Eat your heart out, nostr:nprofile1qqs936kc97s4k4gqjnmltljgqns0uadh08d77t5mypg3anxkneks37gpz3mhxue69uhhyetvv9ujuerpd46hxtnfduqs6amnwvaz7tmwdaejumr0ds5n22nz et. al.
LSPs can't tell if the pubkey in a bolt11 is the *real* destination or just another routing node
They *assume* it's usually the real destination but "YMMV" (i.e. they aren't sure)
Bolt11 has better privacy than a monero address
Source: https://x.com/PhoenixWallet/status/1916844583402590504
lol
>90% of the time it's going to be the real destination
which makes default surveillance possible
>90% of the time it's going to be the real destination
You don't know that
By default, surveillance has to deal with this heuristic: the sender doesn't know if the recipient's invoice uses a trampoline node or not. So he doesn't know if the pubkey in the invoice even belongs to the recipient.
In monero, the sender DOES know that information. The pubkey in a monero address always belongs to the recipient.
In monero, surveillance is possible by default
In lightning, it's not
the reason you are a disingenuous actor in this space is because you argue based on unstated assumptions
like positing access to the sending wallet
Please provide an example where chain analysts could not access the sending wallet
Here are two examples where they could access it and caught their target:
1. Finnish authorities trace monero from swap service to monero wallet to binance: https://cointelegraph.com/news/finnish-authorities-traced-monero-vastaamo-hack
2. Chainalysis traced monero and caught a Columbian criminal who used it: https://cointelegraph.com/news/chainalysis-leak-monero-traceability
oh please
ask me to prove a negative lol
not having access is the default condition.
the CA video is FULL of him showing transactions they cant trace.
you're just butthurt monero price is up and reaching for the usual FUD.
there are plenty of articles that cover how chainalysis finds their perps
I'm just asking for one where they did it without finding the sender
In every case I'm aware of, they find the sender first (often, they themselves *are* the sender, e.g. in the Finnish case I provided), then start tracing the payment once the recipient moves it -- they try to find out if he sent it to an exchange, or batched it together with his other payments, or did anything else useful with it
Sending your Monero to someone else, or another wallet you own, after you receive it is functionally no different from trampoline routing (besides the fact that it's done in a single step with the latter). In either case the sender doesn't know for sure where the money eventually ended up or if it was even spent to begin with.
This is like saying a mixer is functionally no different than a coinjoin
When you rely on someone else to hold your money temporarily and then send it to you later, you might get robbed
Lightning fixes this
disingenuous.
again.
churning monero doesn't give up custody in any way.
Oops, sorry, I missed the clause where you said "or another wallet you own" and only saw the part that said "Sending your Monero to someone else..."
I will try to read more carefully next time
still
churning xmr solves ALL the issues you're on about today
but sure, LN is ok because you might be sending to a proxy.
its the same picture.
There is no one holding money temporarily in this scenario. I think you misunderstood what I said.
If person A pays person B, then person B pays person C for a good/service, the original sender A has no idea where their money eventually ended up. From the perspective of A, person B could have sent it to someone else, themselves, or it could have never left their wallet to begin with.
That depends on how good the sender is at blockchain analysis. In the attached video, Chainalysis provides several examples of transactions where they *could* identify where the money eventually ended up.
E.g. at 26:55 they trace it from Morphtoken to the Columbian guy's wallet
At 30:43 they trace it from the Columbian guy's wallet to ChangeNow or Liquid Exchange
At 32:49 they trace another payment from the Columbian guy's wallet to Exodus Wallet
At 35:08 they do that again, except they aren't sure if it went to Exodus wallet or a mining pool
At 36:51 they trace another payment from the Columbian guy's wallet to centralized exchange, except they aren't sure if it went there or to a merchant point of sale page
And it was at that point that they nabbed him, because he accidentally leaked his ip address while using his wallet to pay that website
Yea, I won't disagree, if someone makes as many mistakes as the guy in this video (not masking IP address and using centralized exchanges) and everyone involved is colluding, Monero and Lightning probably aren't going to help much
Lightning would help a lot.
For one thing, the most popular monero wallets (Cake wallet, moneroj) don't send transactions to their peers, instead they connect to a random node from a list of RPC servers and send it in plaintext to them. Lightning wallets, by contrast, (1) encrypt your transactions and (2) only send the encrypted blob to a single node whom you have a channel with. That's way, way better.
For another thing, monero wallets reveal the recipient's address to the sender. They automatically log that information and if the sender is an exchange or other public entity, they can be subpoena'd and begin tracing the payment. Lightning wallets, by contrast, do not reveal the recipient's address to the sender -- not the channel, not the htlc, not anything that actually holds the money. They only get to see a public key that is used strictly for communication, and thanks to trampoline routing, it is quite common for that pubkey to not even belong to the recipient. That's way, way better.
