Replying to Avatar Super Testnet

> I don't understand why it's worth the effort to make a big deal out of the address reuse mistake

Because address reuse is bad for privacy (the monero website recommends against it) and yet most monero wallets are designed to encourage it

> does lightning not have bolt12 and lnurl? if you reuse these, the sender will infer that it's you both times

Yes, that is equally bad for user privacy
Avatar
goatmeal 2w ago

I agree, address reuse is bad for privacy. but I have used multiple monero wallets and they tend to show a fresh, unused subaddress by default, just like most bitcoin wallets.

you can also tell which specific subaddresses got paid, and by how much. if someone guesses that you own different subaddresses and decides to pay you on the "wrong" one, you can see them doing that.

it's not very exciting to talk about opsec mistakes that are possible on both monero and lightning, or which can be easily mitigated. thry both have reusable addresses and neither of them forces you to reuse it.

additionally, tor is already baked into monero's electrum fork and it's a preview feature in cake wallet. some wallet developers have started looking at i2p as well. I am unhappy that it's necessary but I wouldn't exaggerate how difficult it is to integrate.

Reply to this note

Please Login to reply.

Discussion

Avatar
Super Testnet 2w ago 💬 1

Do those monwro wallets also show a contact list? Such features encourage address reuse, thus creating additional UX hurdles -- if you recommend a "user-friendly" monero wallet, you're probably recommending a privacy-harmful monero wallet

Avatar
goatmeal 2w ago 💬 1

yeah, and these super dangerous wallets also have a way to export your seed phrase. this can be privacy harmful if you accidentally write it on your forehead

they have a way to view your transaction history and some of them let you export it to CSV. this is incredibly dangerous for privacy in case you make a mistake and fax it to the police station

Avatar
2Pac 2w ago 💬 1

🤣

Legit lol at this

Avatar
goatmeal 2w ago 💬 1

I found a critical vulnerability that affects all monero wallets. they display the transaction amount on the user's computer screen. this will leak information about how much cocaine the user buys if the chupacabra sneaks up behind them and looks at the screen.

I disclosed the vulnerability to the featherwallet developers and they have been ignoring it for 8 months!

none of the lightning wallets are affected by this vulnerability because you cannot use lightning to buy cocaine anywhere.

Avatar
2Pac 2w ago 💬 2

Glad we can finally put this privacy debate to bed

😆

Avatar
Oshi (推し) 2w ago 💬 1

Thank the lord

Avatar
Hanshan 2w ago

its good for everyone to see the discussion happen ❤

Avatar
Hanshan 2w ago

it would be a lot easier to have a discussion about it

if certain parties didnt disingenuously insist that obviously dissimilar things were comparable

it requires A LOT more explanation to make it clear to the non-technical person why for example, its harder to link spends in monero than for most LN users

BuT iT TAlkS abOuT uSIng a dIFFeRenT WAlleT oN gETmOnEro dot ORg