@OpenMonero.com
LocalMonero Fork inspired by Agoradesk
No relay list published yet.
Recent Notes
Centralization of XMR market and tracking every transaction
Recent research conducted by the Weizenbaum Institute, TRM Labs (San Franciso) and TU Berlin indicate that Retoswap, formerly known as Haveno-Reto, does not provide the privacy protections it advertises. Despite its marketing claims, this platform functions as a sophisticated decoy. The narrative of being non-custodial and decentralized is a carefully crafted illusion designed to attract unsuspecting users and foster a false sense of security.
https://xcancel.com/noosphere888x2/status/1922044150716715102#m
Darknet operators who assume Retoswap is suitable for laundering should reconsider. Their activities are under constant surveillance. The supposed privacy offered by Retoswap is an illusion.
Retoswap Trades Are Fully Traceable
> To test our findings, we logged Haveno trades for two weeks and executed five test trades within the observation period. For all five transactions, we successfully identified all XMR transactions.
Additionally, we demonstrate that Haveno trades leave detectable on-chain footprints, allowing cross-chain transaction linking.
Source: https://arxiv.org/pdf/2505.02392
> Haveno has been discussed in greater detail as it evolved to one of the most prominent exchanges in the context of Monero. While strong promises claim privacy with every transaction and independence from any central authority, the current implementation raises uncertainty. Our analysis showed detectable on-chain patterns and weaknesses in the platform that can be exploited to match transactions across chains.
It is noteworthy that some of the most active dark web exchanges, administrators, vendors, and key figures may have already utilized Retoswap to launder illicit gains or transfer substantial amounts of BTC and XMR. These individuals often believe their anonymity is safeguarded due to the platform’s purported decentralization. However, all Retoswap crypto-to-crypto transactions are inherently traceable.
Retoswap has apparently handled over 50 million dollars in transactions, which is pretty impressive considering it’s been around for less than a year. It looks like big players like hackers, darknet admins, and other underground groups are already using it to move big amounts of money.
Source: https://xcancel.com/RetoSwap/status/1930953817228481022#m
While speculative, there are reasons to suspect that recent LE actions may not be coincidental. Authorities have tracked down major operators, likely due to the on-chain trail left by Retoswap activities. According to haveno.markets, approximately 90% of liquidity involves BTC-XMR swaps, transactions that are fully traceable. Every transaction is publicly recorded on-chain with exact timestamps, amounts, and payment methods, leaving a permanent digital footprint.
> While trade statistics provide valuable metrics for users, their network propagation should be obfuscated to preserve trade privacy.
Source: https://arxiv.org/pdf/2505.02392
In summary, admins of coin-swap services can easily monitor BTC to XMR trades. But usually, it’s not a big deal because users trust these providers not to share details like timestamps, amounts, or other info. On the flip side, with platforms like Retoswap, anyone can potentially track transactions, it’s not just the admins. That’s because haveno.markets openly shares trade stats, making it easier for third parties to analyze and follow the transactions.
May freeze or seize funds
Retoswap runs on Haveno, which is a decentralized, non-custodial multi-sig exchange. That’s true because your private key is generated locally, so only you have access to your funds in the Haveno wallet.
However, to publish a sell offer, a vendor must lock up coins (15% security deposit and the trade amount). These funds can potentially be frozen or seized because the admin can easily have two keys required to sign a transaction. The haveno FAQ suggests that the admin/arbiter only has one key, but in practice, anyone can become a taker, there is practically nothing preventing the admin from possessing two keys.
Some users have spoken out about this openly on platforms like Nostr, Reddit, and others, raising concerns about potential exit scams in how the system is set up. So, it’s worth being aware of these issues before jumping in.
https://rl.bloat.cat/r/Monero/comments/1h4icot/is_haveno_anymore_secure_than_trading_with_a/
https://archive.ph/gSRVs#25%
Centralization of XMR market and tracking every transaction
Retoswaps objective appears to be the centralization of XMR liquidity through their unique setup with pre-funded offers. Furthermore, Woodser (developer associated with Haveno) has not addressed the rugpuller bot issue that I initially identified six months ago. This is not due to incompetence but rather suggests a lack of independence, as the Reto guy has accepted donations from questionable sources. Such actions raise concerns about the integrity of the haveno development process.
