lol
>90% of the time it's going to be the real destination
which makes default surveillance possible
Eat your heart out, nostr:nprofile1qqs936kc97s4k4gqjnmltljgqns0uadh08d77t5mypg3anxkneks37gpz3mhxue69uhhyetvv9ujuerpd46hxtnfduqs6amnwvaz7tmwdaejumr0ds5n22nz et. al.
LSPs can't tell if the pubkey in a bolt11 is the *real* destination or just another routing node
They *assume* it's usually the real destination but "YMMV" (i.e. they aren't sure)
Bolt11 has better privacy than a monero address
Source: https://x.com/PhoenixWallet/status/1916844583402590504
Discussion
>90% of the time it's going to be the real destination
You don't know that
By default, surveillance has to deal with this heuristic: the sender doesn't know if the recipient's invoice uses a trampoline node or not. So he doesn't know if the pubkey in the invoice even belongs to the recipient.
In monero, the sender DOES know that information. The pubkey in a monero address always belongs to the recipient.
In monero, surveillance is possible by default
In lightning, it's not
the reason you are a disingenuous actor in this space is because you argue based on unstated assumptions
like positing access to the sending wallet
Please provide an example where chain analysts could not access the sending wallet
Here are two examples where they could access it and caught their target:
1. Finnish authorities trace monero from swap service to monero wallet to binance: https://cointelegraph.com/news/finnish-authorities-traced-monero-vastaamo-hack
2. Chainalysis traced monero and caught a Columbian criminal who used it: https://cointelegraph.com/news/chainalysis-leak-monero-traceability
oh please
ask me to prove a negative lol
not having access is the default condition.
the CA video is FULL of him showing transactions they cant trace.
you're just butthurt monero price is up and reaching for the usual FUD.
there are plenty of articles that cover how chainalysis finds their perps
I'm just asking for one where they did it without finding the sender
In every case I'm aware of, they find the sender first (often, they themselves *are* the sender, e.g. in the Finnish case I provided), then start tracing the payment once the recipient moves it -- they try to find out if he sent it to an exchange, or batched it together with his other payments, or did anything else useful with it
Sending your Monero to someone else, or another wallet you own, after you receive it is functionally no different from trampoline routing (besides the fact that it's done in a single step with the latter). In either case the sender doesn't know for sure where the money eventually ended up or if it was even spent to begin with.
This is like saying a mixer is functionally no different than a coinjoin
When you rely on someone else to hold your money temporarily and then send it to you later, you might get robbed
Lightning fixes this
disingenuous.
again.
churning monero doesn't give up custody in any way.
Oops, sorry, I missed the clause where you said "or another wallet you own" and only saw the part that said "Sending your Monero to someone else..."
I will try to read more carefully next time
still
churning xmr solves ALL the issues you're on about today
but sure, LN is ok because you might be sending to a proxy.
its the same picture.
There is no one holding money temporarily in this scenario. I think you misunderstood what I said.
If person A pays person B, then person B pays person C for a good/service, the original sender A has no idea where their money eventually ended up. From the perspective of A, person B could have sent it to someone else, themselves, or it could have never left their wallet to begin with.
That depends on how good the sender is at blockchain analysis. In the attached video, Chainalysis provides several examples of transactions where they *could* identify where the money eventually ended up.
E.g. at 26:55 they trace it from Morphtoken to the Columbian guy's wallet
At 30:43 they trace it from the Columbian guy's wallet to ChangeNow or Liquid Exchange
At 32:49 they trace another payment from the Columbian guy's wallet to Exodus Wallet
At 35:08 they do that again, except they aren't sure if it went to Exodus wallet or a mining pool
At 36:51 they trace another payment from the Columbian guy's wallet to centralized exchange, except they aren't sure if it went there or to a merchant point of sale page
And it was at that point that they nabbed him, because he accidentally leaked his ip address while using his wallet to pay that website
Yea, I won't disagree, if someone makes as many mistakes as the guy in this video (not masking IP address and using centralized exchanges) and everyone involved is colluding, Monero and Lightning probably aren't going to help much
Lightning would help a lot.
For one thing, the most popular monero wallets (Cake wallet, moneroj) don't send transactions to their peers, instead they connect to a random node from a list of RPC servers and send it in plaintext to them. Lightning wallets, by contrast, (1) encrypt your transactions and (2) only send the encrypted blob to a single node whom you have a channel with. That's way, way better.
For another thing, monero wallets reveal the recipient's address to the sender. They automatically log that information and if the sender is an exchange or other public entity, they can be subpoena'd and begin tracing the payment. Lightning wallets, by contrast, do not reveal the recipient's address to the sender -- not the channel, not the htlc, not anything that actually holds the money. They only get to see a public key that is used strictly for communication, and thanks to trampoline routing, it is quite common for that pubkey to not even belong to the recipient. That's way, way better.
For another thing, monero wallets list all possible senders in every transaction (unencrypted btw) and put that information on a permanent ledger. Lightning doesn't do that. So if a person is being targeted and uses monero to send their money to a centralized exchange, the exchange's address will show up in that transaction and -- if the exchange discloses their addresses to the police, as many do -- the police can subpoena them for information about what transactions sent them money. They can then show them a list where the target's address shows up as a possible sender in each transaction, which is very good evidence that he sent the money. The target can be caught that way, as happened in this finnish case: https://cointelegraph.com/news/finnish-authorities-traced-monero-vastaamo-hack
Since lightning wallets actually encrypt the sender and do not even share the encrypted blob with the recipient, it would help a lot if the guy chose lightning instead. The police would not see a transaction going to the exchange on the blockchain, would not know to contact them and ask them for more info, and even if they did, the exchange would not have any info to link the sender's wallet to any particular account. That's way, way better.
If a Lightning user is exposing their IP address to a malicious node/LSP/custodian and to the exchanges that are colluding with them (the things the person did in the video) none of that matters. They'll know it was you.
It does matter. The trace started by sending money to the perp and waiting for him to send it to an exchange, who they then contacted. They needed to see the transaction on the blockchain to know who to call. With lightning, they can't do that. They can't do step 2 -- the step where they watched the blockchain to see when the money moved, alerting them to check if it was sent to an exchange, who they could then get info from to find out whose account it entered. They wouldn't know it ever moved, or where, so they wouldn't know to call someone, or who to call.
"Hey, people were colluding with, let us know if any of these IP addresses interact with you"
???
Not rocket science...
In the finnish example they didn't know his ip address at the beginning. The only thing they could do was send money to him using his DNM website and then wait for him to do something with it. They did that, and when he sent the monero to an exchange, they recognized the address, contacted the exchange, asked them what account he sent the money into, got the KYC info for that account, and went to his house to arrest him.
That is an example of a situation that lightning fixes: they can send him money but they can't see when it moves next. So they don't know he sent it to an exchange, don't get to read the exchange's address off the blockchain, don't know to call them, and don't learn his KYC info.