Nihilist puts out another very informative article, great work!
my pleasure ;) (if i missed anything, feel free to let me know btw)
Super helpful, although I’m wondering if running your own node could potentially expose you as well in case someone really wants to find you? Like are there any security risks? And what if others find your node and connect to it would they be able to see your IP?
Just asking because I’m not very familiar with the technology and want to make sure I’m using monero as intended, that is anonymously.
if you run your own node, it means that the adversary needs to come and ask you directly to give you the details of who connected to the node. and if you keep Tor in between you and your own node, you’re maintaining anonymity aswell.
if others find your (remote) node its not changing anything, you’re making it available for them to use monero
but still they should run their own monero node to keep decentralizing further
Alright got it, but regarding TOR aren’t there also vulnerabilities with compromised exit nodes? I feel like once you go down the rabbit hole of trying to achieve true anonymity there’s always another layer of complications if you wanna do things right.
OK centralized exchanges and chainanalysis know that I own monero ?
Then what ? How is it bad ? They still can’t figure out what I’m doing with it. The maximum they could ever tell is that I am spending some. They couldn’t tell in what amounts and to whom.
My privacy isn’t affected in any way.
small detail, centralised exchanges know how much monero went through them. for that particular account. If you KYC’d there, they know how much monero YOU bought or sold on their platform
isn’t it better to use Decentralized exchanges or instant exchange services for Monero transactions in this case?
In a dystopian world, just owning XMR will soon become grounds for a criminal investigation leading to harassment.
Nihilist, since you’ve watched the video can you make another post on the “heuristics” the presenter was talking about? I think the community needs to know how exactly their automated tool discards decoys from the list of transactions to consider.
they discard the decoys when they’re given the transactions of interest, this lets them know that this transaction they saw on their node actually comes from that subphoenable entity (centralised exchange), from there they have the list of transactions that went through and they can rule out the dandelion decoys. but otherwise they can’t.
I also mentionned that they are looking at the fee structure on their malicious nodes, hence my recommendation to use the default fees. not sure if they’re actually using the rest. (number of inputs and outputs ?)
Thanks
