Hi, I'd like some advice for running a monero node on a virtual private server please, who here has done that?

Steven_M: web.getmonero.org/resources/user-guides/vps_run_node.html it's a good start

ErCiccione[m]: it's keeping the server secure that I worry about. I know nothing about server security.

Simple good practices are: close the ports you don't use, stop services you don't need, uninstall packages you don't use, do not login using "root", use a different port for ssh

That's just what pops up in my mind

"different port for ssh" is low on the list - way higher is switching off passwords entirely and use a key instead. or at the very least to have a long and strong password

also disable password login and use a ssh key instead

^

ErCiccione[m]: Inge-: Okay, thanks guys. :-) Can you recommend a good VPS provider?

scaleway are very cheap and seem to be friendly to bitcoin, monero and tor (but you need to do a little dance to get enough disk space for the blockchain on their cheapest vpses)

digitalocean and vultr are good too

Use one that accepts Monero or Bitcoin. like vultr, bitvps, bitlaunch

no privacy with vultr though. you can pay with bitcoin, but only after you've activated your account by paying normally

never use bitcoin, use monero, what bitcoin was supposed to be, the only private cryptocurrency

true

there is a good list of VPS providers here: web.getmonero.org/community/merchants/#services

shit oops thought i was in a different non crypto chat

actually they are a lot, would make sense to have a section dedicate to that

Zero-ghost[m]: very true. :-)

Steven_M: thought i was in another chat with someone talking about paying with bitcoin and thats just my normal text puke whenever i see people saying that

Zero-ghost[m]: fair enough :)

ErCiccione[m]: ironically, bitvps and bitlaunch are not on the web.getmonero.org/community/merchants/#services page, but since you recommend them, I will check them out.

We only list services that accept Monero on that page. bitvps and bitlaunch only accept bitcoin afaik

ErCiccione[m]: just checked, bitvps accepts monero. :)

Oh, cool. I stand corrected :)

:)

bet time for me, goodnight.

*bed

Goodnight

hello

do anyone here knows what happen from v3 to v4 hardware fork so that is impossible to start new chain with version bigger than 3

The README has the main changes for each version.

RingCT transactions are the new changes

but in which part this is checked is not possible to understand

i found parse_and_validate_tx_from_blob

You can start new chains with bigger version but it requires a bunch of patches, which apparently none of the various forkers bothered to write down

yep tx version required some change on basic.h

i hope that will be enough...

Always great to see the amount of remote RPC usage my node experiences

Thankful for all the people who have worked so hard on a strong, decentralized public node system

Its incredible to me that something similar doesn't really exist for Ethereum or Bitcoin

fort3hlulz do u have gains from this?

No, I haven't enabled mining for RPC at this point (and have no plans to)

Happy to provide the service for free to the community, as I have plenty of processing power and bandwidth :)

fort3hlulz: it does exist for Bitcoin, it's called Electrum

all the Electrum nodes are volunteer-run

Well, but that is a whole separate service with its own pitfalls (and many exploited issues)

Its not a part of bitcoind/btcd

But yeah, I did forget that that exists (have run EPS in the past to work around those issues)

ok but spv is native

Bread, for instance, connects to random Bitcoin nodes

and uses spv to interact for lightweight interaction with them

Had not heard of Bread

Have always seen SPV as a "I need to know the nodes address"

any spv wallet should work the same way

I'll have to look into that more!

I've used SPV a bit with Decred, but didn't bitcoind just deprecate SPV entirely?

although there are some that use spv but with a centralised server

which is kinda lazy

thanks

Can one of the monero subreddit admins approve this post (already did a message to the mods in reddit): reddit.com/r/Monero/comments/h7nnon…ications_for_monero_transactions_to

Any btw, you guys might be interested in this new monero project: github.com/apprises/apprise-transactions

"Thankful for all the people who have worked so hard on a strong, decentralized public node system" <- The "decentralized public node system" is a band aid because people do not like decentralized. It's like disinfecting a knife before sticking you with it.

