this post was submitted on 08 Dec 2024
20 points (91.7% liked)
Monero
1725 readers
16 users here now
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Im a monero noob. Can someone explain the need of a ban list? And how it works?
It removes the spy nodes from network so they cant do a timing attack (If one spy node receives a transaction unseen by the 100s of other spy nodes, they can logically deduce that the first instance seen was the originator of the transaction/block). The current list above has a parsing error for the subnets (IPs with 0/24) and those are important because each single subnet contains 256 possible IPs. These possible IPs are fully actively being utilized for the attack as I have seen first hand. I hope Boog900 or one of the list maintainers can address this parsing error somehow so I can remove my temporary fixed list. This could be somehow a personal error somehow but most probably these unparsed subnets are a unnoticed issue.
But with dandelion++ it should be infeasible to deduce anything about a transaction on receipt, no?
yes the overall transaction is safe but the individual node sending that transaction/block is recorded with the IP logged. Mass collection with a large spy network would easily enable a semi reliable initiator logging system that could be used later for any purpose. You could connect to a public node to hide and not send from personal node but then again the public node itself could be a spy node too. Its all about collecting general metadata for use with other data to be cross examined when the time is needed.
Well, the concept of a ban list seems ripe for abuse. We have to trust someone to tell us canonically who the bad nodes are, people can slap a fed honeypot node label on you for not going along with something.
What we need to do is design the system such that a bad node can do nothing but participate in the network. Just like the mining incentive structure with nakamoto consensus. Dandelion++ is supposed to do that, at least for everyone broadcasting their transactions only to initial nodes they know and trust. I don't know how to do that, but a blacklist is a dangerous stopgap.
π
Create your own fullnode and leave it running all the time. So don't just start it when it is needed for transactions or interactions with Monero. There are also very accessible methods for this, such as PiNodeXMR, which easily converts an SBC such as RaspberryPi into a secure Monero full node.
Use Tor and a known trusted Tor node, e.g. hashvaultsvg2rinvxz7kos77hdfm6zrd5yco3tx2yh2linsmusfwyad.onion from hashvault Pool.
Use VPN (and a known trusted node)