Hello.

Is it generally a good idea to use a new sub-address after every withdrawal from an exchange?

"BLOCK ADDED AS ALTERNATIVE ON HEIGHT" ... oh boy haven't seen that in a while!

Doesn't matter since the exchange already knows it's the same person since it's the same account.

Sub-address per exchange would be good, but as moneromooo said per withdrawal doesn’t help you at all.

i'm looking at the tari home page

i do not know what merge-mined means?

let me ask this will tari activity contribute to xmr mining difficulty?

h2017: tlu.tarilabs.com/merged-mining/merg…scene/MergedMiningIntroduction.html

so by briefly skimming this it looks like the tari chain submits transactions to the monero chain which are indistuinguishable from other monero transactions and all of the mining is done on the monero chain and the tari software has to monitor the monero blockchain for mined tari blocks

something like that

this makes monero technically unaware of tari

but possibly the monero may have to have modifications in order to do its job, no?

anyone here experienced in building web-applications on monero?

so far I'm thinking I'm going to be using shell_exec for my website

since I need it to connect to the node

the way I've daemonized the monero node is using tmux

so that when I end the ssh session monerod is still running

I must say though it is syncing pretty quickly

h2017: the monero and tari chains have no interaction

as far as transacyions go

if you choose to do so and the pool you are on supports it then mining either mines both

one should be able to use pruning for a public remote node right?

Hi all, I noticed that selsta updated the block.txt list of bad nodes, but today I noticed an IP (165.22.236.24) which was always 2 blocks ahead of the other 11 peers.

monerouser1144: did you use the daemon command sync_info

it will also show syncing as well as 2 blocks ahead for one of those bad nodes

Yes, it was "syncing" all day today (at least, I wasn't monitoring it the last week) paste.debian.net/1175800

yep another one

I mention it, because it was not included in the latest list of bad nodes by selsta.

thx

<locustlord "so far I'm thinking I'm going to"> Dude, are you *asking* to get hacked? Because that's exactly how you get hacked

getmonero.org/resources/developer-guides/daemon-rpc.html this is how you interact with monerod from your application

hi all

Monero BADCACA nodes are proudly sponsored by Ryo Currency dev fund.

would not surprise me

monerouser1144: updated, thanks

selsta: have you considered using git to store the banlist? so that people can simply pull the updated version and commit new malicious know when they find them

*malicious nodes

Guest17775: could make sense, but with the next point release it will be less important to keep the ban list 100% up to date

binaryFate, the blog post that xmr.to link to when the VPN warning text pops up 404's (test.xmr.to/blog/blogging-and-logging)

if you take the test off it doesn't 404 :D

thanks I'll pass along

binaryFate: I was under the impression you were not longer associated with xmr.to?

Oh. That'd be good to know. The default assumption is whoever runs a cryptocurency business is a scammer, so if it's been transferred, that needs knowing :)

lol

I mean, I'm open to being wrong. However I sware I remember reading somewhere that some service that was run by a Monero maintainer had been taken over by another corporation.

what do I do for not reconnecting always and always but getting always a few chunks from the chain

where is the blockchain stored in the linux cli version?

I need to know so I can delete it because my hard drive wasn't big enough for it

$ du -hd 3 | sort -h

$ du -hd 3 ~ | sort -h

:D

$HOME/.bitmonero

thanks moneromooo

<hyc "can't prevent sybils from connecting...only make it expensive for them to do so." Is this the idea around comments I've seen about "p2p pow" on node connect?

Looks like there was ideas from gingeropolous to try and do something with economic incentive with monero-project/monero #3049

That already exists.

Tonux: I can pass info along whether I'm directly involved or not

2018, not sure whether thst exited at the time, though it's been a long standing thing I wanted to do.

<moneromooo> "Randomx is too heavy to verify sadly.

It will likely be Equix, or if not, keccak."

Doesn't seem like it'd be providing any economic incentive it not able to do it in randomx though, no?