For another thing, monero wallets list all possible senders in every transaction (unencrypted btw) and put that information on a permanent ledger. Lightning doesn't do that. So if a person is being targeted and uses monero to send their money to a centralized exchange, the exchange's address will show up in that transaction and -- if the exchange discloses their addresses to the police, as many do -- the police can subpoena them for information about what transactions sent them money. They can then show them a list where the target's address shows up as a possible sender in each transaction, which is very good evidence that he sent the money. The target can be caught that way, as happened in this finnish case: https://cointelegraph.com/news/finnish-authorities-traced-monero-vastaamo-hack
Since lightning wallets actually encrypt the sender and do not even share the encrypted blob with the recipient, it would help a lot if the guy chose lightning instead. The police would not see a transaction going to the exchange on the blockchain, would not know to contact them and ask them for more info, and even if they did, the exchange would not have any info to link the sender's wallet to any particular account. That's way, way better.
If a Lightning user is exposing their IP address to a malicious node/LSP/custodian and to the exchanges that are colluding with them (the things the person did in the video) none of that matters. They'll know it was you.
It does matter. The trace started by sending money to the perp and waiting for him to send it to an exchange, who they then contacted. They needed to see the transaction on the blockchain to know who to call. With lightning, they can't do that. They can't do step 2 -- the step where they watched the blockchain to see when the money moved, alerting them to check if it was sent to an exchange, who they could then get info from to find out whose account it entered. They wouldn't know it ever moved, or where, so they wouldn't know to call someone, or who to call.
"Hey, people were colluding with, let us know if any of these IP addresses interact with you"
???
Not rocket science...
In the finnish example they didn't know his ip address at the beginning. The only thing they could do was send money to him using his DNM website and then wait for him to do something with it. They did that, and when he sent the monero to an exchange, they recognized the address, contacted the exchange, asked them what account he sent the money into, got the KYC info for that account, and went to his house to arrest him.
That is an example of a situation that lightning fixes: they can send him money but they can't see when it moves next. So they don't know he sent it to an exchange, don't get to read the exchange's address off the blockchain, don't know to call them, and don't learn his KYC info.
you cant tell the real receiver of a monero tx *at all*
but homie wants you to think bolt11 is better because you MIGHT be sending to a proxy
Bolt11 is awesome, but "maybe the address is a trampoline address" is not superior privacy to "one of these addresses is a real address, but I have no idea which". That doesn't mean strong privacy on lightning is impossible, but let's get our facts straight.
Indeed, let's get our facts straight
In monero, the sender knows exactly where his money went, because he knows which "receiver" address is the real one and which is for change
In lightning, he doesn't know that, because (1) the pubkey in the invoice doesn't even receive any money, it's just for communication (2) it might not even belong to the recipient thanks to trampoline routing
By default, lightning privacy beats the pants off of monero
Comparing a monero sender to a lightning LSP is an apples to oranges comparison. The monero sender is the end user. The lightning LSP is just a proxy for the user. There is no "SP" in a monero transaction.
In both cases the end user knows exactly who they sent the money to (otherwise it would be a poor payment system).
In lightning the LSP is uncertain who the recipient is. In Monero there is no LSP at all.
Not having an LSP at all is better than having an LSP that is uncertain about the payment destination.
> is an apples to oranges comparison
True, but nonetheless, they can be compared, as evidenced by the fact that you and I have both compared them in this thread
> the end user knows exactly who they sent money to
They shouldn't. If I trade my btc for xmr on fixedfloat, they should not know who received it. Ideally they should not have any useful info about me that they can share with authorities. Who I am is none of their business; they should only know, did I pay the right amount, and if so, how to give me my xmr. The recipient should be as hidden as possible from the sender so that they have as little information as possible about him or her.
And in fact, lightning hides the recipient better than monero. It doesn't show the sender which address received the money (neither the channel nor the htlc). An invoice doesn't tell the sender anything about the recipient except a pubkey which is for communication only (it never holds any money) and often does not even belong to the recipient. If the sender logs this information and shares it with authorities, they don't get very much from it, and in particular nothing they can use to watch the blockchain to see where it moves next. Lightning "receive privacy" is much better than monero in this regard.
Lol, so you dodged the main point and decided to argue everything else. Anyone can see for themselves that it would be more private to not have an LSP in the first place, rather than hope that Bolt11 has confused their LSP sufficiently.
I don't think you're actually willing to accept new information here, so no point in arguing. I'm out. Cheers mate 🍻
It's more provate to have an LSP than not to, for the same reason that it's more private to use 6 tor relays to browse the web rather than the default of 3. The obfuscation method used by onion routing protocols uses improves with more hops between the sender and the recipient, and LSPs count as an extra hop. So it's better to have one than not.
