Nostr Web Client

STN makes good points about LNs privacy

and good points about Moneros weaknesses.

but he completely REFUSES to ever acknowledge the UX problems in achieving *comparable privacy guarantees* with LN.

this is just the latest version of "LN will fix bitcoin privacy" that we've been hearing for 7 years now.

it's not that it's not possible,

its that its hard and if your security guarentees were broken you would never know because you dont have L1 consensus-level security.

Super Testnet 2w ago 💬 3

> he complete REFUSES to ever acknowledge the UX problems

I acknowledge that UX problems exist in LN. I deny that similar problems are absent from monero.

Per the monero website, here are some UX problems with monero:

- Users shouldn't reuse a monero *address*

- Users shouldn't even reuse a monero *wallet* (i.e. you should delete your wallet after each use and make an entirely new *wallet* for the next use, according to the monero website)

- Users should run a monero node, not a phone wallet

The website doesn't say the following thing, but users should also use tor/i2p/vpns if they use a monero *node,* but it's needlessly difficult to do so because many important people in the project basically disagree with that. The monero github even says in its readme "Monero isn't made to integrate with Tor" and discusses the hoops users need to jump through to get it to work with tor. It's got serious UX problems and most monero influencers just don't want to admit that because the phone wallets are easy -- and the monero website recommends not to use those!

Reply to this note

Please Login to reply.

Discussion

Hanshan 2w ago 💬 2

So much bullshit, so little time...

lets start here,

mind showing me where on the monero website it says "users should delete and make an entirely new wallet for each use"?

Super Testnet 2w ago 💬 5

Evidence against reusing a monero wallet: “If you need perfect unlinkability of your receivables, the only solution remains to use a separate seed (separate Monero wallet).” source: https://docs.getmonero.org/public-address/subaddress/

Evidence against reusing a monero address: “To prevent the payer from linking your payouts together [you must] generate a new subaddress for each payout.” source: https://docs.getmonero.org/public-address/subaddress/

Evidence for running a monero node, not a phone wallet: “It's always advisable, especially for privacy-conscious users, to use a personal node when transacting on the network to achieve the highest rate of privacy.” source: https://www.getmonero.org/get-started/faq/

Evidence of difficulty of using monero on tor:

goatmeal 2w ago 💬 1

I don't understand why it's worth the effort to make a big deal out of the address reuse mistake. does lightning not have bolt12 and lnurl? if you reuse these, the sender will infer that it's you both times.

Super Testnet 2w ago 💬 2

> I don't understand why it's worth the effort to make a big deal out of the address reuse mistake

Because address reuse is bad for privacy (the monero website recommends against it) and yet most monero wallets are designed to encourage it

> does lightning not have bolt12 and lnurl? if you reuse these, the sender will infer that it's you both times

Yes, that is equally bad for user privacy

goatmeal 2w ago

I agree, address reuse is bad for privacy. but I have used multiple monero wallets and they tend to show a fresh, unused subaddress by default, just like most bitcoin wallets.

you can also tell which specific subaddresses got paid, and by how much. if someone guesses that you own different subaddresses and decides to pay you on the "wrong" one, you can see them doing that.

it's not very exciting to talk about opsec mistakes that are possible on both monero and lightning, or which can be easily mitigated. thry both have reusable addresses and neither of them forces you to reuse it.

additionally, tor is already baked into monero's electrum fork and it's a preview feature in cake wallet. some wallet developers have started looking at i2p as well. I am unhappy that it's necessary but I wouldn't exaggerate how difficult it is to integrate.

Super Testnet 2w ago 💬 1

Do those monwro wallets also show a contact list? Such features encourage address reuse, thus creating additional UX hurdles -- if you recommend a "user-friendly" monero wallet, you're probably recommending a privacy-harmful monero wallet

goatmeal 2w ago 💬 1

yeah, and these super dangerous wallets also have a way to export your seed phrase. this can be privacy harmful if you accidentally write it on your forehead

they have a way to view your transaction history and some of them let you export it to CSV. this is incredibly dangerous for privacy in case you make a mistake and fax it to the police station

2Pac 2w ago 💬 1

🤣

Legit lol at this

goatmeal 2w ago 💬 1

I found a critical vulnerability that affects all monero wallets. they display the transaction amount on the user's computer screen. this will leak information about how much cocaine the user buys if the chupacabra sneaks up behind them and looks at the screen.

I disclosed the vulnerability to the featherwallet developers and they have been ignoring it for 8 months!

none of the lightning wallets are affected by this vulnerability because you cannot use lightning to buy cocaine anywhere.