Source: link to shortwavesurfer about donations
Quote mister_monster:
> So, Reto has basically no fees right now. They don’t really benefit financially from being the only haveno network with liquidity. Yet, [b]it does seem that they do want to have a monopoly position within our community[b].
Source: https://monero.town/post/5172146
Amazon used the same tactic to take over the market, operating at a loss and funded by questionable sources until competitors were pushed out. Now, this new platform is promising decentralization, non-custodial transactions, and privacy. But the reality is, none of that seems to hold up. It's all about crushing the competition and cornering the XMR market, and tracking every transaction? That's not exactly a recipe for trust. It might not be a honeypot, but it sure smells a lot like one. Proceed with extreme caution.
Discuss on dread: http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/be82f1a0c5e0f79f6dbb
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex #cex #moneroju #xmrbaazar #security #agorism #cypherphunk #rugpull #transparency #stats
Recent research conducted by the Weizenbaum Institute, TRM Labs (San Franciso) and TU Berlin indicate that Retoswap, formerly known as Haveno-Reto, does not provide the privacy protections it advertises. Despite its marketing claims, this platform functions as a sophisticated decoy. The narrative of being non-custodial and decentralized is a carefully crafted illusion designed to attract unsuspecting users and foster a false sense of security.
https://xcancel.com/noosphere888x2/status/1922044150716715102#m
Darknet operators who assume Retoswap is suitable for laundering should reconsider. Their activities are under constant surveillance. The supposed privacy offered by Retoswap is an illusion.
Retoswap Trades Are Fully Traceable
> To test our findings, we logged Haveno trades for two weeks and executed five test trades within the observation period. For all five transactions, we successfully identified all XMR transactions.
Additionally, we demonstrate that Haveno trades leave detectable on-chain footprints, allowing cross-chain transaction linking.
Source: https://arxiv.org/pdf/2505.02392
> Haveno has been discussed in greater detail as it evolved to one of the most prominent exchanges in the context of Monero. While strong promises claim privacy with every transaction and independence from any central authority, the current implementation raises uncertainty. Our analysis showed detectable on-chain patterns and weaknesses in the platform that can be exploited to match transactions across chains.
It is noteworthy that some of the most active dark web exchanges, administrators, vendors, and key figures may have already utilized Retoswap to launder illicit gains or transfer substantial amounts of BTC and XMR. These individuals often believe their anonymity is safeguarded due to the platform’s purported decentralization. However, all Retoswap crypto-to-crypto transactions are inherently traceable.
Retoswap has apparently handled over 50 million dollars in transactions, which is pretty impressive considering it’s been around for less than a year. It looks like big players like hackers, darknet admins, and other underground groups are already using it to move big amounts of money.
Source: https://xcancel.com/RetoSwap/status/1930953817228481022#m
While speculative, there are reasons to suspect that recent LE actions may not be coincidental. Authorities have tracked down major operators, likely due to the on-chain trail left by Retoswap activities. According to haveno.markets, approximately 90% of liquidity involves BTC-XMR swaps, transactions that are fully traceable. Every transaction is publicly recorded on-chain with exact timestamps, amounts, and payment methods, leaving a permanent digital footprint.
> While trade statistics provide valuable metrics for users, their network propagation should be obfuscated to preserve trade privacy.
Source: https://arxiv.org/pdf/2505.02392
In summary, admins of coin-swap services can easily monitor BTC to XMR trades. But usually, it’s not a big deal because users trust these providers not to share details like timestamps, amounts, or other info. On the flip side, with platforms like Retoswap, anyone can potentially track transactions, it’s not just the admins. That’s because haveno.markets openly shares trade stats, making it easier for third parties to analyze and follow the transactions.
May freeze or seize funds
Retoswap runs on Haveno, which is a decentralized, non-custodial multi-sig exchange. That’s true because your private key is generated locally, so only you have access to your funds in the Haveno wallet.