The reason I made the RPC payment stuff is to try and get rid of those people having free public RPC in the first place.

Because people making thier RPC server free to use encourage others to not decentralize.

While I agree that everyone should run their own full node, I think its important to have the option (with strong wording against it/about the risks) for those that absolutely cannot for some reason

I have, and always will, push people to use their own full node, as its dead simple and integrated well into the GUI/CLI

But I think its especially important for mobile adoption that there are strong remote node options available

A fullnoe isn't always feasible, e.g. TAILS

Then set up payment. Those who really can't run their node can mine a bit. Here you're just telling everyone who can "look, I'll help you centralize for free".

I think it's important to support such facilities

miners will always have incentive to run such nodes

Thats actually not true, yanmaani, I'm a VERY strong advocate for self-select to be used by miners which would be best with their own full node, and not remote RPC

moneromooo: So no one should expose RPC without pay-for-rpc?

I think a bunch of new users using things like cake/monerujo would be offput if that were to actually happen

Let me rephrase, miners have an incentive that free full nodes exist

Since it increases transaction volume, meaning there are more fees to collect

huh never thought of that angle

My aim was that everyone would end up setting it up. And the only ones offering for free would be spies and the like.

Interesting...

But no mobile service supports pay-for-rpc AFAIK

But they all run their own nodes, so I guess that would be fine.

They're spies then :)

:P

Guess it's time to get around to setting up my pay-for-rpc settings

If people have to pay $0.1 in RPC mining credits to send a transaction, it stands to reason that they would be inclined to pay $0.1 less in fees. This is a loss of $0.1 for the miners as a group, and a gain of $0.1 for the individual running the node.

hm, yeah, my moneroworld node is still free

same hyc

Moneromooo : actually, I'm looking for a machine, I can set up with enough memory, and enough cores avail, to come online, avail for all, not to spy

Also, people would just pick the cheapest node. If you can either use Tor and use the chainalysis catamites' node for $0.0, meaning no/little privacy loss, or pay $0.1 and use some trusted guy's node, meaning no privacy loss, people would go with the former.

So it's arguably better that everyone provide free nodes, as it would decrease spies' expected gain from doing so

How much does it cost in hardware to run an RPC node anyway?

I don't consider myself a spy

yanmaani not much, honestly, it's a pretty light usage server on my HW which is also running many other procs and mining at the same time

good to know Spaceguide lol

If people don't want to pay extra, they run their own node. That's the idea. Push them.

moneromooo: But that also is a cost. On TAILS fo rexample, there is no point

And spies will start charging a bit too when it becomes obvious free ones are likely spies :)

all you are doing is introducing new rent-seekers to a systme which doesn't need them

If I do submit my txns to adversarial remote nodes using Tor, WCGW?

They only get rent from people who'd be useless to the network.

won't Monero's encryption protect me still?

But yes, fair point.

Or are you talking about fake chain attacks etc?

Are there any good guides on setting up the pay-for-rpc system?

Best I found was: monero.stackexchange.com/questions/…pc-payment-options-for-monerod-work

Anyway, it seems like it wuold be smarter to simply make it more secure to use remote nodes

dandelon++ helps

Making it more secure to use remote nodes makes it less secure for the network, even though more secure locally for the person surrendering.

Well I added the payment for RPC option with my address, and now I can't use Cake Wallet with my own node :P

moneromooo: What is the harm?

There is no good alternative with TAILS, anyway. The spies can just run for-payment nodes.

You can see the harm when you push it to the extreme: everyone uses one node.

Spies will run for payment nodes, sure, but the process will have pushed some proportoin of people to run their own damn node, which was the goal.

No, I can't see the harm

everyone is using one node. What now?

(assuming that they check PoW from multiple sources)

moneromooo has seen some shit. He knows there will be a Google 2.0 for blockchain.

