This is an automated archive made by the Lemmit Bot.

The original was posted on /r/monero by /u/XMR_Mon on 2024-04-14 00:10:22.


I wanted to touch on a few things and get some feedback. I wouldn’t post this unless I had good reason to suspect it’s all related to a state actor, as I’m not a fan of FUD. Please spread this far and wide so the community can be made aware, I don’t know that this post will stay up. I would post on monero.town but don’t have an account and it requires an application and/or paying a small fee, and at the moment I don’t feel comfortable s(p)ending any monero. I’d appreciate if someone could post this in the tor subreddit as well, and any related forums. We need more eyes on this.

XMR Attack: First, we all know of the attack on XMR which is likely a Black Marble flooding attack designed to reduce as many legitimate ring signatures as possible, making statistical analysis much easier, possibly even after the attack ends. See CCS - Rucknium Statistical Research. There was the ability to monitor statistically significant transactions before to gain knowledge of target (for parallel reconstruction), this attack just makes it much easier and more accurate.

Tor attack: There is yet another new attack against tor nodes that allows crashing them at will. This could always be done via DDoS, but there is general mitigation against that and it’s very loud. This simply makes the targeted node(s) unusable. There are mitigation scripts, but for at least a few weeks/months state actors could perform packet inspection and crash all nodes that weren’t theirs. Even after applying mitigation scripts, node operators are having trouble keeping up with the evolving attack.

I use Whonix to watch in the Onion Circuts GUI and have noticed a great deal of timeouts and failures over the past few months, always ending up with many of the same nodes as middle/exit nodes. About half the time I’ll end up with a new guard node and a change of VPS location (multihop and obfuscated) will allow my normal guards back again for a short period before they start timing out again.

More tor worry: I will often times have the same name (but different key) nodes for middle and exit nodes, for example the prsv or atrikle10 or the Monero named nodes. I don’t know if this is truly an issue, if state actor nodes could hypothetically work with each other (i.e. all prsv nodes – although I am NOT saying prsv is a state actor) or if it’s the IP address and key that matters. Tor also raised the number of nodes that can be run from the same IP address to 4, and then raised it again to 8, to combat the ongoing DDoS attacks in what seems to be a worrying trend of availability over privacy.

There may also be a vulnerability of insecure DH Key Exchange over a month old which has not yet been responded to.

CLOUDFLARE + tor: If you monitor your circuits and have connected to a cloudflare-proxied site, you will notice that most or all of your circuits are flooded with randomly generated clflarexxxxxxx.onion addresses, a huge number of them, per service that uses cloudflare. This is because of the “Onion Proxy” feature in Cloudflare, which is enabled by default on all Cloudflare-proxied websites. This effectively destroys the circuit selection mechanism within tor, and makes any DoS attack even more damaging. Normally, a hidden service connection has six hops (three chosen by client, three chosen by hidden service). Hypothetically, if Cloudflare has modified their hidden service connections to use only their own nodes for speed, then this would mean all hidden service connections are only using 3 hops, and also flooding the circut selection mechanism. In my understanding, this would be a godsend for any actor able to do DPI on Cloudflare traffic.

Edit: Here is another question I’ve had for some time, if anyone is able to answer it on a technical level. Services like Trocador and Orangefren are great, but if they were compromised, would it make statistical detection of ring signatures easier? Even if the services they list aren’t compromised, if Trocador knows the amount of XMR you’re getting from LTC, and the time/block the transaction happens, does that narrow down the statistical likelyhood of it being your transaction on a technical level? If so, how much would it help to wait a day and send a majority of your funds from that wallet to another wallet you own, leaving a small amount behind?