However, to publish a sell offer, a vendor must lock up coins (15% security deposit and the trade amount). These funds can potentially be frozen or seized because the admin can easily have two keys required to sign a transaction. The haveno FAQ suggests that the admin/arbiter only has one key, but in practice, anyone can become a taker, there is practically nothing preventing the admin from possessing two keys.
Some users have spoken out about this openly on platforms like Nostr, Reddit, and others, raising concerns about potential exit scams in how the system is set up. So, it’s worth being aware of these issues before jumping in.
https://rl.bloat.cat/r/Monero/comments/1h4icot/is_haveno_anymore_secure_than_trading_with_a/
https://archive.ph/gSRVs#25%
Centralization of XMR market and tracking every transaction
Retoswaps objective appears to be the centralization of XMR liquidity through their unique setup with pre-funded offers. Furthermore, Woodser (developer associated with Haveno) has not addressed the rugpuller bot issue that I initially identified six months ago. This is not due to incompetence but rather suggests a lack of independence, as the Reto guy has accepted donations from questionable sources. Such actions raise concerns about the integrity of the haveno development process.
Source: link to shortwavesurfer about donations
Quote mister_monster:
> So, Reto has basically no fees right now. They don’t really benefit financially from being the only haveno network with liquidity. Yet, [b]it does seem that they do want to have a monopoly position within our community[b].
Source: https://monero.town/post/5172146
Amazon used the same tactic to take over the market, operating at a loss and funded by questionable sources until competitors were pushed out. Now, this new platform is promising decentralization, non-custodial transactions, and privacy. But the reality is, none of that seems to hold up. It's all about crushing the competition and cornering the XMR market, and tracking every transaction? That's not exactly a recipe for trust. It might not be a honeypot, but it sure smells a lot like one. Proceed with extreme caution.
Discuss on dread: http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/be82f1a0c5e0f79f6dbb
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex #cex #moneroju #xmrbaazar #security #agorism #cypherphunk #rugpull #transparency #stats
why not make a decentralized protocol, like how robosats does and publishes orderbooks on nostr, so that openmonero can be even more open and resilient in case it goes down?
2 new repos have been released last week and the code is fully built on top of NOSTR.
Frontend: http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-dex
Backend: http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-dex-api
Demo: http://ek72x7tysgkrr754ce4np4e6ce5rtwtxphxibzmesnsbuyco5onlc5id.onion/
Frontend: http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-dex
Backend: http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-dex-api
Demo: http://ek72x7tysgkrr754ce4np4e6ce5rtwtxphxibzmesnsbuyco5onlc5id.onion/
I've been using RetoSwap since it came out earlier last year and have had no problems. But it still seems like good points you bring up.
Any ideas on what could improve Haveno in this regard?
What w...
Let's be real, nothing comes for free. The fact that there are no arbitration fees on the retoswap network might make you think that users are actually the product. If you dig a little deeper, you'll find a bunch of issues, with the risk of exit scams being a big one.
A decentralized node network is only secure if there's no admin who can circumvent the rules. To address the exit scam issue, either eliminate the admin or remove the liquidity.
People want to trade online without the hassle of installing software, which can threaten their privacy. Trusting someone to keep your computer safe isn’t easy, and even open-source code can have hidden risks since most don’t compile it themselves. With OpenMonero, you can avoid those worries because it’s just a website that doesn’t need permissions.
The built-in non-custodial wallet for haveno funds isn’t very secure either, since private keys could be logged, and the project isn’t truly decentralized. The GitHub repo isn’t easy to fork, it’s built in Java and is pretty complicated. The more complex the code is, the tougher it gets for developers to spot vulnerabilities or malicious code.
Haveno is better at resisting censorship than OpenMonero, but this mainly benefits the admin. Without a reputation system, vendors can't import any stats to other platforms, leaving their accounts on Haveno fairly low in value. It’s unlikely that any former LocalMonero vendor, who has built up their reputation over the years, would want to use this system.
