it's good. It is also an available login method in the library I linked in my feature request for wavlake

(1) It doesn't work well on mobile

(2) I already have my private key in an app that supports DMs, so if I can log in with that, I'd rather not put my private key in another app

(3) your tool looks very neat, good job!

I'm glad nip07 is available for those who like it

the curse is the "only" part

yeah but I want to use this opportunity to help curb the spread of the nip07-only virus

I reached out to them about fixing their login issues (they only support nip07 login which I don't like) so we'll see what happens. If they add login-via-DM, I will upload my music there.

njump.me/nevent1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg7waehxw309ahx7um5wgkhqatz9emk2mrvdaexgetj9ehx2ap0qywhwumn8ghj7mn0wd68ytnzd96xxmmfdejhytnnda3kjctv9uq3yamnwvaz7tmwdaehgun4v5hxxmmd9uq32amnwvaz7tmwdaehgu3wdau8gu3wv3jhvtcpzpmhxue69uhkummnw3ezumt0d5hszrnhwden5te0dehhxtnvdakz7qg4waehxw309aex2mrp0yhxummnw3ezucn89uqzqq9es2p9nmunmqu4aggmynwdfgnyc6d2ukzl5pw9k576pstt39tgz55w8r

hey nostr:nprofile1qyv8wumn8ghj7un9d3shjtnrw4e8yetwwshxv7tf9uq3xamnwvaz7tmwdaehgu3wwccxctnfduhsz8thwden5te0dehhxarj94ex2mrp0yh8wmrkwvh8xurpvdjj7qgcwaehxw309ahx7um5wghxvmt59emkj73wvf5h5tcprfmhxue69uhkummnw3ezu7n9vfjkget99e3kcmm4vshsz9nhwden5te0v4jx2m3wdehhxarj9ekxzmny9uq3wamnwvaz7tmjwdekccte9ehx7um5wghxuet59uq36amnwvaz7tmwdaehgu3wvf5hgcm0d9hx2u3wwdhkx6tpdshsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0qy2hwumn8ghj7un9d3shjtnwdaehgu3wvfnj7qpqyfg0d955c2jrj2080ew7pa4xrtj7x7s7umt28wh0zurwmxgpyj9sdqhjhd can you add the ability to log into wavlake by means of a DM'd login code? Support for this method was recently added to https://github.com/nostrband/nostr-login and it makes it a lot easier for mobile users. You just enter your nprofile, get a login code in your regular nostr client, and paste it into the website you're logging into.

It also makes it so I don't have to install a browser extension whose code I don't want to review and trust. Thanks! Holding off on uploading my music to your site for now but please let me know if it's feasible or if there's anything I can help with to *make it* feasible.

Thank you https://x.com/PlebLab for producing!

My latest single goes out to all the bitcoin ladies

https://x.com/actuallyCarlaKC https://x.com/amizi https://x.com/ClaraShik https://x.com/D_plus__plus https://x.com/Dulce_xyz https://x.com/glowzow https://x.com/hazelbiologist https://x.com/niftynei https://x.com/NinjaGrannyHodl https://x.com/plebpoet https://x.com/starkness and so many more!

(Alphabetized to hide my crushes)

https://supertestnet.github.io/songs/Super%20Testnet%20-%20Who%20Wrote%20the%20Code.mp3

> You didn't trace anything

I did. I identified this pubkey as the sender: 23396ea4b0ab93e3417c3650d47b1c8414bb593d7fc9cdb1b27244e139645302

The rest are the decoys. My tool uses on-chain data and two heuristics to identify the true spend. The two heuristics are explained on my github:

https://github.com/supertestnet/examiner/

Someone told you monero can't be traced by they were wrong. Ciphertrace has a tool for tracing them and now I've released a free and open source alternative.

My monero tracing tool automatically identifies the sender of this transaction: c97d96fe61b2aee18a04fdb0975594c7e6d3334036e0e57e70666b9e5fe309b3

Try it here: https://supertestnet.github.io/examiner/

It seems to only be able to identify the sender in about 1 out of 15 transactions, but that's not nothing. I suspect tools with more data (like Ciphertrace's monero tracing tool, linked on my examinr github repo) do a better job of this, but it's silly to claim monero can't be traced in the face of two tools that at least sometimes trace it

> it's impossible to know which is the true spend

Not impossible. My tool *automatically* detects the true spend 1 in 15 times. Better tools (like ciphertrace's) do better.