And i agree with him

yanmaani the main risk would be a node lying about the contents of a block, or censoring transactions, etc etc

what is the risk tho

There are MANY risks if there is only one entity running a full node

Because they become the source of truth for the entire network

indeed

YOu're trusting them to verify transactions

fort3hlulz: This is trivial to fix though. If it doesn't match the hash, it won't verify

The hash that you get from where?

No, remote nodes are not verifying transactions

You're trusting that they verified other TXs, and they will be the ones verifying yours

that's the exact same question for the rest of the network. There is no good argument for why I can't interrogate like ten nodes and see if they're all lying to me.

Not sure what you mean.

fort3hlulz: No, remote nodes do not verify transactions. You download the blockchain from them, look for your transactions, and discard it.

If there was only one node/entity you can't interrogate others

If they insert junk into it, it won't validate or anything

What would you compare it against?

If you didn't run your own full node?

SOmeone who just offers hashes +PoW

That's a lot of trust in two entities to not lie to you/collude

there's only one full node that serves the full blocks, but you should trivially be able to get block headers

they are tiny

no, I don't trust the block serving node at all

and serving block headers is absurdly cheap

couldn't a bad node only withhold full blocks from you, not just singular transactions from a block?

and never insert bad ones

that as well

^

There are many, many attacks

they'd have to make fake blocks

make fake blocks aka. mining? :D

no you are just spreading FUD

?

llol

asymptotically: Mining, while concealing other blocks

so as to drive down the difficulty

Your argument is the same for full-nodes, that's my problem

what prevents all your peers, as a full node, from lying to you?

Nothing, thats why I connect to many and verify what I see against the rules my full node has set

Thats kinda the whole point of a p2p network thats decentralized

And what prevents a thin node from doing the same?

multiple bad actors can be present while I still verify the true state of the chain

yanmaani: but then they'd be mining on their own chain, earning only worthless coins

I guess the best way to get more decentralization is to keep the blackchain small. So no one bothers to setup a remote node.

Electrum (Bitcoin) is thin, and that interrogates multiple nodes

asymptotically: yes, but if the difficulty is low enough that's immaterial

Maybe DAG? dont know

the idea is that they double-spend etc

Guys, clearly trolling if "not seeing" why only a chain with one node is a risk. Don't feed.

The threat model I'm describing is that there's only one node serving the full chain, but several nodes serving block headers.

("decentralized" chain - it's not a risk if it's meanbt to be centralized)

I'm not trolling here. Electrum does this, and it works fine!

Tell me more

It has some prbolems, but Monero's equivalent thing mode doesn't have these

Bad Electrum nodes can spy on you, Monero nodes can't as I understand it

endogenic: i hear mymonero only sends transactions that include tithes to endogenic. is this true?

If there is only one full node/entity, it holds all of the economic power of the network

As its the only one able to create and publish block templates

True

fort3hlulz: That's not what's being discussed

<moneromooo> Guys, clearly trolling if "not seeing" why only a chain with one node is a risk. Don't feed. <- probably true, I've never heard anyone argue that no one needs to run a node for a network to properly function

Some Monero nodes can be given permission by a user to spy on the user...

So many risks associated

Everyone *using* one node is not the same thing as there only being one node.

You still haven't explained these "risks" to me very well, other than meaningless nonsense about "connecting to many [nodes] and verifying what I see against the rules my full node has set".

I'll ask you again, what prevents a thing node from doing the same?

Can a thin node verify transactions? Or just that a block validates PoW?

*historical transactions

A thin node verifies transactions, yes.

I set the block height, and it downloads the blocks from that height and looks for my transactions in there.

That is how the current remote node system works.

The only attacks are feeding someone a false chain via 100% node domination, which is the exact same risk as for full nods

can't full nodes verify eachother ?

"Verify" how? There is nothing that obligates a full node to act in any way

Unless I've misunderstood everything I've read to this point on the importance of full nodes, you're giving the node you use trust that they serve you the proper/accurate blocks for your wallet to scan against, and that trusting one entirely would be putting full economic weight on them

Yes, if you did that and checked headers against some other node/entity, that would help with completely false blocks being provided

What prevents you from using multiple nodes?

