nihilist
TLDW :
- do not trust random nodes, go and host your own (locally or not) -> to prevent them from logging ip addresses and to deanonymize on the IP level (attacking dandelion from what i understand ?)
- if you do end up using a remote node, connect to it through tor to maintain anonymity
- Stay off centralised exchanges, never KYC.
Nah that’s easy too. you need to make sure the developers use PGP keys to confirm their identity. https://blog.nowhere.moe/opsec/pgp/index.html + https://blog.nowhere.moe/opsec/whonixqemuvms/index.html
but yeah the idea is to have a Disaster recovery plan, kind of idea, totally makes sense.
it’s not complicated, make sure that anonymity is maintained for all developers (like they do all their work from inside a whonix VM let’s say), and that you have copies of all the important monero mirrors somewhere (on a gitea instance accessible via .onion or something similar), in case if monero gets the tornadocash treatment.
that way they can’t go after the developers’ freedom of speech, and even if they take the repositories down from github, the show can go on elsewhere.
i’ll pitch in to advise people if opsec is brought up
haveno is in early stages anyway, but yea the more noob friendly it becomes, the better. Something is “”“hard”“” to install when you do not explain how to install it properly.
Currently there’s a way to install it on every OS, that’s good enough for now. Also keep in mind that there aren’t 20 dedicated developers working on haveno fulltime, you can’t have everything at once with a small team of developers
thing is, OPSEC is not about giving some random advice without explaining why in the first place. every technical complication must be justified, to be taken seriously
yea tor and monero go hand in hand, but even over tor. take mr fed going to that farmer store over tor paying in monero, at some point he has to get his vegetables physically, where he can identify who the farmer is (cant just send food by mail i guess ?)
if the farmer has to retain his anonymity, he needs a way to send his vegetables anonymously to the buyer
Despite how bullish i am for monero in general, i have a major concern. Picture the following:
The monero community starts to move heavily into adoption (see what xmrbazaar.com is trying to achieve) and it starts to become widespread, BUT it’s still not officially allowed by governments. In fact, imagine that governments start to realize how bad monero is for their own economics and centralized control, and they start to explicitely ban it and enforce penalties for just using it (like any controlled substance). what about then ?
What about that one random farmer (small business, selling products attending to people’s basic needs to survive), who wants to accept monero to sell his vegetables, he’s going to get bothered by authorities for publicly accepting monero, after getting enough fines, i’m sure he’d actually give up trying to use monero officially.
Going even further down that road, as this would be an attack on the currency itself, what about that one fed guy buying monero (wherever, right, haveno, or whatever CEX) just to find out who’s selling monero, to literally prosecute them for just having monero?
Would Monero always remain a way to transact secretely ? rather than existing it as a way to transact publicly ?
This technology is not even meant to conform to any law, nor any governmental concern to assert their control over the populations, in fact, it is a direct threat to their existing control.
Now for me, Monero adoption must be a Bottom-UP process you go from individuals, to small businesses (farmers, bakeries, etc) and try to make monero getting adopted further up into bigger and bigger companies, which is (currently at least) increasingly less likely to get adopted due to financial regulations the higher up you go. Picture the day when those same financial regulations trinkle down all the way to the bottom of the pyramid onto small businesses and individuals, this’ll be a very tedious environment just to transact monero