch only once.

[Kanahide]

At the moment, investing in XMR is better than bitcoin. There are so many types of bitcoin and it makes investors confused.

Why not invest in both?
I like the reality of bitcoin reaching 100k or even more than that.
Its always good to have just one bitcoin, im always amazed at the new All time highs its reaching.
This shows us that we are at the very begining, more people realize the potential of the cryptoworld. Im really interessed in what highs monero, bitcoin and deeponion will reach.
Those are my maincoins. i hope they will explode even more
regards

[Coindgr]

This is all temporary. Kovri is under heavy development and once released will make all of this obsolete.

                           
Is the Kovri going to run under TOR? or does it have a different method?

[Andretti83]

This is all temporary. Kovri is under heavy development and once released will make all of this obsolete.

                           
Is the Kovri going to run under TOR? or does it have a different method?

I2P

[sgjenks01]

zero
I think I may know the issue. The monero-wallet-cli.exe always starts by asking the name of the wallet. At the time I created the wallet (months ago), I recorded the 25 word seed. I didn't know the wallet name mattered. So, when I give it a name, it's not the correct name and then it wants to create a new wallet.

Now the question: Is there a way to recover without having the wallet name?

For example, if there's a file abc123.keys, you would load the wallet like this:

Code:

monero-wallet-cli.exe --wallet-file abc123

Do this for every .keys file you find and check their balance until you find in which wallet your funds are.

I found a .keys file with a date stamp from May, which is when I would have set up the wallet. When I used the wallet name to start wallet-cli, it asked for a password and I gave it the password I had used in May and the wallet opened, showing no balance. I tried rescan_bc and it came back with zero balance.

Unless you have another idea, I think I'm sunk.

[Hueristic]

This is all temporary. Kovri is under heavy development and once released will make all of this obsolete.

                           
Is the Kovri going to run under TOR? or does it have a different method?

From what I understand the Korvi devs are working directly with I2P dev team and are contributing to both. Thats a pretty good feeling if your worried about the end result.

[Anon136]

This is all temporary. Kovri is under heavy development and once released will make all of this obsolete.

                         
Is the Kovri going to run under TOR? or does it have a different method?

Garlic routing:  is a variant of Onion routing that encrypts multiple messages together to make it more difficult for attackers to perform traffic analysis. To protect the identity of the sender, messages are encrypted multiple times with the public keys of selected nodes on the network. To be delivered the encrypted packets must be received by routers selected by the sender, in the order specified by the sender. Differently from Onion routing an encrypted packet ("onion") can contain multiple packets ("cloves") with different destinations, and the sender is not required to specify a return path for the message.

Garlic routing is a modest improvement over onion routing but it will probably always be difficult to achieve high levels of privacy in a network where messages must ultimately, at some point, be location addressed. To really truly get private networks we will probably need breakthroughs in physics not computer science. But hey you know, if privacy is really really important to you, you can always make sure your location doesn't identify you personally. The proverbial don't shit where you eat.