A lot of third-party wallets claim to be non-custodial, but they might actually mess with your privacy, track what you do, or even put your funds at risk. To stay safe, stick with the official Monero wallets at getmonero.org.

Cakewallet requires an account, leaks metadata, and can track usage patterns.

Furthermore, I am uncertain whether Cake Wallet is fully non-custodial, as it raises the question of how their backend API facilitate swaps without access to your private key (how do they pull that off). It seems logical to conclude that they must have access to the private key for the swap process to function effectively. Because of that, I can’t really recommend this wallet, especially since it supports some shady tokens that might be tied to scams.

I’m not pushing any specific wallet, but if you want something clean and simple, check out monero-wallet-cli. It’s a solid choice!

#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex #cex #moneroju #xmrbaazar #security #agorism #cypherphunk

I don’t really recommend any wallet, but if you’re looking for something without bloat, you might want to check out monero-wallet-cli.

I do not have simpleX yet. Could you pls review https://kycnot.me/service/openmonero

Let's be real, nothing comes for free. The fact that there are no arbitration fees on the retoswap network might make you think that users are actually the product. If you dig a little deeper, you'll find a bunch of issues, with the risk of exit scams being a big one.

A decentralized node network is only secure if there's no admin who can circumvent the rules. To address the exit scam issue, either eliminate the admin or remove the liquidity.

People want to trade online without the hassle of installing software, which can threaten their privacy. Trusting someone to keep your computer safe isn’t easy, and even open-source code can have hidden risks since most don’t compile it themselves. With OpenMonero, you can avoid those worries because it’s just a website that doesn’t need permissions.

The built-in non-custodial wallet for haveno funds isn’t very secure either, since private keys could be logged, and the project isn’t truly decentralized. The GitHub repo isn’t easy to fork, it’s built in Java and is pretty complicated. The more complex the code is, the tougher it gets for developers to spot vulnerabilities or malicious code.

Haveno is better at resisting censorship than OpenMonero, but this mainly benefits the admin. Without a reputation system, vendors can't import any stats to other platforms, leaving their accounts on Haveno fairly low in value. It’s unlikely that any former LocalMonero vendor, who has built up their reputation over the years, would want to use this system.

OpenMonero launched in June 2024, and I've recently started promoting it on social media. I encourage you to check out our list of over 150 verified vendors, including respected LocalMonero traders. If these vendors have confidence in the platform, users are likely to feel the same way.

Vendor list: https://nojs.openmonero.com/guides/how-to-import-reputation#cachedUserList

Reference: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html

Reference: https://primal.net/e/nevent1qqsq2pcudt9rdq4wwpk7r784fwr5h0lt4fhzj6cvaeckurla6wg29dqkrrz7a

#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex #cex #moneroju #xmrbaazar #security #agorism #cypherphunk

Basically, the haveno network operator can give admin roles to both taker and arbiter bots as well, which lets them ignore any rules in place. This speeds up things a lot since there’s no need to put down a security deposit for each taker bot, allowing all maker funds to be unlocked right away. These bots only work on the API level, so they don't mess with the user interface.

Because of this, it doesn’t really matter if you set up limitations on the frontend or the public API; the admin bots will always be able to access the protected API endpoints. This access is key to getting around rules like security deposits, rate limits, or any other client-side requirements for takers or arbiters.

The admin bots won’t use the public API, since developers would catch any shady changes to it. Instead, they’ll send requests to a protected API run by the network operator on a low-cost VPS for about $5 USD. Only the admin bots (taker and arbiter) will have the keys to access this protected API. This API will basically look like the public API but will have tweaks to bypass all those rules. So, only the maker will use the public API and will have to follow its rules.

To make things work, all you really need is the admin key, a protected API, and a few VPS servers for the taker and arbiter bots. These taker bots will throw the admin keys into the headers of their requests. If a normal taker tries to hit up the protected API without the admin keys, the request won't work. It’s actually pretty simple, and it might have been overlooked because of that.

Also, it’s good to remember that multi-signature setups only make sense when there’s no admin or network operator. The operator is always a single point of failure and can sidestep any limits on the API using their admin keys.

If anyone has a solid reason why this wouldn’t actually work, I’d love to hear it. When someone has the admin keys for their network, they can pretty much do whatever they want and set the rules while everyone else has to follow along.

To wrap it up, everyone in the haveno network, the taker, the arbiter, and the maker will get a key in the multi-sig trade. But there's also a fourth key, called the "magic key" that can do a bunch of powerful things, some of which could be a bit risky.