OpenMonero launched in June 2024, and I've recently started promoting it on social media. I encourage you to check out our list of over 150 verified vendors, including respected LocalMonero traders. If these vendors have confidence in the platform, users are likely to feel the same way.
Vendor list: https://nojs.openmonero.com/guides/how-to-import-reputation#cachedUserList
Reference: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
Reference: https://primal.net/e/nevent1qqsq2pcudt9rdq4wwpk7r784fwr5h0lt4fhzj6cvaeckurla6wg29dqkrrz7a
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex #cex #moneroju #xmrbaazar #security #agorism #cypherphunk
A decentralized node network is only secure if there's no admin who can circumvent the rules. To address the exit scam issue, either eliminate the admin or remove the liquidity.
People want to trade online without the hassle of installing software, which can threaten their privacy. Trusting someone to keep your computer safe isn’t easy, and even open-source code can have hidden risks since most don’t compile it themselves. With OpenMonero, you can avoid those worries because it’s just a website that doesn’t need permissions.
The built-in non-custodial wallet for haveno funds isn’t very secure either, since private keys could be logged, and the project isn’t truly decentralized. The GitHub repo isn’t easy to fork, it’s built in Java and is pretty complicated. The more complex the code is, the tougher it gets for developers to spot vulnerabilities or malicious code.
Haveno is better at resisting censorship than OpenMonero, but this mainly benefits the admin. Without a reputation system, vendors can't import any stats to other platforms, leaving their accounts on Haveno fairly low in value. It’s unlikely that any former LocalMonero vendor, who has built up their reputation over the years, would want to use this system.
OpenMonero launched in June 2024, and I've recently started promoting it on social media. I encourage you to check out our list of over 150 verified vendors, including respected LocalMonero traders. If these vendors have confidence in the platform, users are likely to feel the same way.
Vendor list: https://nojs.openmonero.com/guides/how-to-import-reputation#cachedUserList
Reference: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
Reference: https://primal.net/e/nevent1qqsq2pcudt9rdq4wwpk7r784fwr5h0lt4fhzj6cvaeckurla6wg29dqkrrz7a
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex #cex #moneroju #xmrbaazar #security #agorism #cypherphunk
I am actually considering using both. The zero-deposit offers on Haveno would not be subject to taker bots because a password is generated on the client side that must be entered before the offer can ...
Basically, the haveno network operator can give admin roles to both taker and arbiter bots as well, which lets them ignore any rules in place. This speeds up things a lot since there’s no need to put down a security deposit for each taker bot, allowing all maker funds to be unlocked right away. These bots only work on the API level, so they don't mess with the user interface.
Because of this, it doesn’t really matter if you set up limitations on the frontend or the public API; the admin bots will always be able to access the protected API endpoints. This access is key to getting around rules like security deposits, rate limits, or any other client-side requirements for takers or arbiters.
The admin bots won’t use the public API, since developers would catch any shady changes to it. Instead, they’ll send requests to a protected API run by the network operator on a low-cost VPS for about $5 USD. Only the admin bots (taker and arbiter) will have the keys to access this protected API. This API will basically look like the public API but will have tweaks to bypass all those rules. So, only the maker will use the public API and will have to follow its rules.
To make things work, all you really need is the admin key, a protected API, and a few VPS servers for the taker and arbiter bots. These taker bots will throw the admin keys into the headers of their requests. If a normal taker tries to hit up the protected API without the admin keys, the request won't work. It’s actually pretty simple, and it might have been overlooked because of that.
Also, it’s good to remember that multi-signature setups only make sense when there’s no admin or network operator. The operator is always a single point of failure and can sidestep any limits on the API using their admin keys.
If anyone has a solid reason why this wouldn’t actually work, I’d love to hear it. When someone has the admin keys for their network, they can pretty much do whatever they want and set the rules while everyone else has to follow along.
To wrap it up, everyone in the haveno network, the taker, the arbiter, and the maker will get a key in the multi-sig trade. But there's also a fourth key, called the "magic key" that can do a bunch of powerful things, some of which could be a bit risky.
