they discard the decoys when they’re given the transactions of interest, this lets them know that this transaction they saw on their node actually comes from that subphoenable entity (centralised exchange), from there they have the list of transactions that went through and they can rule out the dandelion decoys. but otherwise they can’t.

I also mentionned that they are looking at the fee structure on their malicious nodes, hence my recommendation to use the default fees. not sure if they’re actually using the rest. (number of inputs and outputs ?)

thing is, OPSEC is not about giving some random advice without explaining why in the first place. every technical complication must be justified, to be taken seriously

by the way, check out my blogpost on that topic https://blog.nowhere.moe/opsec/chainalysisattempts/index.html, with my opsec recommendations

very nice, keep up the good work guys

Nah that’s easy too. you need to make sure the developers use PGP keys to confirm their identity. https://blog.nowhere.moe/opsec/pgp/index.html + https://blog.nowhere.moe/opsec/whonixqemuvms/index.html

but yeah the idea is to have a Disaster recovery plan, kind of idea, totally makes sense.

TLDW :

1. do not trust random nodes, go and host your own (locally or not) -> to prevent them from logging ip addresses and to deanonymize on the IP level (attacking dandelion from what i understand ?)
2. if you do end up using a remote node, connect to it through tor to maintain anonymity
3. Stay off centralised exchanges, never KYC.

good news that it’s already available: https://haveno-reto Decentralised Exchange P2P fiat to monero directly. I wrote some tutorials on how to use it, if you need help on that

it’s not complicated, make sure that anonymity is maintained for all developers (like they do all their work from inside a whonix VM let’s say), and that you have copies of all the important monero mirrors somewhere (on a gitea instance accessible via .onion or something similar), in case if monero gets the tornadocash treatment.

that way they can’t go after the developers’ freedom of speech, and even if they take the repositories down from github, the show can go on elsewhere.

i’ll pitch in to advise people if opsec is brought up

my pleasure ;) (if i missed anything, feel free to let me know btw)

if you run your own node, it means that the adversary needs to come and ask you directly to give you the details of who connected to the node. and if you keep Tor in between you and your own node, you’re maintaining anonymity aswell.

if others find your (remote) node its not changing anything, you’re making it available for them to use monero

but still they should run their own monero node to keep decentralizing further