Duke
1 year ago
5 changed files with 123 additions and 0 deletions
|
After Width: | Height: | Size: 1.5 MiB |
@ -0,0 +1,123 @@ |
|||
<!DOCTYPE html> |
|||
<html> |
|||
<head> |
|||
<title>Monero Privacy Under Attack</title> |
|||
<style> |
|||
body { |
|||
width: 42em; |
|||
margin: 0 auto; |
|||
font-family: Tahoma, Verdana, Arial, sans-serif; |
|||
background-color: black; |
|||
color: white; |
|||
|
|||
} |
|||
a { |
|||
color: #63c0f5; |
|||
text-shadow: 0 0 5px rgba(104, 182, 255, 0.5); |
|||
} |
|||
</style> |
|||
</head> |
|||
|
|||
<body> |
|||
<h1>Monero Privacy Under Attack</h1> |
|||
|
|||
<p> |
|||
Monero privacy is under attack and it's not from where you would think. |
|||
People are storing silly pictures and other data directly on the XMR blockchain which directly hurts the privacy of every Monero user. |
|||
There is currently a debate in XMR circles about how it affects privacy. The people who want to profit from <a href="https://mordinals.org/">Mordinals</a> will of course tell |
|||
you it doesn't hurt privacy or there are "easy" ways to change Monero to make it not hurt privacy. Do not believe these people, they are |
|||
grifters at best, attackers at worst. |
|||
</p> |
|||
|
|||
<p>This is not financial advice, this is privacy advice. I have never committed code directly to Monero but I have studied it extensively, in addition to |
|||
working on many other privacy coins for many years and <a href="https://attackingzcash.com/">documenting severe problems in Zcash Protocol</a>. I hope this memo helps Monero people who are on the fence and aren't sure who |
|||
to believe in their own community. Consider this to be advice from "across the aisle" that is not directly involved in Monero or Mordinals but wants the best privacy tech to prevail in this age of surveillance.</p> |
|||
|
|||
<center> |
|||
<a href="" target=_blank> |
|||
<img width=80% src="mordinals-meme.png"><br/> |
|||
Spot on meme courtesy of @KAPNKRUNCH2010 on Twatter |
|||
</a> |
|||
</center> |
|||
|
|||
<p> |
|||
First we give some backstory, of where Mordinals comes from and lessons other chains have learned. |
|||
</p> |
|||
|
|||
<p> |
|||
Mordinals is a copy-cat of the <a href="https://ordinals.com/">Ordinals</a> project, which allows you to store arbitrary data directly on the Bitcoin blockchain. Since |
|||
Ordinals works on a surveillance coin (BTC), it really can't reduce the privacy of users, since Bitcoin doesn't have any privacy to begin with. |
|||
Ordinals has created a huge uproar in the Bitcoin world, some love it, some hate it, but it became clear that there was no good way to fight it. |
|||
If Bitcoin Core did decided to try to remove Ordinals, the cure would be worse than the disease. Trying to remove Ordinals would waste even |
|||
more blockspace than it currently uses. By some standards, it even saves blockspace by being more pruneable. So Ordinals live on. |
|||
</p> |
|||
|
|||
<center> |
|||
<a href="" target=_blank> |
|||
<img width=80% src="privacy-larp.png"><br/> |
|||
</a> |
|||
</center> |
|||
|
|||
<p> |
|||
Many people are LARPing as privacy experts on Twatter and YouTube and podcasts which are heavy on grifting and low on technical content. |
|||
I will not name names, but you know who they are. It's simple, if someone is not a privacy coin developer or blockchain analyst, flush |
|||
their opinion down the toilet. Unless someone writes the code to protect your privacy or is someone who is paid to attack your privacy, |
|||
they are just a grifter, trying to influence you for their own gain. You can often identify these people because they will tell you |
|||