Reference: https://archive.ph/GsDsn
Thread: https://primal.net/e/nevent1qvzqqqqqqyqzqpg8r34v5d5z4ecxmc0c749cwjalaw4xu2ttpnh8zms0lhfepg450s7qlk
Interview: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex
Because of this, it doesn’t really matter if you set up limitations on the frontend or the public API; the admin bots will always be able to access the protected API endpoints. This access is key to getting around rules like security deposits, rate limits, or any other client-side requirements for takers or arbiters.
The admin bots won’t use the public API, since developers would catch any shady changes to it. Instead, they’ll send requests to a protected API run by the network operator on a low-cost VPS for about $5 USD. Only the admin bots (taker and arbiter) will have the keys to access this protected API. This API will basically look like the public API but will have tweaks to bypass all those rules. So, only the maker will use the public API and will have to follow its rules.
To make things work, all you really need is the admin key, a protected API, and a few VPS servers for the taker and arbiter bots. These taker bots will throw the admin keys into the headers of their requests. If a normal taker tries to hit up the protected API without the admin keys, the request won't work. It’s actually pretty simple, and it might have been overlooked because of that.
Also, it’s good to remember that multi-signature setups only make sense when there’s no admin or network operator. The operator is always a single point of failure and can sidestep any limits on the API using their admin keys.
If anyone has a solid reason why this wouldn’t actually work, I’d love to hear it. When someone has the admin keys for their network, they can pretty much do whatever they want and set the rules while everyone else has to follow along.
To wrap it up, everyone in the haveno network, the taker, the arbiter, and the maker will get a key in the multi-sig trade. But there's also a fourth key, called the "magic key" that can do a bunch of powerful things, some of which could be a bit risky.
Reference: https://archive.ph/GsDsn
Thread: https://primal.net/e/nevent1qvzqqqqqqyqzqpg8r34v5d5z4ecxmc0c749cwjalaw4xu2ttpnh8zms0lhfepg450s7qlk
Interview: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex
1
woodsers response:
> Would you mind reading through this and giving your response?
a malicious arbitrator could attempt to take offers, hoping to be assigned trades and then unfairly award funds to ...
OpenMonero response to Woodser haveno dev (haveno rug pull scenario)
> a malicious arbitrator could attempt to take offers, hoping to be assigned trades and then unfairly award funds to themselves. however this risk can be mitigated by:
> a sufficient number of arbitrators - the best way to mitigate this risk is to have a sufficient number of honest arbitrators, so a dishonest arbitrator is unlikely to be assigned a trade before being detected and banned. this creates an economic incentive for arbitrators to act honestly and earn trade fees rather than risk exclusion
I totally agree that individual arbiters need to act honestly so they don't get banned by the network operator. But honestly, that's not the main issue here. The real risk of a rug pull attack (or exit scam) doesn’t come from those individual arbiters, but from the network operator, whom we’ll call "Reto." Reto has the power to assign arbiter roles, which is where the problem lies.
The network operator is a single point of failure because he can create as many arbiter roles as he wants since he holds the admin key. Sure, Reto might give a few trusted individuals arbiter roles to make things look decentralized and transparent. But he could just as easily assign a bunch of roles to bots he controls. Plus, Reto would be in charge of all the taker bots, since anyone can jump in and be a taker. This setup lets Reto secure a two-thirds majority in any disputes that come up.
So, when it comes to pulling off an attack in this scenario, the odds are nearly 99.99% in favor of success. That’s because, when the attack happens, most of the arbiters and takers will likely be bots, all under Reto's control, making them the real weak link in the system.
> arbitrator selection by the maker - the maker can select an arbitrator from a trusted list rather than relying on random assignment (the current default)
The network operator is probably going to kick out all the human arbiters before they carry out the rug pull. This means the makers won’t have any choice but to use arbiter bots. Plus, the makers won’t really have a chance to dispute anything because a taker bot will just send a fake "I have paid" message even though they haven't actually paid. Then, that taker bot will start a dispute, leaning on the arbiter bot to back them up and go after the maker's funds unfairly.
