What's a bigger risk, one user being scammed by arb or a whole website goes down and never comes back? People think you are a scammer for good reason. Deliver a good product and stop talking crap about the other solutions. Different folks for different strokes. Xmrglobal is looking Hornier anyway.
Hello Nostr! I'm the dev behind OpenMonero.com
This is my first post. I'm here to bring transparency and harm reduction. Check out my latest audit for haveno: Shady arbiters can steal the entire liquidity from the order book. All you need is just 2 bots. Its crazy.
https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
Issue confirmed by official monero moderator on dread: http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/4e7e530582ff902b6903/#c-cac5570453f7fa9f42
Quote from /u/monero_desk_support: After some thoughts, I think you are right and that the arbitration system in Haveno doesn't prevent arbitrators from pulling the funds. They would need to create a bot that takes all the offers and automatically unlock the funds with the key of the taker and arbitrator
#introductions #Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides
Discussion
If the openmonero website goes down, the damage would be minimal. On the other hand, if the Haveno arbiter bots go rogue, they could rug pull at least 3177 XMR + 15% security deposits of all market makers. The difference is that openmonero's offers aren’t pre-funded, so there’s not much to steal.
#haveno #monero #rugpull #scam #hacking #opsec #xmr #retoswap #havenoreto #openmonero #exitscam
Security deposit yes. But how can they get the 3177 XMR in offers?
The Haveno network operators can steal 3177 XMR, assuming the investment stays safe and comes back to the taker bots. Once the investment returns, the same taker bot can just do the same thing again. In theory, one taker bot with an amount of XMR equal to the highest maker security deposit could clear out the entire order book since its balance goes up with every completed trade. So, it’s really just a matter of time before the whole order book is wiped out. Even worse, if you’ve got multiple taker and arbiter bots working simultaneously, you could clear the whole order book in just a second. All you need.
The reason is that a shady arbiter bot backs the taker bot and will side with them in any disputes. Moreover, the arbiter bot can also hit all the market makers with penalties, taking away their 15% security deposits.
You don't really need to invest a lot to liquidate the entire order book and my examples are not necessary (unless you want to clear the order book in the first round) as the balance of each taker bot demonstrates substantial, logarithmic growth following each transaction. This is because taker bots always go for the highest maker offer in the pot first.
#haveno #monero #rugpull #scam #hacking #opsec #xmr #retoswap #havenoreto #openmonero #exitscam
why not make a decentralized protocol, like how robosats does and publishes orderbooks on nostr, so that openmonero can be even more open and resilient in case it goes down?
Its already under construction.
Quote Simple: That’s cool, so in the future, this can work entirely as a front-end javascript linked to Nostr? Then the site itself could be on Arweave or IPFS.
Quote OpenMonero: The decentralized exchange will offer a selection of various escrow providers, arbitrators, and instances for users to choose from. Users will not be required to create accounts with each individual provider. All escrow providers utilize the same backend code, and to engage with a specific provider, one merely needs to be aware of its domain (no additional configuration or setup is required).
Trusted escrow providers will be hardcoded into the code, while untrusted providers will be accessible through an integrated distributed hash table (DHT) network. The utilization of a DHT is crucial, as hardcoded directories are inherently susceptible to censorship. Furthermore, this approach surpasses that of a federated network, since defederation is neither necessary nor possible; the reputation system in place effectively mitigates spam from the outset.
Source: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
Glad we have you hear. Keep us up to date.
If this goes decentralised before turning out to be a scam it could become a very important infrastructure project for Monero.
2 new repos have been released last week and the code is fully built on top of NOSTR.
Frontend: http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-dex
Backend: http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-dex-api
Demo: http://ek72x7tysgkrr754ce4np4e6ce5rtwtxphxibzmesnsbuyco5onlc5id.onion/