The current implementation is that you set one remote node. Why couldn't you ask 10 of them? This would make Sybil attacks far harder

But that wouldn't prevent against the node/entity you're using from denying/delaying your TXs that you're sending them

No, but you can just mass send them.

Again, same with full nodes.

we were talking about if everyone used one node

I guess you've moved on from that now

No, one node for the chain

I mean thats not the point moneromooo brought up, but if you want to change it to that, sure

"You can see the harm when you push it to the extreme: everyone uses one node."

yeah

that's what I meant, in an RPC context

anyway

broadcasting transactions has the same problems as feeding you fake chains: everyone must collude

if even one defects, it'd done for. And txns have a direct financial incentive to be broadcasted

I remain unconvinced of the dangers of SPV.

If there is one full node for the entire network, they are the only source of historical transaction verification, are they not?

Are we talking about SPV?

I thought we were talking about one RPC full node serving all users

If there is only one full node that users use for RPC stuff. This doesn't prevent there from being other full nodes not serving RPC.

Ok, not sure why you keep moving the goalposts but sure :)

yanmaani: we might just be missing each other's points, so let me state clearly my point here:

- being decentralized here is a design goal for the purposes of the argument

there's no moving of goalposts; this is moneromooo's threat model. My suggestion is, to be clear, that clients query multiple (say, 10) remote nodes, picking them from a big list. Remote nodes could sign their queries as well, so that you'd have clear proof if anyone does somethign shady.

moneromooo: Agree on the first point thus far.

- I take the trend to the extreme to show why it ends in somehting bad - it might well be that *some* of it isn't very bad

- if everyone decides to not run their own node because using someone else's is easier, or cheaper, or otherwise, then you end up, at the extreme, with one node

Second point, agreed, that's an useful epistemiological strategy

- one node is not decentralized

third point is sort of self-evident

fourth point does not seem too credible. Electrum doesn't have this problem

despite Bitcoin full nodes being extremely expensive to run

Electrum works on Bitcoin. Bitcoin has tons of nodes.

fifth point I contest. One RCP-serving node is safe, as long as you have some way to obtain independent confirmation of block hashes and some independent way to submit txns.

moneromooo: Sure, but far from all of those are Electrum servers.

How is that relevant ?

Eletrum is not a parallel network AFAIK (admittedly, I don't really know much about it)

Electrum is a separate network. You need a full node to run an Electrum server.

With it, you can send transactions, get block headers, and ask what transactions are sent to an address.

The client keeps the state of the latest block headers, and the servers send proofs of inclusion within the blocks.

It's a view over the Bitcoin network, right ?

The miners are trusted to create valid blocks, and the servers are trusted not to exclude transactions, and not to log your addresses

"view over"?

In Monero's equivalent, the miners aren't trusted to create valid blocks, the servers aren't trusted not to exclude transactions, and them logging your IP is immaterial.

I'm surprised by "Electrum is a separate network". AFAIK an electrum server is a server that allows a client to query the Bitcoin chain.

Yes, but Electrum servers are distinct from Bitcoin full nodes

How did the Unix and Gnu philosophy survive the onslaught of idiocy?

Do you mean: Alice runs a electrum client, connects to an electrum srever run by bob, which connects to a bitcoin server run by carol ?

I give up. How?

XD. I'm asking you.

no, typically the Electrum server and the Bitcoin node are on the same machine

Maybe a manifesto?

but I agree that it's a separate network in that Electrum clients can't connect to Bitcoin nodes

moneromooo: Bob=Carol generally

and Bitcoin clients can't connect to Electrum servers

^

that

In any case, it doesn't matter. The fact that Alice doesn't run her own bitcoin node is not impacted by whether carol and bob are the same person.

ehhh this is all semantics. let's say for the sake of arguments 99% of bitcoin fullnodes run electrum servers too. what's your point?

with small modifications to Monero, you could get good security for remote nodes

security against what threats?