In the end, the arbiter will take the 15% security deposit from the maker, while the taker bot walks away with the trading funds and its own 15% security deposit. The key thing to remember here is that both the taker and arbiter bots are under the control of the network operator, so all that money ends up in their hands, leaving the maker with nothing.
> trade limits per client - restricting the number of active trades or funds at risk per client further reduces potential damage from a dishonest arbitrator
If you try to limit how many active trades takers can have, it won’t really make a difference because anyone can be a taker. So, the network operator (or reto admin) could just set up as many taker bots as they need to get around those limits.
> in contrast, centralized exchanges like localmonero, lm, etc require full trust in the platform operators, because they take full custody of traded funds and can easily steal them at that time
I totally agree with you that most p2p platforms (like centralized exchanges) usually hold full custody of the funds since they require pre-funding for trades. But OpenMonero is different because it doesn’t need sellers to fully fund their trades upfront thanks to its self-custodial trade funding setup. The platform can’t access all of the liquidity at once unless every seller decided to post their bonds at the same time, which is statistically improbable.
It’s also worth mentioning that LocalMonero used to lack the self-custodial trade funding option, meaning that seller funds were always at risk while they waited for trade requests. Right now, OpenMonero can only tap into a maximum of 2% of the total liquidity at any given time, unless every seller posts their externally funded bond at the same time, which remains statistically improbable.
So, we can say that OpenMonero acts like a centralized exchange, but the liquidity is actually decentralized thanks to the self-custodial trade settlements for buyers and self-custodial trade funding for sellers. I suggest checking out the examples on simplifiedprivacy.com for more insights, especially if you’re looking into advanced examples.
> reputation can be easily faked, so does not provide any guarantee of trustworthiness in trade partners
No system is perfect, but it's fair to say that having a reputation system is definitely better than having no verification at all. It’s worth mentioning that faking a reputation system isn’t easy and it requires a lot of money and time. Sure, someone could try to create fake trades on OpenMonero, but the system can pick up on that pretty quickly (for ex, if someone makes 1000 trades in a short period, that would definitely raise some eyebrows)
Sellers/Buyers can also check users' Telegram handles through trusted sites like localmonero.co or confirm PGP keys from reliable sources, including LocalMonero and imported profiles.
Plus, you can’t do coin-locking on OpenMonero since sellers need to fund trades manually. It’s not an automated process like on networks like Haveno, which really helps to reduce the chances of exit scams. When it comes to offers on OpenMonero, they’re not fully funded right away. You only need 0.35 XMR to list an ad in the search results. This is mainly to fend off spam listings, but it can also help fund smaller trades. If a trade is bigger, sellers have the option to use an external, fully isolated wallet to fund the transaction and keep themselves safe from any potential scams right from the start.
> they can collect and store sensitive trade details across all traders
I don’t have an admin panel to keep track of trades or messages, and users can set up self-destructing messages right after a trade or completely delete their accounts. This kind of feature probably wouldn’t work in decentralized systems since all data is saved on multiple nodes. Also, the OpenMonero wallet creates a new address every time you make a deposit to help keep your privacy intact.
> they're more likely to be shut down due to legal compliance, and you're left to find a new service
My identity is kept private, and OpenMonero vendors don’t have to go through any KYC checks, which means we can totally work outside of regulations. This works because the platform isn't custodial, it's open-source, and you can access it via Tor hidden services and I2P. So, even if the clearnet domain gets taken down by the authorities, the exchange would still run smoothly. Anyone can self-host the frontend or even fork the code to make their own OpenMonero version. Plus, we’re working on a Nostr-based version that lets anyone become an escrow provider or self-host the frontend without needing any backend. This would make it super resistant to censorship. Check out the interview for more details!
