Nostr Web Client

If you are trying to keep two identities separate when using Monero, don't generate receive sub addresses from the same seed phrase, use sub addresses from one seed for one identity and from a different seed for another identity.

If you don't than you can get targeted by what is called a Janus Attack, which can link your sub addresses together if they all originate from the same seed. This only matters if you are giving out receive addresses to get XMR sent to you, not for sending XMR.

#monero #opsec #privacy

Hanshan 9mo ago 💬 1

as I understand it

you have receive money from the same (or colluding) counterparty two times (A and B),

they suspect you're the same person and are skilled enough to create a custom transaction B to test their theory,

then when you confirm receipt of the funds out of band

they then know you also control subaddress A.

so its a little more interactive than you said

but yeah, keeping separate wallets for separate uses is a good idea ❤️

Reply to this note

Please Login to reply.

Discussion

thoughtcrimeboss 9mo ago 💬 2

Do you know a good place to learn more about this specific kind of attack? I was having trouble finding much information about it other than the breaking monero video.

tuco 9mo ago

https://web.getmonero.org/2019/10/18/subaddress-janus.html

thoughtcrimeboss 9mo ago

Thank you