#Chainalysis appears to have intercepted #Monero node traffic. Here's what I've uncovered of their lil' hack, explained like you're 5-years-old. And to be fair, it's quite telling of the problems blockchain forensics (a form of data science) is having with Monero's robust privacy.
Chainalysis operates “faux nodes” which are nginx (pronounced engine-x) servers that act as reverse proxies. In plain English, that means they forward→traffic to real nodes, while capturing a copy 💾 of the underlying data.
The case of node.moneroworld.com
node.moneroworld.com isn't actually a node, but points DNS A-records to a bunch of legit Monero node IP addresses. Think of it sort of like a load balancer; it connects Monero traffic (users) to any of the many participating nodes that are attached to it. So if one of the nodes goes offline, it directs users to the nodes that are still online.
So before Chainalysis even enters the picture, let's say a node is attached to the load balancer. The node itself is hosted on a VPS (Virtual Private Server). This is a type of hosting service that utilizes virtualization technology to provide users with dedicated resources on a server that is shared among multiple users. However, if the node operator stops paying for the VPS or no longer wants to run the node, they might abandon it. Chainalysis has been keeping a very naughty eye on the load balancer, and after seeing this node quit, rents the same VPS that previously hosted the node. If the DNS zone records (responsible for linking domain names to IP addresses) aren’t updated in a timely manner, a dangling DNS record could persist, meaning the network (popular wallets, GUI, load balancers, etc) still associates that IP with a "trusted" node.
So from what I can tell, let's assume you connected to, and used these malicious nodes nakedly, meaning you walked into the crowded sauna nude, and didn't wear a VPN (underwear), and didn't have Tor (a towel) between you. Here's what they could see:
-IP
-IP latency
-timestamp
-input, output, fee structure
Simply using a VPN cuts this in half, and putting Tor between you (or just using .onion public nodes) keeps you mostly safe. But of course, running your own node, eliminates all the problems. And the takeaway here perhaps, is that even when transacting via a malicious node, it still doesn't know your recipient, and is trapped in a bunch of fog unless you do something outside the ordinary with the fee structure.
The inbound Monero fork called FCMP++ (Full Chain Membership Proofs), which is a form of Merkel Proof with a couple other things, will replace ring signatures, and is going slam the door on Chainalysis' small shell game. It could set the table for PIR (Private Information Retrieval), which is a cryptographic protocol that allows retrieval of an item from a server, without revealing which item was retrieved. This would be egalitarian for all the people who cannot run their own nodes (cost, access to resources, etc), and rely on public nodes.
Is this Chainalysis exploit also a threat to Nostr relays?
#askNOSTR
Anyway, would appreciate correction to anything I got wrong. I feel that the expectation of XMR's privacy is so sky high, that we bitcoiners can forget that the tradition of hard forks in Monero is really what keeps its privacy a step ahead, and so hardened to the always improving, always evolving threats to privacy.
—Jus Dos
JusDos / Jus Dos
npub1er…z5vh2
2024-09-13 08:38:43
Author Public Key
npub1er7r78sjrdsclf39q45tyddqw46tzn672x85aecsq2f3j289twzqnz5vh2Seen on
wss://relay.primal.netPublished at
2024-09-13 08:38:43Event JSON
{
"id": "e336717ea64dda4aa2a06dfb7b200aadb0c1b0bcf416c06f3ac35bbbe6d1be8f",
"pubkey": "c8fc3f1e121b618fa6250568b235a07574b14f5e518f4ee71002931928e55b84",
"created_at": 1726209523,
"kind": 1,
"tags": [
[
"t",
"Chainalysis"
],
[
"t",
"Monero"
],
[
"t",
"askNOSTR"
]
],
"content": "#Chainalysis appears to have intercepted #Monero node traffic. Here's what I've uncovered of their lil' hack, explained like you're 5-years-old. And to be fair, it's quite telling of the problems blockchain forensics (a form of data science) is having with Monero's robust privacy. \n\nChainalysis operates “faux nodes” which are nginx (pronounced engine-x) servers that act as reverse proxies. In plain English, that means they forward→traffic to real nodes, while capturing a copy 💾 of the underlying data. \n\nThe case of node.moneroworld.com\n\nnode.moneroworld.com isn't actually a node, but points DNS A-records to a bunch of legit Monero node IP addresses. Think of it sort of like a load balancer; it connects Monero traffic (users) to any of the many participating nodes that are attached to it. So if one of the nodes goes offline, it directs users to the nodes that are still online.\n\nSo before Chainalysis even enters the picture, let's say a node is attached to the load balancer. The node itself is hosted on a VPS (Virtual Private Server). This is a type of hosting service that utilizes virtualization technology to provide users with dedicated resources on a server that is shared among multiple users. However, if the node operator stops paying for the VPS or no longer wants to run the node, they might abandon it. Chainalysis has been keeping a very naughty eye on the load balancer, and after seeing this node quit, rents the same VPS that previously hosted the node. If the DNS zone records (responsible for linking domain names to IP addresses) aren’t updated in a timely manner, a dangling DNS record could persist, meaning the network (popular wallets, GUI, load balancers, etc) still associates that IP with a \"trusted\" node. \n\nSo from what I can tell, let's assume you connected to, and used these malicious nodes nakedly, meaning you walked into the crowded sauna nude, and didn't wear a VPN (underwear), and didn't have Tor (a towel) between you. Here's what they could see:\n\n-IP\n-IP latency\n-timestamp\n-input, output, fee structure\n\nSimply using a VPN cuts this in half, and putting Tor between you (or just using .onion public nodes) keeps you mostly safe. But of course, running your own node, eliminates all the problems. And the takeaway here perhaps, is that even when transacting via a malicious node, it still doesn't know your recipient, and is trapped in a bunch of fog unless you do something outside the ordinary with the fee structure. \n\nThe inbound Monero fork called FCMP++ (Full Chain Membership Proofs), which is a form of Merkel Proof with a couple other things, will replace ring signatures, and is going slam the door on Chainalysis' small shell game. It could set the table for PIR (Private Information Retrieval), which is a cryptographic protocol that allows retrieval of an item from a server, without revealing which item was retrieved. This would be egalitarian for all the people who cannot run their own nodes (cost, access to resources, etc), and rely on public nodes.\n\nIs this Chainalysis exploit also a threat to Nostr relays?\n\n#askNOSTR\n\nAnyway, would appreciate correction to anything I got wrong. I feel that the expectation of XMR's privacy is so sky high, that we bitcoiners can forget that the tradition of hard forks in Monero is really what keeps its privacy a step ahead, and so hardened to the always improving, always evolving threats to privacy.\n\n—Jus Dos\n\n",
"sig": "b266987d31a68a1e8edf7681f2d03001abff3b86a9cb8866fe6a777a9d990f5dc3e9f795bb017bd2a2221d65a8b961c3d94dee7d4426f40d3f9533771877fe77"
}