> ultimately users should consider the trustworthiness of the haveno network they're using and its arbitrators, but these networks provide greater decentralization, privacy, and control of funds than centralized services, which are a single point of failure
Most of my vendors don’t really need to trust me because they don’t have to download any software or put down trading funds upfront to get trade requests (unlike Haveno). This really cuts down the chances of exit scams right from the start, and it keeps their personal files safe from malicious access. The OpenMonero web app runs smoothly in any browser and doesn’t connect to the user’s system, which is way different from Haveno that needs to be installed and has a daemon running all the time on your computer (definitely a recipe for keyloggers and shady auto updates). Plus, the built-in non-custodial wallet in Haveno isn’t very secure since malicious updates could come with keyloggers to snag your private keys. But with OpenMonero, vendors can fund their bonds using totally isolated wallets like Cake Wallet, Moneroju, Monero Wallet CLI, Feather Wallet, Trezor, and more.
The Haveno platform mainly looks out for the network operators, but it doesn’t really do much to protect market makers. This leaves them open to the risk of exit scams since the liquidity, the most important asset, is fully controlled by the network operator.
Also, let’s be clear: Haveno isn't truly decentralized. Accounts and order books don’t get shared between different Haveno instances, which creates a fragmented setup that’s kind of like a local network. The system would work a lot better if there was one big network where accounts and offers were merged from various instances instead of just having this isolated system run by a single operator. That’s not how decentralization should work.
When we talk about fund security, decentralization isn’t the most important factor. What really matters are things like how quickly trades get finalized, self-custodial trade settlements and self-custodial funding, along with a solid reputation system. Without a reputation system, there’s no trust between trading partners. Plus, if we don’t have self-custodial settlements or funding, the admin could easily run off with all the liquidity.
I’d love to keep the conversation going if you have any other points you want to bring up. I think Haveno does a pretty good job of protecting network operators, and I really appreciate that it’s open-source!
However I think OpenMonero is more safe (multi-sig vs self-custodial) and has 98% less risk of total liquidity being jeopardized at all times. The occurrence of exit scams is relatively low within this model.
Reference: https://archive.ph/GsDsn
Interview: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex
> a malicious arbitrator could attempt to take offers, hoping to be assigned trades and then unfairly award funds to themselves. however this risk can be mitigated by:
> a sufficient number of arbitrators - the best way to mitigate this risk is to have a sufficient number of honest arbitrators, so a dishonest arbitrator is unlikely to be assigned a trade before being detected and banned. this creates an economic incentive for arbitrators to act honestly and earn trade fees rather than risk exclusion
I totally agree that individual arbiters need to act honestly so they don't get banned by the network operator. But honestly, that's not the main issue here. The real risk of a rug pull attack (or exit scam) doesn’t come from those individual arbiters, but from the network operator, whom we’ll call "Reto." Reto has the power to assign arbiter roles, which is where the problem lies.
The network operator is a single point of failure because he can create as many arbiter roles as he wants since he holds the admin key. Sure, Reto might give a few trusted individuals arbiter roles to make things look decentralized and transparent. But he could just as easily assign a bunch of roles to bots he controls. Plus, Reto would be in charge of all the taker bots, since anyone can jump in and be a taker. This setup lets Reto secure a two-thirds majority in any disputes that come up.
So, when it comes to pulling off an attack in this scenario, the odds are nearly 99.99% in favor of success. That’s because, when the attack happens, most of the arbiters and takers will likely be bots, all under Reto's control, making them the real weak link in the system.
> arbitrator selection by the maker - the maker can select an arbitrator from a trusted list rather than relying on random assignment (the current default)
The network operator is probably going to kick out all the human arbiters before they carry out the rug pull. This means the makers won’t have any choice but to use arbiter bots. Plus, the makers won’t really have a chance to dispute anything because a taker bot will just send a fake "I have paid" message even though they haven't actually paid. Then, that taker bot will start a dispute, leaning on the arbiter bot to back them up and go after the maker's funds unfairly.
In the end, the arbiter will take the 15% security deposit from the maker, while the taker bot walks away with the trading funds and its own 15% security deposit. The key thing to remember here is that both the taker and arbiter bots are under the control of the network operator, so all that money ends up in their hands, leaving the maker with nothing.