Lightning is superior.

Why do people prefer LN to XMR?

- better privacy

- doesn't leak info about sender/recipient/amount

- better merchant experience

- no hassle with consolidating outputs and warnings this will ruin your privacy

- better user experience

- wider acceptance and doesn't keep you poor

> in the context of a cryptocurrency a "transaction tracing tool" would be able to identify the source, destination and amount of transactions

I don't think it has to automatically do that. A tracing tool is good if it helps automate some parts of the tracing task even if other parts remain manual.

> random chance identifies the sender in "about 1 of 15 cases"

But random guessing uses no data. This tool uses *data* to identify the sender. A random guess would not be grounds for doing anything. A statistical analysis is worth a lot more.

> the recipient that is published on-chain is a one time stealth address. not useful for tracing since SAs break the transaction graph.

They do not break the transaction graph. Stealth addresses do not appear just once, they appear again whenever the recipient spends his money and possibly in other transactions as decoys. Filtering out the decoys leaves you with only the true spend tx. You can do that *because* there is a tx graph that stealth addresses appear multiple times in.

> and amounts remain opaque

Except part of the amount is visible (the fee) and gives you info about the amount in the outputs as well as in the inputs

> additionally, if it takes "a considerable amount of off-chain information" to *actually use* NOBODY is tracing monero transactions

Seems like you contradict yourself here. First you say "nobody" and argue that the data doesn't exist, then you admit some people might do it and governments might have that data.

Not a good look.

Someone challenged me to trace his transaction to its source yesterday on Bawdy Anarchist's twitter space and I denied the ability to do so. I want to build more automatic decoy eliminators because without them you need lots of off chain data that I don't know how to get or that is expensive to acquire. I am not sure how far you can get using only chain heuristics to identify the true spender; I suspect it's higher than 1 in 15 but lower than 100%.

One monero dev offered a helpful cli tool that detects all instances when a stealth address has appeared in a ring; this is something my tool is currently missing and would greatly help with building taint trees. I hope that through community effort my tool continues to improve in effectivelness. The bad guys shouldn't be the only ones with a tool like this, and before yesterday only ciphertrace had a tool like this (that I know of anyway)

I replied to your comment, looks like you misunderstand how monero works. You said stealth addresses are used once and never seen again but in reality they appear on the blockchain multiple times: when the recipient receives money, when he or she spends that money, and possibly multiple other times as decoys

Then help me fix it please

I'd like it to be up to par with the ciphertrace tool that inspired me

I'm sure they have a lot more data to work with but I suspect you can get pretty far with on chain heuristics and maybe it's not that hard to source whatever off chain data ciphertrace is using

they always have been

but it seems to take a considerable amount of manual work

I only have two automated heuristics right now and they only identify the sender in about 1 in 15 cases

I plan to add about four more automated heuristics but I still think you'll need a considerable amount of off chain data entry to get really good data

Which claim doesn't match? A lot of people seem to be assuming, wrongly, that this is a *fully automated* tracing tool. It's not. Most of it is manual.

I have a way to manually identify yourself as a decoy but I haven't automated that yet. What I want to do is use known "view keys" to identify decoys, because if you have the view key you know the "true" tx in which you spent your own coin, do if you've been used as a decoy you can automatically filter that out.

Right now it uses two heuristics: merge analysis and recency bias. If you received coins in two very close blocks and then spend them together, your ring, which should contain keys from random blocks, will have two suspiciously close blocks where you held both inputs. So you can identify those as the real spender's coins.

Recency bias takes advantage of the fact that most decoy selection algorithms are biased toward selecting keys from recently created utxos. Ones that are significantly older stick out like a sore thumb.

Other metrics I want to add include bot detection (which is based on identifying txs with many outputs, since these tend to be created by automated software rather than a real person) and taint tree analysis (which creates trees of possible senders fanning out backward in time from a known destination).

If you found a false statement, please point it out

My latest invention is eXaMineR: a free and open source tool for tracing monero transactions

Learn more here: https://stacker.news/items/634963

There is evidence that usage of robosats is on the rise: https://supertestnet.github.io/robostats/

It does millions of dollars in volume per year BUT that is still small relative to its bigger DNM competitors

It also has a better user experience than it's competitors so I hope it keeps growing and eventually dominates that part of the economy