Reference: https://archive.ph/GsDsn

Thread: https://primal.net/e/nevent1qvzqqqqqqyqzqpg8r34v5d5z4ecxmc0c749cwjalaw4xu2ttpnh8zms0lhfepg450s7qlk

Interview: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html

#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex

OpenMonero response to Woodser haveno dev (haveno rug pull scenario)

> a malicious arbitrator could attempt to take offers, hoping to be assigned trades and then unfairly award funds to themselves. however this risk can be mitigated by:

> a sufficient number of arbitrators - the best way to mitigate this risk is to have a sufficient number of honest arbitrators, so a dishonest arbitrator is unlikely to be assigned a trade before being detected and banned. this creates an economic incentive for arbitrators to act honestly and earn trade fees rather than risk exclusion

I totally agree that individual arbiters need to act honestly so they don't get banned by the network operator. But honestly, that's not the main issue here. The real risk of a rug pull attack (or exit scam) doesn’t come from those individual arbiters, but from the network operator, whom we’ll call "Reto." Reto has the power to assign arbiter roles, which is where the problem lies.

The network operator is a single point of failure because he can create as many arbiter roles as he wants since he holds the admin key. Sure, Reto might give a few trusted individuals arbiter roles to make things look decentralized and transparent. But he could just as easily assign a bunch of roles to bots he controls. Plus, Reto would be in charge of all the taker bots, since anyone can jump in and be a taker. This setup lets Reto secure a two-thirds majority in any disputes that come up.

So, when it comes to pulling off an attack in this scenario, the odds are nearly 99.99% in favor of success. That’s because, when the attack happens, most of the arbiters and takers will likely be bots, all under Reto's control, making them the real weak link in the system.

> arbitrator selection by the maker - the maker can select an arbitrator from a trusted list rather than relying on random assignment (the current default)

The network operator is probably going to kick out all the human arbiters before they carry out the rug pull. This means the makers won’t have any choice but to use arbiter bots. Plus, the makers won’t really have a chance to dispute anything because a taker bot will just send a fake "I have paid" message even though they haven't actually paid. Then, that taker bot will start a dispute, leaning on the arbiter bot to back them up and go after the maker's funds unfairly.

In the end, the arbiter will take the 15% security deposit from the maker, while the taker bot walks away with the trading funds and its own 15% security deposit. The key thing to remember here is that both the taker and arbiter bots are under the control of the network operator, so all that money ends up in their hands, leaving the maker with nothing.

> trade limits per client - restricting the number of active trades or funds at risk per client further reduces potential damage from a dishonest arbitrator

If you try to limit how many active trades takers can have, it won’t really make a difference because anyone can be a taker. So, the network operator (or reto admin) could just set up as many taker bots as they need to get around those limits.

> in contrast, centralized exchanges like localmonero, lm, etc require full trust in the platform operators, because they take full custody of traded funds and can easily steal them at that time

I totally agree with you that most p2p platforms (like centralized exchanges) usually hold full custody of the funds since they require pre-funding for trades. But OpenMonero is different because it doesn’t need sellers to fully fund their trades upfront thanks to its self-custodial trade funding setup. The platform can’t access all of the liquidity at once unless every seller decided to post their bonds at the same time, which is statistically improbable.

It’s also worth mentioning that LocalMonero used to lack the self-custodial trade funding option, meaning that seller funds were always at risk while they waited for trade requests. Right now, OpenMonero can only tap into a maximum of 2% of the total liquidity at any given time, unless every seller posts their externally funded bond at the same time, which remains statistically improbable.

So, we can say that OpenMonero acts like a centralized exchange, but the liquidity is actually decentralized thanks to the self-custodial trade settlements for buyers and self-custodial trade funding for sellers. I suggest checking out the examples on simplifiedprivacy.com for more insights, especially if you’re looking into advanced examples.

> reputation can be easily faked, so does not provide any guarantee of trustworthiness in trade partners

No system is perfect, but it's fair to say that having a reputation system is definitely better than having no verification at all. It’s worth mentioning that faking a reputation system isn’t easy and it requires a lot of money and time. Sure, someone could try to create fake trades on OpenMonero, but the system can pick up on that pretty quickly (for ex, if someone makes 1000 trades in a short period, that would definitely raise some eyebrows)

Sellers/Buyers can also check users' Telegram handles through trusted sites like localmonero.co or confirm PGP keys from reliable sources, including LocalMonero and imported profiles.

Plus, you can’t do coin-locking on OpenMonero since sellers need to fund trades manually. It’s not an automated process like on networks like Haveno, which really helps to reduce the chances of exit scams. When it comes to offers on OpenMonero, they’re not fully funded right away. You only need 0.35 XMR to list an ad in the search results. This is mainly to fend off spam listings, but it can also help fund smaller trades. If a trade is bigger, sellers have the option to use an external, fully isolated wallet to fund the transaction and keep themselves safe from any potential scams right from the start.