2Pac 2w ago 💬 2

Glad we can finally put this privacy debate to bed

😆

Oshi (推し) 2w ago 💬 1

Thank the lord

Hanshan 2w ago

its good for everyone to see the discussion happen ❤

Hanshan 2w ago

it would be a lot easier to have a discussion about it

if certain parties didnt disingenuously insist that obviously dissimilar things were comparable

it requires A LOT more explanation to make it clear to the non-technical person why for example, its harder to link spends in monero than for most LN users

BuT iT TAlkS abOuT uSIng a dIFFeRenT WAlleT oN gETmOnEro dot ORg

Hanshan 2w ago

So this is the point in the conversation where STN starts talking about problems with blockchain privacy,

but somehow makes it all about Monero.

i guess because the monero website talks about these problems?

and yea, transacting on an L2 solves some of those problems.

LN remains an beta-tested and largely ignored payment system and you don't know how it's going to play out.

for example.

in actually practice, since most users either have one big channel with an LSP

or are using phoenix or muun or something,

you don't have unlinkabiity of txs on LN EITHER.

GTFO with that bullshit

Super Testnet 2w ago 💬 3

> STN starts talking about problems with bbllpckchain privacy, but somehow makes it all about Monero

These problems apply to other blockchain-based privacy systems too

The fact that other terrible systems also have these problems is no excuse for monero

Hanshan 2w ago

leave it.

transaction unlinkabiity is better using monero subaddresses with the monero gui wallet or whatever

than with Phoenix or muun or any sovereign node with just a channel or two

and that's #facts folks

Super Testnet 2w ago 💬 1

Then how come I can trace my xmr transactions to you but you can't trace your xmr transactions to me? I'll even use Phoenix if it helps you

Super Testnet 2w ago

Oops, I meant "your LN transactions to me"

Hanshan 2w ago 💬 1

are you drunk?

that isn't what we are talking about.

YOU'RE saying because there's a possible *active attack* on a monero user that could be executed by a sophisticated adversary that could result in them linking two subaddresses together (OMG),

users should always send from a new wallet by default.

(which is bullshit)

and as if most LN users transactions aren't trivially linked together by their custodian or the one or two LSPs they have a channel with...

now you want to talk about knowing where the money goes?

well ok I guess

but you haven't said anything about your first FUD yet.

Super Testnet 2w ago 💬 1

> which is bullshit

If "create an entirely new wallet for every tx" is bad advice then maybe submit a PR to withdraw that advice from the monero project's website

> most LN users transactions [are] trivially linked together by their custodian or the one or two LSPs they have a channel with

I acknowledge that most LN users are not using it in a privacy preserving way. Do you acknowledge that most monero users aren't?

Hanshan 2w ago

And since I don't want to do a real long one of these and go through and count all the disingenuous bullshit,

just one more

thank goodness everybody now knows that you can avoid the trials and tribulations of passing those flags to your Monero node,

by just running a full stack lightning node.

Super Testnet 2w ago 💬 1

To get decent privacy on monero, you have to install and configure a monero node

Might as well get superior privacy by installing and configuring an LN node instead

Hanshan 2w ago

nobody who has even done both of these thinks they are equivalent ,

and you look dumb suggesting they are similar.

Yena 2w ago

Lots of more privacy problems listed on the OFFICIAL getmonero website. Lightning does not have these issues. Admits monero users will be POOR:

"If you use Monero but give your name and address to another party, the other party will not magically forget your name and address."

"If you give out your secret keys, others will know what you've done. If you get compromised, others will be able to keylog you."

"If you backup your seed in the cloud, you'll be poorer soon"

read it for yourself!

source:

https://www.getmonero.org/get-started/faq/#anchor-magic

Daedalus 2w ago 💬 3

monerod --proxy 127.0.0.1:9050 or add proxy=127.0.0.1:9050 to the monerod.conf file then its running behind Tor. Is that difficult?

What they mean is that Monero nodes are not made to accept INCOMING connections via Tor. You can proxy transactions via a hidden service but that's it.

Making a new wallet per transaction is schizo IMO but your criticisms about having to make new addresses and the like are all REQUIREMENTS for Bitcoin on-chain even to the same vendor. You can reuse the same address with the same person with Monero's and there will be no on-chain link still since each address is a stealth address similar to BIP 352 addresses.

Running a Monero node is best practice but even using a remote node offers superior privacy than most on-chain and lightning Bitcoin setups.

Its evident to me that you've no experience with Monero usage as you'd know everything I'm describing here by using the official Monero GUI wallet or the like.

Please do proper journalism by using the protocol you criticize. I've extensively used and researched lightning at this point thus giving me true insight to the benefits and limitations.

Super Testnet 2w ago

> Is that difficult?

Yes, for most people. Manipulating configuration files requires a lot of background knowledge that most people don't have. Using command line arguments too. You also neglected the part about installing linux in the first place, and then installing tor.

For most people, I suspect they would assume "installing tor" means "installing the tor browser," not running "pkg install tor" or "sudo apt install tor" or whatever it is since it depends on which linux operating system you're using.

