Nostr Web Client

> He is using the view key to see things that are available by design for the sender. ... This is actually a feature, not a bug nor a weakness.

It has led to at least two people getting arrested.

The Finnish guy in this article: https://cointelegraph.com/news/finnish-authorities-traced-monero-vastaamo-hack got arrested after a CEX used this "feature" to trace his payment from their exchange to his private wallet. This "feature" told them the precise pubkey which held the money, which allowed them to tell the authorities to watch the blockchain for that pubkey to show up in future ring sigs. When it did, they discovered that he sent it to binance, where they got his KYC info and arrested him.

Nearly the same thing happened to the Columbian guy in this video: https://v.nostr.build/D4Nzp22vRF35IRnz.mp4

Morphtoken sent his monero to his private wallet, and the authorities subpoena'd them to find out what pubkey they sent it to. They told them, and then they watched that pubkey to see if it showed up in future ring sigs. It did, and they kept tracing it forward til he sent a pair of transactions via a "poisoned node" (one run by Chainalysis) without a VPN, and these transactions sent the money to a centralized exchange and a point of sale system. They were able to get his KYC info from one of them (probably the exchange) and arrested him.

So the "it's a feature, not a bug" cope rings hollow. Lightning is way better for your privacy because the sender does not know what channel his money ends up in. He cannot give that info to authorities because he does not have it, so they do not know where to watch for future transactions, so they never get to contact an exchange and ask for more details about a particular inbound transaction. Lightning fixes Monero's "feature, not a bug" problem where senders can see where their money goes and then report that info to authorities.

Super Testnet 8mo ago

> How did he do that?!?

I was able to do it because of a flaw in monero: by design, the sender knows what address he sends his money into and can report that info to authorities with cryptographic proof. This has led to multiple legal charges against monero users, see the attached thread for more info.

Lightning, of course, fixes this. nostr:nevent1qqs9t6glu9k3ps7ct6ad8a3cj9jfntxvlhayh8e3cc56rf4ghdpcjnsppamhxue69uhkummnw3ezumt0d5qs6amnwvaz7tmwdaejumr0dspzqgvra9r4sjqapufyl0vnc4kv4fz70e29em4c655y37vz206f0wt45p7m94

Reply to this note

Please Login to reply.

Discussion

TheGrinder 8mo ago

the sender knows where he's sending the money too? Like with Bitcoin on the base layer? That's wild.

Super Testnet 8mo ago

Lightning fixes this.

TheGrinder 8mo ago

Sending the received monero to another address fixes this too. Unless you know who that person ends your money trail ends right there.

TheGrinder 8mo ago

* who that person is

fat fingering a lot today

Super Testnet 8mo ago

Churning only sometimes works. This thread explains some of the reasons why: https://www.reddit.com/r/Monero/comments/oz69hf/churning_why_is_too_much_detrimental_to_privacy/

One that I'd like to highlight is that Chainalysis tracing video shows a bunch of monero transactions where they managed to eliminate all of the decoys and identify the true spend. Churning makes another transaction where they have to do that in order to see where it goes next, which probably helps since they can't always eliminate all decoys (I don't even think they can *usually* do it), but your mileage may vary.

Saberhagen The Nameless 8mo ago

You can't tell me the total balance in my wallet or the final destination either (same challenge you gave me for your Lightning invoice)

I know at least the public key of the first hop involved (potentially final destination) and can report that info to the authorities in the same way along with the invoice and preimage for cryptographic proof that I paid 🤷‍♂️

Super Testnet 8mo ago

> You can't tell me the total balance in my wallet

True, just the one address

> or the final destination either

I can tell you that: it's the address I identified. That was the final destination.

> I know at least the public key of the first hop involved (potentially final destination)

True, but knowing the first hop does not get you very far, even though it is potentially the final destination. At least not in countries where you need more than a maybe to put someone in jail.

Saberhagen The Nameless 8mo ago

>"I can tell you that: it's the address I identified. That was the final destination."

You sure it's final? So is it still there?

How are you sure the address on my profile is mine either? Maybe I just put someone elses up there for fun.

Super Testnet 8mo ago

> You sure it's final? So is it still there?

I am not sure anymore, but I don't think that matters. By "final destination" I don't mean" it never moved again." When I "arrive at my final destination" via Google Maps, it does not imply that I will never leave that place. It just means I am done moving for purposes of that trip. When I sent my money to you, the "trip" was getting the money into your address. I know I did that, so the trip was finished -- it got to its final destination. If you moved it out again afterwards, that is a separate trip and is unrelated to mine.

> How are you sure the address on my profile is mine either?

I don't. But I know it's the one you told me, so that's good enough for me.