> they can collect and store sensitive trade details across all traders

I don’t have an admin panel to keep track of trades or messages, and users can set up self-destructing messages right after a trade or completely delete their accounts. This kind of feature probably wouldn’t work in decentralized systems since all data is saved on multiple nodes. Also, the OpenMonero wallet creates a new address every time you make a deposit to help keep your privacy intact.

> they're more likely to be shut down due to legal compliance, and you're left to find a new service

My identity is kept private, and OpenMonero vendors don’t have to go through any KYC checks, which means we can totally work outside of regulations. This works because the platform isn't custodial, it's open-source, and you can access it via Tor hidden services and I2P. So, even if the clearnet domain gets taken down by the authorities, the exchange would still run smoothly. Anyone can self-host the frontend or even fork the code to make their own OpenMonero version. Plus, we’re working on a Nostr-based version that lets anyone become an escrow provider or self-host the frontend without needing any backend. This would make it super resistant to censorship. Check out the interview for more details!

> ultimately users should consider the trustworthiness of the haveno network they're using and its arbitrators, but these networks provide greater decentralization, privacy, and control of funds than centralized services, which are a single point of failure

Most of my vendors don’t really need to trust me because they don’t have to download any software or put down trading funds upfront to get trade requests (unlike Haveno). This really cuts down the chances of exit scams right from the start, and it keeps their personal files safe from malicious access. The OpenMonero web app runs smoothly in any browser and doesn’t connect to the user’s system, which is way different from Haveno that needs to be installed and has a daemon running all the time on your computer (definitely a recipe for keyloggers and shady auto updates). Plus, the built-in non-custodial wallet in Haveno isn’t very secure since malicious updates could come with keyloggers to snag your private keys. But with OpenMonero, vendors can fund their bonds using totally isolated wallets like Cake Wallet, Moneroju, Monero Wallet CLI, Feather Wallet, Trezor, and more.

The Haveno platform mainly looks out for the network operators, but it doesn’t really do much to protect market makers. This leaves them open to the risk of exit scams since the liquidity, the most important asset, is fully controlled by the network operator.

Also, let’s be clear: Haveno isn't truly decentralized. Accounts and order books don’t get shared between different Haveno instances, which creates a fragmented setup that’s kind of like a local network. The system would work a lot better if there was one big network where accounts and offers were merged from various instances instead of just having this isolated system run by a single operator. That’s not how decentralization should work.

When we talk about fund security, decentralization isn’t the most important factor. What really matters are things like how quickly trades get finalized, self-custodial trade settlements and self-custodial funding, along with a solid reputation system. Without a reputation system, there’s no trust between trading partners. Plus, if we don’t have self-custodial settlements or funding, the admin could easily run off with all the liquidity.

I’d love to keep the conversation going if you have any other points you want to bring up. I think Haveno does a pretty good job of protecting network operators, and I really appreciate that it’s open-source!

However I think OpenMonero is more safe (multi-sig vs self-custodial) and has 98% less risk of total liquidity being jeopardized at all times. The occurrence of exit scams is relatively low within this model.

Reference: https://archive.ph/GsDsn

Interview: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html

#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex

http://openmonero.i2p

frontend can be self-hosted as well ( https://openmonero.com/readme)

I could do shotgun scamming but exit scamming is not really possible due to self-custodial trade fuding (sellers) and self-custodial trade settlements (buyers). Plus the nostr based version is almost finished.

Build from source

Recommended node version (use nvm): v14.21.3

sudo apt install torsocks

torsocks git clone http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-reactjs.git

cd openmonero-reactjs

npm install

npm start

Yes, check the openmonero-reactjs repo hosted on forgeo. Link is in the popup if you click the "Open source arttribute" inside "Why use our service". Its the same code and can be self-hosted over tor hidden service.

For added security, the mobile app is not native (PWA) to have isolation from the filesystem. The web app is built with reactjs (selfhosting with docker possible), while the nojs version is based on php (codeigniter 4 framework)

Its already under construction.

Quote Simple: That’s cool, so in the future, this can work entirely as a front-end javascript linked to Nostr? Then the site itself could be on Arweave or IPFS.

Quote OpenMonero: The decentralized exchange will offer a selection of various escrow providers, arbitrators, and instances for users to choose from. Users will not be required to create accounts with each individual provider. All escrow providers utilize the same backend code, and to engage with a specific provider, one merely needs to be aware of its domain (no additional configuration or setup is required).

Trusted escrow providers will be hardcoded into the code, while untrusted providers will be accessible through an integrated distributed hash table (DHT) network. The utilization of a DHT is crucial, as hardcoded directories are inherently susceptible to censorship. Furthermore, this approach surpasses that of a federated network, since defederation is neither necessary nor possible; the reputation system in place effectively mitigates spam from the outset.