to trust another LARPer (such as a podcaster trying to make money via ads or reflinks) on their low-quality Twitter feed, instead of a technical person that actually knows what is going on. |
|||
</p> |
|||
|
|||
<p> |
|||
I commend XMR devs for quickly merging a mitigation against this privacy attack in the commit <a href="https://github.com/monero-project/monero/pull/8733">Add a size limit for tx_extra in tx pool</a>. This is a good first step and I predict that if XMR devs truly care about privacy (and I think they do) they will make this a consensus rule in their next mandatory update. |
|||
By doing this, they will protect the privacy of all Monero users by forcing the Mordinal project to change how it stores data on XMR, if they choose to keep doing it. |
|||
</p> |
|||
|
|||
<center> |
|||
<a href="https://invidious.privacydev.net/watch?v=xZ43rvLK9ag" target=_blank> |
|||
<img width=80% src="decoy-sigs.png"><br/> |
|||
Shout out to Crypt0 Bear for fat beats |
|||
</a> |
|||
</center> |
|||
|
|||
<p> |
|||
So now for some actual details of exactly why Mordinals reduces the privacy of Monero users, since these exact facts are being hotly debated by privacy LARPers. |
|||
Mordinals reduces the privacy of a Ring Signature, because if a Mordinal is used as a decoy, it is very obvious to a blockchain analyst that it is a Mordinal and not a real transfer of value between two XMR users. This is because the <b>tx_extra</b> field has no privacy, anybody can see how many bytes of it are being used, unlike the <b>memo</b> field that <a href="https://hush.is">Hush</a> and <a href="https://dragonx.is">DragonX</a> use. <b>tx_extra</b> is also not encrypted, unlike the <b>memo</b> field, so it's pretty obvious what is going on. Mordinals is |
|||
a crack in the armor of Monero for blockchain analysts to exploit. It is indistguishable from a purposeful attack on Monero privacy. |
|||
</p> |
|||
|
|||
<center> |
|||
<a href="" target=_blank> |
|||
<img width=80% src="mordinals-tweet.png"><br/> |
|||
@m0rdinals on Twatter claiming that Mordinals compromises XMR privacy |
|||
</a> |
|||
</center> |
|||
|
|||
<p> |
|||
Now Mordinals admits the above privacy reduction is happening and their recommendation is to change the internals of Monero (how decoy selection works) to not choose Mordinals as decoys. |
|||
Firstly, do you trust an "NFT bro" to understand the implications of changing the C++ internals of the largest marketcap privacy coin in existence? If so, you might as well get brain surgery from your local hair salon and close this tab now. Secondly, this suggestion will hurt privacy even more! If XMR decoy selection is changed to not select Mordinals, then the set of all possible decoys is made smaller! This reduces privacy. Ordinals use on BTC has exploded, and recently entire Bitcoin blocks have been filled with nothing but Ordinals. If something like that happens with Mordinals (which they are hoping for) then the set of transaction outputs (UTXOs) that can be selected from will be drastically reduced. This is how people using Mordinals does not only hurt their own privacy but the privacy of every Monero user in the future. |
|||
</p> |
|||
|
|||
<p> |
|||
To conclude: monkey jpegs belong on surveillance coins like ETH and BTC, not Monero. |
|||
</p> |
|||
|
|||
<center> |
|||
<a href="" target=_blank> |
|||
<img width=80% src=""> |
|||
</a> |
|||
</center> |
|||
|
|||
<p> |
|||
</p> |
|||
|
|||
<hr width=75%> |
|||
<p> |
|||
<br> |
|||
<b>-- Duke</b> |
|||
</p> |
|||
|
|||
<p> |
|||
<a href="https://duke.hush.is/?back">Back</a> |
|||
</p> |
|||
|
|||
</body> |
|||
</html> |
|||
|
After Width: | Height: | Size: 844 KiB |
|
After Width: | Height: | Size: 108 KiB |
|
After Width: | Height: | Size: 682 KiB |
Loading…
Reference in new issue