Nostr Web Client

shortwavesurfer2009

I am actually considering using both. The zero-deposit offers on Haveno would not be subject to taker bots because a password is generated on the client side that must be entered before the offer can be taken which would make them immune to the bot issue you bring up. OpenMonero has a UX advantage since there is no software needed and it just runs in a browser like LocalMonero did. It seems to me the best solution is not one or the other. It's both.

894c61fd... 10mo ago 💬 1

Basically, the haveno network operator can give admin roles to both taker and arbiter bots as well, which lets them ignore any rules in place. This speeds up things a lot since there’s no need to put down a security deposit for each taker bot, allowing all maker funds to be unlocked right away. These bots only work on the API level, so they don't mess with the user interface.

Because of this, it doesn’t really matter if you set up limitations on the frontend or the public API; the admin bots will always be able to access the protected API endpoints. This access is key to getting around rules like security deposits, rate limits, or any other client-side requirements for takers or arbiters.

The admin bots won’t use the public API, since developers would catch any shady changes to it. Instead, they’ll send requests to a protected API run by the network operator on a low-cost VPS for about $5 USD. Only the admin bots (taker and arbiter) will have the keys to access this protected API. This API will basically look like the public API but will have tweaks to bypass all those rules. So, only the maker will use the public API and will have to follow its rules.

To make things work, all you really need is the admin key, a protected API, and a few VPS servers for the taker and arbiter bots. These taker bots will throw the admin keys into the headers of their requests. If a normal taker tries to hit up the protected API without the admin keys, the request won't work. It’s actually pretty simple, and it might have been overlooked because of that.

Also, it’s good to remember that multi-signature setups only make sense when there’s no admin or network operator. The operator is always a single point of failure and can sidestep any limits on the API using their admin keys.

If anyone has a solid reason why this wouldn’t actually work, I’d love to hear it. When someone has the admin keys for their network, they can pretty much do whatever they want and set the rules while everyone else has to follow along.

To wrap it up, everyone in the haveno network, the taker, the arbiter, and the maker will get a key in the multi-sig trade. But there's also a fourth key, called the "magic key" that can do a bunch of powerful things, some of which could be a bit risky.

Reference: https://archive.ph/GsDsn

Thread: https://primal.net/e/nevent1qvzqqqqqqyqzqpg8r34v5d5z4ecxmc0c749cwjalaw4xu2ttpnh8zms0lhfepg450s7qlk

Interview: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html

#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex

Reply to this note

Please Login to reply.

Discussion

Saberhagen The Nameless 10mo ago 💬 3

I've been using RetoSwap since it came out earlier last year and have had no problems. But it still seems like good points you bring up.

Any ideas on what could improve Haveno in this regard?

What would you say are some downsides of using OpenMonero vs Haveno?

I'm open to using OpenMonero, but seems very new. I just think you guys need more time to build trust and reputation with the community at large. It seems like you guys are also a similar model to LocalMonero so have the same centralized point of failure(which I hoped we could get away from). Maybe the only difference being you're operating somewhat anonymously?(true?)

894c61fd... 10mo ago 💬 1

Let's be real, nothing comes for free. The fact that there are no arbitration fees on the retoswap network might make you think that users are actually the product. If you dig a little deeper, you'll find a bunch of issues, with the risk of exit scams being a big one.

A decentralized node network is only secure if there's no admin who can circumvent the rules. To address the exit scam issue, either eliminate the admin or remove the liquidity.

People want to trade online without the hassle of installing software, which can threaten their privacy. Trusting someone to keep your computer safe isn’t easy, and even open-source code can have hidden risks since most don’t compile it themselves. With OpenMonero, you can avoid those worries because it’s just a website that doesn’t need permissions.

The built-in non-custodial wallet for haveno funds isn’t very secure either, since private keys could be logged, and the project isn’t truly decentralized. The GitHub repo isn’t easy to fork, it’s built in Java and is pretty complicated. The more complex the code is, the tougher it gets for developers to spot vulnerabilities or malicious code.

Haveno is better at resisting censorship than OpenMonero, but this mainly benefits the admin. Without a reputation system, vendors can't import any stats to other platforms, leaving their accounts on Haveno fairly low in value. It’s unlikely that any former LocalMonero vendor, who has built up their reputation over the years, would want to use this system.

OpenMonero launched in June 2024, and I've recently started promoting it on social media. I encourage you to check out our list of over 150 verified vendors, including respected LocalMonero traders. If these vendors have confidence in the platform, users are likely to feel the same way.

Vendor list: https://nojs.openmonero.com/guides/how-to-import-reputation#cachedUserList

Reference: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html

Reference: https://primal.net/e/nevent1qqsq2pcudt9rdq4wwpk7r784fwr5h0lt4fhzj6cvaeckurla6wg29dqkrrz7a

#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex #cex #moneroju #xmrbaazar #security #agorism #cypherphunk

shortwavesurfer2009 10mo ago

There will be fees on Reto again after December of 2025. The only reason there are not fees currently is because there is an agreement in place with some people from the Monero community who are funding it until there is more volume. Ask in the SimpleX room.