You consistently try to reinterpret nmy point about security of the network in terms of security of a single Alice.

hyc: Now, your remote node could serve you a "fake" chain. This gets exponentially harder with multiple remote nodes.

You could make it more secure than currently for Alice (assuming she already decided not to run her node).This is not my point in the first place.

moneromooo: Say that it degenerates to Bitcoin's status quo: some people run full node, but there's say 1000x more users of electurm than there are full nodes

Not "one node", but a few hundred or so. Some of whom are run by mining pools, some of whom are run by chainalysis catamites, and some of whom are run by random people

In the extreme, those multiple remote node are all the same, beause nobody runs their damn node.

Bah. Whatever.

There's 10.5k bitcoin full nodes

and ~millions of bitcoin users

yet the security is ... fine?

because bitcoin's security model completely lacks a privacy model

what are you saying is the danger if we do the same for Monero? The Monero equivalent is "streaming" the chain, which is private

I don't think that's really a factor. It's the old "look, this dude took a step towards the cliff, he's still alive, so it's fine, so let's take more steps" argument.

So year, trolling I think.

look, I get that you may disagree with me, that is fine and natural and good

but it is shockingly offensive to accuse me of arguing in bad faith, and of not actually holding these opinions

I do use Electrum for my everyday transactions, and I do use Monero in remote node mode. I am serious when I say that it's a shame Monero's support for it is bad.

I also find it shockingly offensive that you just again go for the single user security argument after I specifically explained by this is not ny point ^_^ Bye :)

And FWIW it someone makes a patch to use several remote nods and compre, I think I'd be ok with it, as things go.

Even if it gives even more incentive for people to not run thier own node :/

It kinda sucks. You make better software, but the very act of doing so makes something else worse that's more important in the big picture :(

Like when I kinda regretting patching the privacy leaks to the daemon when making a tx.

seems like there's a bit of a Platonic ideal thing there. It's sort of like with science

if some worldview is intrinsically more correct than another, that's whither the consensus will trend

Ironically, if we didn't have this node/wallet split, people wouldn't be so eager to use a stranger's node.

if you have buggy software then that will theoretically speaking trend towards less buggy software, assuming people only merge the good PRs

What's the minimum limit to be a full node, in your view?

A pruning node is still a full node, right?

And a node that discards old blocks isn't?

Depends on your definition of "full node" really.

what's youre definition?

for me, both would not be full node

For the purposes of my argument above, "you sync and verify all" was what I was on about.

Being able to serve others historical data is also important.

indeed

Aren't Monero's present implementation of remote nodes full nodes too, then? If I use a remote node, don't I stream the whole of the chain?

Pruned nodes can serve an eigth of the hostirical data (by design). So they're not just useless nodes.

serving the chain by hash is literally just dumb 100% sybil resistant block storage CDN stuff, and can be decoupled from "making assertions about the correct tip"

Actually, let's agree on a definitin here:

most people use "remote node" to mean a node run by another party, rather than a node which might or might not be yours that's running on another host. Here, you mean the former, right ?

yes

So if you have a wallet, but use a stranger's remote node, you don't stream the whole of the chain.

What do I miss out on?

You stream pruned txes, and scan their outputs.

What is the downside of this?

You miss the non pruned part (signatures) and block headers.

Oh wait what?

The wallet does not do any verificatiuon, since the node already did it.

Why don't the block headers commit to the non-pruned part?

like in BC SW

It could do some more, but that's the node's job ffs :D

What is BC SW ?

bitcoin segwit

No clue what this does.

The block header is (roughly) hash(hash(pruned txns) || hash(signatures))

Monero blocks include tx hashes.

yeah but not of the pruned ones

with SW-style headers, I could verify that the block header matched the pruned TXes

Modern monero txes also commit to their pruned part (I forget the details).