Source: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html

https://openmonero.com/readme

or

https://nojs.openmonero.com => click the 'Open source code attribute' inside 'Why use our service'

The Haveno network operators can steal 3177 XMR, assuming the investment stays safe and comes back to the taker bots. Once the investment returns, the same taker bot can just do the same thing again. In theory, one taker bot with an amount of XMR equal to the highest maker security deposit could clear out the entire order book since its balance goes up with every completed trade. So, it’s really just a matter of time before the whole order book is wiped out. Even worse, if you’ve got multiple taker and arbiter bots working simultaneously, you could clear the whole order book in just a second. All you need.

The reason is that a shady arbiter bot backs the taker bot and will side with them in any disputes. Moreover, the arbiter bot can also hit all the market makers with penalties, taking away their 15% security deposits.

You don't really need to invest a lot to liquidate the entire order book and my examples are not necessary (unless you want to clear the order book in the first round) as the balance of each taker bot demonstrates substantial, logarithmic growth following each transaction. This is because taker bots always go for the highest maker offer in the pot first.

#haveno #monero #rugpull #scam #hacking #opsec #xmr #retoswap #havenoreto #openmonero #exitscam

If the openmonero website goes down, the damage would be minimal. On the other hand, if the Haveno arbiter bots go rogue, they could rug pull at least 3177 XMR + 15% security deposits of all market makers. The difference is that openmonero's offers aren’t pre-funded, so there’s not much to steal.

#haveno #monero #rugpull #scam #hacking #opsec #xmr #retoswap #havenoreto #openmonero #exitscam

That exactly how openmonero works; Quote from the interview recorded on simplifiedprivacy

The minimum requirement of 0.35 XMR security deposit for sellers on OpenMonero is there to help cut down on spam offers. While it’s not really meant to fund an offer, you can still use it for that (or just fund the difference) as long as the buyer’s trade request is no more than the security deposit.

Both the seller and the buyer can cancel a trade request if they feel like the other person isn't trustworthy since no xmr is locked at this early stage. Right now, the seller is chatting with the buyer and checking out their reputation, looking at things like how long they've been registered and what kind of feedback they've received. Should all evaluations meet satisfactory criteria, the seller has the option to secure an arbitration bond utilizing either an internal wallet (security deposit) or an external wallet (such as Cakewallet, Moneroju, Feather Wallet, Monero CLI Wallet, etc.)

For big trades, the seller might choose to fund the bond from a separate external wallet to avoid any potential scams from the arbitrator right from the start. On the other hand, for smaller trades, its usually easier for the seller to just use the internal wallet (security deposit) for the bond. By allowing both types of wallets for funding, the platform strikes a good balance between keeping things liquid and secure.

If there weren’t an option for external bond funding, there's a chance that an arbitrator could run off with all the money. But because funding is done manually, it really cuts down the risk of good exit scams or bots locking up coins.

#haveno #monero #rugpull #scam #hacking #opsec #xmr #retoswap #havenoreto #openmonero #exitscam

Nothing would stop the Haveno network operators from making automated fake orders if the money pool gets big enough. The Haveno pot gets bigger with each new offer, while more offers on OpenMonero don’t necessarily mean more XMR in the pot since vendors only need to put down a security deposit of 0.35 XMR to list as many offers as they want. So, you could see 1,000 offers from different vendors on OpenMonero, but the admin might only hold 350 XMR (1,000 offers x 0.35xmr) in custody because of how self-custodial trade funding works.

It’s also worth mentioning that a decent exit scam usually needs to involve at least 1 million dollars; no one’s going to pull an exit scam for just 80k (1,000 offers x 0.35 XMR x 231 USD). OpenMonero was redesigned in Nov 2024 to help prevent exit scams from happening in the first place.

#haveno #monero #rugpull #scam #hacking #opsec #xmr #retoswap

Reference: https://rl.bloat.cat/r/Monero/comments/1h4icot/is_haveno_anymore_secure_than_trading_with_a/

Its hosted on forgeo on a tor hidden service. Go to openmonero.com and click the "Open source code" attribute inside "Why use our service"

Thank you for adding openmonero.com to the list. 🤙

Hello Nostr! I'm the dev behind OpenMonero.com

This is my first post. I'm here to bring transparency and harm reduction. Check out my latest audit for haveno: Shady arbiters can steal the entire liquidity from the order book. All you need is just 2 bots. Its crazy.

https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html

Issue confirmed by official monero moderator on dread: http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/4e7e530582ff902b6903/#c-cac5570453f7fa9f42

Quote from /u/monero_desk_support: After some thoughts, I think you are right and that the arbitration system in Haveno doesn't prevent arbitrators from pulling the funds. They would need to create a bot that takes all the offers and automatically unlock the funds with the key of the taker and arbitrator

#introductions #Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides