https://Rucknium.me

PGP key fingerprint: 5D5E 08A2 389D F225 ABD0 781B 291E 0C22 9D63 1697

  • 14 Posts
  • 12 Comments
Joined 1 year ago
cake
Cake day: July 4th, 2023

help-circle





  • I know Ruckinum ran an analysis and thinks this is not a black marble flood, but I can’t help but think it’s a way go somehow break the anonymity of monero, whether just sent amounts, or received amounts, which would still give a wealth of information.

    I didn’t run a quantitative analysis of the large number of 150-input transactions on May 2. I just guessed that it’s not an actual black marble flood since it doesn’t fit the definition or attack model of Noether, Noether, & Mackenzie (2014) and Chervinski, Kreutz, & Yu (2021).

    Are the transactions reused?

    Yes, each output can be re-used an unlimited number of times as a decoy in other transactions.

    If they are reused, then they can tell the real spend by discarding any spend that’s been used more than once. Is that correct?

    No. If every output that is created is spent, then on average each output will appear in 16 rings of other transactions. A Monero wallet do not check how many times an output has been used by other transactions when it is deciding which outputs to select as decoys.

    They run or have compromised a lot of ‘activist’ nodes and xpubs are sent to the nodes in light wallets, unsure if this is how it works, or if that was unique to Samourai’s whirlpool design. If this was the case, light wallets use currently online available servers, so chances are a user connects their wallet to tens of servers. Users who run their own nodes would be unaffected but I think the majority of monero users use light nodes.

    In normal operation, most Monero wallets do not send an “xpub” (in Monero this would be the Private View Key). The terminology can be confusing. In Monero, a “light wallet” is a wallet where the user gives a view key to a server to perform the blockchain scan on behalf of the user. The person or company running the server can see which transactions belong to the user and how much XMR is being sent to them. The MyMonero wallet works like this. Feather is not a light wallet with this definition, despite its name. Feather wallet and most wallets like Cake, Stack, the GUI/CLI wallets, etc., ask a local node (on the user’s own machine) or remote node (on someone else’s machine) for the entire blockchain data during a period of time and do the decryption of the wallets’ transactions on the user’s own device. That’s why wallet sync takes a long time for those wallets when they are opened after being closed for a long time.

    The remote nodes can collect some limited data like the user’s IP address (if the user is not using Tor) and the last time the user synced the wallet. A malicious remote node can attempt to give the user a false decoy/output distribution (this is what Feather was trying to prevent with the initial, but flawed, code) and it can give the user’s wallet an incorrect fee to pay (but the user can notice that the fee is too high and disconnect from the remote node. More information about remote node privacy is in Breaking Monero Episode 07: Remote Nodes (sorry for YouTube link. Use your favorite private YouTube front-end to view it): https://www.youtube.com/watch?v=n6Bxp0k7Uqg







  • Good question. You didn’t get hacked. You approved the payment to Mullvad.

    When you send XMR to an “integrated address”, Ledger does not display the integrated address on the device. It displays the raw Monero address. Mullvad probably uses integrated addresses.

    SethForPrivacy said:

    At present, the UX around integrated addresses can be confusing and even outright dangerous, like how the Ledger always displays the underlying address instead of the integrated address, making address verification difficult or impossible depending on the application.

    I don’t know if there are plans to fix this or if it can be fixed at all.



  • At the meeting, kayabaNerve (Luke Parker) suggested:

    What’d likely be easiest, in a pure-C++ way, is to explicitly intended Monero’s DKG to match MRL-0009 (if not already) and have it audited to line up. Then, a Musig2-esque CLSAG should be formalized (likely a modification of MRL-0009’s Musig-DN-esque CLSAG?) and Monero should explicitly intended to match it. The fact it lines up should be audited.

    My conclusion:

    If anyone really wants to work on multisig, especially in the direction of kayabanerve’s proposal, please speak up. IMHO, this was a productive conversation, but I don’t expect any action to be taken unless more labor [is] put toward the problem.

    Meeting log



  • It is interesting that it took nine transactions to empty the CCS wallet. Is that indicative of somebody new to monero?

    No.

    A donation wallet has lots of individual transaction outputs that need to be consolidated if you move the entire balance. A transaction that has a lot of inputs that consolidates these transactions will be large in kilobytes. Unless network transaction volume is high enough to push up the dynamic block size rules, the maximum block size is about 300 kilobytes. Transactions must fit inside a single block, so there is a limit to the number of inputs in a single transaction. Plus, you don’t want to create a transaction the full 300 kilobytes in size since miners’ block creation rules might not mine a transaction that large. The first theft transaction in the list was about 22 kilobytes with 33 inputs:

    https://xmrchain.net/search?value=ffc82e64dde43d3939354ca1445d41278aef0b80a7d16d7ca12ab9a88f5bc56a

    The next was 99 kilobytes with 146 inputs:

    https://xmrchain.net/search?value=08487d5dbf53dfb60008f6783d2784bc4c3b33e1a7db43356a0f61fb27ab90cc

    Etc.

    The full list: ffc82e64dde43d3939354ca1445d41278aef0b80a7d16d7ca12ab9a88f5bc56a 08487d5dbf53dfb60008f6783d2784bc4c3b33e1a7db43356a0f61fb27ab90cc 4b73bd9731f6e188c6fcebed91cc1eb25d2a96d183037c3e4b46e83dbf1868a9 8a5ed5483b5746bd0fa0bc4b7c4605dda1a3643e8bb9144c3f37eb13d46c1441 56dd063f42775600adf03ae1e7d7376813d9640c65f08916e3802dbfee489e2c e2ab762927637fe0255246f8795a02bd7bb99f905ae7afc21284e6ff9e7f73db 9bf312ed09da1e7dfce281a76ae2fc5b7b9edc35d31c9eb46b21d38500716b6b 837de977651136c18b0018269626be7155d477cc731c5ca907608a2db57ff6a8 9c278d1496788aee6c7f26556a3f6f2cbb7e109cd20400e0b2381f6c2d4e29f4










  • XMR donations to the MAGIC Monero Fund, which funds Monero research and development, are tax deductible for the donor if you file taxes in the USA: https://monerofund.org/ . Or donations can be made anonymously in XMR if donors do not care about making tax deductions.

    Recipients of funds, i.e. devs and researchers, must KYC to MAGIC. It’s a system that works for some devs. Others can use Monero’s Community Crowdsoucing System (CCS).

    (I’m on the MAGIC Monero Fund committee.)