stack_wallet icon indicating copy to clipboard operation
stack_wallet copied to clipboard
verified publisher icon cypherstack

Take action to mitigate the effectiveness of chainlysis's probabilistic attack to successfuly deanonimization monero users

Open Kreyren opened this issue 1 year ago • 0 comments

Primary source (leaked original presentation) for ongoing de-anonymization attack through malicious nodes: http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/monero-chain.mp4

Secondary summary of the situation: dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/6de54b143e669e368af6

Originally posted by @GhostDog98 in https://github.com/cypherstack/stack_wallet/issues/981#issuecomment-2569476011

TLDR

Chainlysis is able to deanonymize monero users by: a. deploying malicious nodes that unaware to the blockchain set decoys from 16 to 1 and by tracking the IP addresses reducing the effectiveness of privacy measures b. observe fee rate to try to connect it to known wallets and their behaviors c. connect IP addresses by users who do not use their own nodes to have dandelion++ protection to known IPs in the world

List of Recommendations:

  1. Do not deploy stack monero node over clearweb, provide Tor only and deploy I2P and warn the user with a prompt to deploy their own node to have dandelion++ protection with explanation to why is that important
  2. Disable the ability to change fee rate for monero and set it to automatic only OR prompt the user with a warning if they want to change the fee rate
  3. Warn the user if they decide to use Monero over clearweb that it's bad idea and link the summary above

Kreyren avatar Jan 05 '25 02:01 Kreyren