(not old ones)

Oh, OK. So could I verify it it if my remote node did send block headers too?

You could verify more stuff. I won't give a list because I don't know off the top of my head.

But you could verify PoW for one thing. You could verify tx sigs, even when pruned.

If you have a full node that didn't serve 1/8 of historical data, would it still be a full node?

iirc, a 1/8th pruned node != 1/8th future transaction bandwidth?

As I said, it depends how you define it. If you define it as such, yes. If not, no.

If it's a reference to a bitocin definition, I don't know it.

you seemed to have a clear definition in mind

paraphrasing roughly, "it's bad if there's not enough full nodes"

I don't. If you're going to consider nodes that can only do part of the things others can, then being able to do more is better.

But it's subjective. In a way, the pruned node ability is similar to a remote node in that running an unpruned node would, ceteris paribus, lead to a stronger network.

Very different in terms of impact though.

The ability to prune should make more people run nodes.

A pruned node is ok for smart phones.

Some people have to pay for storage space d4ndo[m]

Pruned nodes help lessen the cost.

So my question is, if you run pruned nodes that don't serve the blockchain and discard transactions after validating it, is that a full node?

If so, how is it functionally different to remote nodes?

If not, then where does the line go?

Is touching someone ok ? If so, how hard is it fine to touch someone ? Can I punch someone hard ? Where is the line ? Well, guess what, there is no line.

Could you create a secure remote node implementation, that verifies enough to give security to the network?

We could use a manifesto: Run your own node. etc. See the gnu manifesto. The linux kernel dev deny propertary source code for drivers.

You mean write some software that talks monero p2p which could strengthen the network more than a normal monero node could ?

If that was the case, then the normal monero node could be made to do so, since your difference seems to be "remote", as in a stranger's.

From what I understand of what you said, you want to make "software run by bob only" to be more secure than "same software run by bob *and* alice", which seems nonsensical, *unless* the very fact that alice runs a stranger's node is what increases network security. Which seems absurd to me.

At least for a decentralized network. It would be the case if the network was supposed to rely on trust in bob.

in Bob we trust

If you just mean "make using bob's node safer for alice", then sure, we already established that.

My point is that a "remote" node could be a full participant in the network

get the block hashes, only get the pruned transactions, but participate in the P2P network and peer discovery and all

It is currently a full participant.

But it is *one* full participant. If Alice were to use her own node and not Bob's, there would be *two* full participants. That is my point.

No, Alice just connects to the broader network

no Bob involved. Or rather, all the nodes in the P2P network are Bob

Bob and Alice are sure a big part of the Monero dev community. We should all thank them.

hello

do anyone knows how to insert tx version +3 on basic.h or on some other file

monero code is huge

sorry no googling for this.

too deep

is anyone on this chat

yes

how to insert tx version +3 on basic.h or on some other file

simple for monero folks

You'd think so. It's definitely possible, but I'd just go through every error and fix till it works.

ss << tx_blob;

this is the error line

i insert on basic.h class transaction_prefix version 4 but is not enough

maybe is need a other type of inserting

im not c++ guru

maybe tx u can change on other file

code is really huge

monero folks

anyone?

what are you trying to accomplish?

new chain with version 4

why

version 4 has ringct

monermooo maybe u are the greatest folk here so help on this

with yoru experience is nothing

As I said. I don't know, I'd have to debug each error till they're all gone.

i told the line ss << tx_blob;

the reason is that tx +3 need smth else

dont know

with tx <=3 wokr

wrok

work

maybe class transaction_prefix we need some other structure to insert

back

any help

Hi guys. I´m experiencing an issue with Monero GUI.

Maybe somebody can help.

#monero-gui

Sorry, i´ll ask there.

moneromooo where to insert tx version +3

is very basic for monero this really

alive here

"Quality, low noise discussions expected"

anyone who can understand your question already understood it in the first three messages. there's no need to shit up the channel