And if someone gets past all that, then you have to somehow find out that (1) you have to keep it running (2) the port switches from 9050 to 9150 if you're using tor browser -- and if you're on Windows, everything is different there too.

So yeah, it's difficult. Not for me or you, but we've got a lot of background knowledge that you can't assume for most people.

> Making a new wallet per transaction is schizo IMO

Yet -- according to the monero website -- that's the only way to get transaction unlinkability in monero. You think *lightning* has a UX problem? Meet monero.

> your criticisms about having to make new addresses and the like are all REQUIREMENTS for bitcoin on-chain even to the same vendor. You can reuse the same address with the same person with Monero's and there will be no on-chain link

There will be no "on-chain" link, but that person will have an off-chain link that is just as provable. An identical thing is true for monero's addresses and bitcoin's xpubs: if you trust the sender with your privacy, you can give him a monero address or a bitcoin xpub (or a bitcoin SP address, more recently) and if he reuses it, then "on-chain" there will be no link between different transactions sent by that person. Unless the sender makes mistakes too. But even if he does everything *else* perfectly, he made this mistake: he kept your address or xpub and reused it -- and that means he kept a record or proof that links multiple transactions together. If the address or xpub leaks to untrustworthy people, e.g. if he is subpoena'd for that information, your adversaries learn those links and can prove them in court. I think that's a terrible for privacy. Do you? Or is it only bad when it applies to bitcoin, and perfectly fine in the case of monero?

> Please do proper journalism by using the protocol you describe

I've used monero plenty and I think it sucks.

Daedalus 2w ago 💬 2

Alright I got major counterarguments to your points here but can't outline them in detail 'til after work so I'll be back.

In summary: adding Tor to your Monero node is optional because of dandelion++ but is absolutely required with Bitcoind or the like because it doesn't have a dandelion implementation to fluff transactions. To add the Tor proxy its just as trivial for both daemons thus isn't any harder for Monero. The official Monero GUI has a check for socks proxy too so you can't get much simpler than that. Bitcoin core has the same but once again, it's required for Bitcoin due to no dandelion stem.

For your big point regarding address reuse even the most ideal cryptographic solution for privacy will always be compromised if an attacker, like a state agency who subpoenas, gets the private key. Not a gotcha, every single cryptographic system has this vulnerability: PGP, Tor, SimpleX, Signal you name it. If its decrypted on the device, then the adversary has the plaintext if they have access to the device or private keys, simple as.

Monero is way simpler than setting up LND. I can tell you've not used Monero because you refuse to concede this point. I've set up a public monero node via systemd, set up Retoswap, set up p2pool recently with xmrig, the latter being the most difficult. Each of these way simpler than learning how lightning channel liquidity works and using the embedded LND node on Zeus. This difficulty went through the roof when setting up LND via CLI.

Tor is often preinstalled on most Linux distros and often is enabled via systemd. Port doesn't switch from 9050 to 9150 that's why they're separate. The Tor browser creates a whole separate Tor process than the daemon version that uses 9050 by default. Almost all distros use systemd so once For is enabled it will restart itself if it crashes or when OS is restarted. Its set and forget. This error of yours betrays your inexperience in Tor routing.

Everything's always more difficult on Windows. Not a Monero gotcha, Bitcoin has the very same UX hurdles (worse since you absolutely need Tor to protect your IP when broadcasting transactions from bitcoind due to lack of dandelion++)

Cake wallet mobile + random remote node gets you similar or easier UX and way better privacy than Phoenix, Zeus LSP, Spark WoS or other custodial solutions. Cake Wallet plus your own node, or MoneroGUI with a local node is way easier than running your own LND behind Tor while offering superior network level privacy AND better on-chain privacy with greater security due to being on chain. You don't need to worry about watchtowers, force closes, etc.

Hanshan 2w ago

for the record,

this is an explanation of the attack that STN says means that "users shouldn't reuse a monero wallet"

decide for yourself if it's a worrisome attack for you.

https://www.getmonero.org/2019/10/18/subaddress-janus.html

Joel Walbert 1w ago 💬 1

What are these hoops that are needed to get it working with tor? Its quite simple from my experience.

Hanshan 1w ago 💬 1

you have to

pass some flags to your node

nostr:nevent1qvzqqqqqqypzqgvra9r4sjqapufyl0vnc4kv4fz70e29em4c655y37vz206f0wt4qythwumn8ghj7un9d3shjtnswf5k6ctv9ehx2ap0qythwumn8ghj7un9d3shjtnwdaehgu3wvfskuep0qqsrl3crgz38qrrz9yzwu472hzh27c7vju3e3pazmtdr9hgkjmavwmc4g78xq

Joel Walbert 1w ago 💬 1

Oh those 'hoops'...

The horror 😅

Hanshan 1w ago 💬 1

just run a LN node instead and you can avoid all that trouble!

Joel Walbert 1w ago

Yea I hear thats as simple as tying your shoelaces 😅