If it's your electricity, it does.

To be claer, those two things are different, not sure if you realize it.

I'm really trying to surmise if this is an attempt to create a cost to "bad" nodes that could be used for sybil attacks

<moneromooo> Oh. That'd be good to know. The default assumption is whoever runs a cryptocurency business is a scammer, so if it's been transferred, that needs knowing <--- nah, or I would say so. I'm just not personally operating much nowadays

Thanks, sounds good.

nos411, yeah, that issue is for RPC remote node service. but yes, there are talks about p2p pow, which is different

nos411: the PoW on connect is.

Ok, I had an inkling that could be the case, but didn't have anything to go on aside from the 2-3 times I'd seen p2p pow mentioned since I made my way to IRC

So to summerize, the p2p pow idea is to provide an economic cost (electricity usage) by forcing nodes to run some equix/keccak hashs on their side each time they connect to another node?

Or if there's an issue/pr I could just read that'd be swell too.

The idea is that it places a roadblock to the amount of assholery you can do.

By forcing ALL nodes to pay the price?

If you use a botnet, it's someone else's electricity anyway.

Yes.

It's creating a roadblock because it'll cost more to run many assholery nodes?

Kinda.

So there's more to it than just the additional electricity used to produce said hashs?

It's on *connect*. It costs more to connect more. Honest people don't connect much. An asshole may connect a lot.

Ah

So, with the combination of the ban list and the need to rotate bad acting nodes IPs there will be lots of re-connecting required by bad nodes. I think I'm gronking it now.

In addition to whatever other reasons a bad node would have to connect a lot.

the physical resource cost isn't so much a factor as the time cost. it will slow them down.

Would this raise the cost on the nodes though if they're cloud hosted? Aren't those VMs typically charged by runtime?

Oh, time is the real penalty then. ok

If you wanted the penalty to be monetarily crippling, it'd take a *lot* of PoW.

Yeah, I think I just conflated the economic incentive angle of the RPC remote node service onto the p2p pow idea and hadn't untangled them.

And it'd be a self inflicted DoS really.

One good way to see it is the ratio of bytes sent vs time spent rejecting that data (assuming it's bad).

Keccak is pretty good for that.

Equix much less.

Another is the amount of CPU time the attacker has to expend vs the amount of CPU time you have to expend.

That's selectable by a difficulty system. Equix has the advantage of preventing massive multithreading.

I assume then it'll have to be more time/effort intensive to produce the hash than to verify it to work? What's even going to be the source input to be hashed, some data sent from the node your trying to connect to?

It's not super clear to me it's better, but since Tor is considering it rather than simply keccak, I'm piggybacking my preference on the assumption they thought about it already :)

Yes.

keccak is symmetric

verifying is the same step as generating the hash

which makes it poor from a PoW perspective

Sure, that's why you put a dificulty thing.

... and also keccak is widely used, which means there's great incentive to accelerate it

If you took a hash that took an hour to calc one hash and take a second to verify, it'd still be a bad hash to use, since one second.

how do I change the directory for the monero daemon to store the blockchain on the linux cli?

and keccak is designed to be efficient in hardware, which means ASICs will far outclass CPUs

--data-dir

and the discussion of ASICs is with regard to the ability to possibly offload the p2p pow hashing work to hardware that can mitigate the time impact of doing the work?

Yes.

when syncing my node running under stagenet, does it still download the whole blockchain?

the whole stagenet blockchain, yes

that's what syncing means

ok but it doesn't download the mainnet blockchain?

you said it was stagenet

whay would it touch the mainnet blockchain?

listen I just want to know whether I'll need to resync when I'm in production or not

the answer is yes from what you've told me so thank you

and equix is designed to be asic resistant methinks

ah yes that was mentioned

<rayb> can anyone help with restoring my wallet. Im about to pull my hair out with it

Do you have your seed (25 words) ?

If so: monero-wallet-cli --restore-deterministic-wallet

Then follow instructions.