> trade limits per client - restricting the number of active trades or funds at risk per client further reduces potential damage from a dishonest arbitrator
If you try to limit how many active trades takers can have, it won’t really make a difference because anyone can be a taker. So, the network operator (or reto admin) could just set up as many taker bots as they need to get around those limits.
> in contrast, centralized exchanges like localmonero, lm, etc require full trust in the platform operators, because they take full custody of traded funds and can easily steal them at that time
I totally agree with you that most p2p platforms (like centralized exchanges) usually hold full custody of the funds since they require pre-funding for trades. But OpenMonero is different because it doesn’t need sellers to fully fund their trades upfront thanks to its self-custodial trade funding setup. The platform can’t access all of the liquidity at once unless every seller decided to post their bonds at the same time, which is statistically improbable.
It’s also worth mentioning that LocalMonero used to lack the self-custodial trade funding option, meaning that seller funds were always at risk while they waited for trade requests. Right now, OpenMonero can only tap into a maximum of 2% of the total liquidity at any given time, unless every seller posts their externally funded bond at the same time, which remains statistically improbable.
So, we can say that OpenMonero acts like a centralized exchange, but the liquidity is actually decentralized thanks to the self-custodial trade settlements for buyers and self-custodial trade funding for sellers. I suggest checking out the examples on simplifiedprivacy.com for more insights, especially if you’re looking into advanced examples.
> reputation can be easily faked, so does not provide any guarantee of trustworthiness in trade partners
No system is perfect, but it's fair to say that having a reputation system is definitely better than having no verification at all. It’s worth mentioning that faking a reputation system isn’t easy and it requires a lot of money and time. Sure, someone could try to create fake trades on OpenMonero, but the system can pick up on that pretty quickly (for ex, if someone makes 1000 trades in a short period, that would definitely raise some eyebrows)
Sellers/Buyers can also check users' Telegram handles through trusted sites like localmonero.co or confirm PGP keys from reliable sources, including LocalMonero and imported profiles.
Plus, you can’t do coin-locking on OpenMonero since sellers need to fund trades manually. It’s not an automated process like on networks like Haveno, which really helps to reduce the chances of exit scams. When it comes to offers on OpenMonero, they’re not fully funded right away. You only need 0.35 XMR to list an ad in the search results. This is mainly to fend off spam listings, but it can also help fund smaller trades. If a trade is bigger, sellers have the option to use an external, fully isolated wallet to fund the transaction and keep themselves safe from any potential scams right from the start.
> they can collect and store sensitive trade details across all traders
I don’t have an admin panel to keep track of trades or messages, and users can set up self-destructing messages right after a trade or completely delete their accounts. This kind of feature probably wouldn’t work in decentralized systems since all data is saved on multiple nodes. Also, the OpenMonero wallet creates a new address every time you make a deposit to help keep your privacy intact.
> they're more likely to be shut down due to legal compliance, and you're left to find a new service
My identity is kept private, and OpenMonero vendors don’t have to go through any KYC checks, which means we can totally work outside of regulations. This works because the platform isn't custodial, it's open-source, and you can access it via Tor hidden services and I2P. So, even if the clearnet domain gets taken down by the authorities, the exchange would still run smoothly. Anyone can self-host the frontend or even fork the code to make their own OpenMonero version. Plus, we’re working on a Nostr-based version that lets anyone become an escrow provider or self-host the frontend without needing any backend. This would make it super resistant to censorship. Check out the interview for more details!
> ultimately users should consider the trustworthiness of the haveno network they're using and its arbitrators, but these networks provide greater decentralization, privacy, and control of funds than centralized services, which are a single point of failure
Most of my vendors don’t really need to trust me because they don’t have to download any software or put down trading funds upfront to get trade requests (unlike Haveno). This really cuts down the chances of exit scams right from the start, and it keeps their personal files safe from malicious access. The OpenMonero web app runs smoothly in any browser and doesn’t connect to the user’s system, which is way different from Haveno that needs to be installed and has a daemon running all the time on your computer (definitely a recipe for keyloggers and shady auto updates). Plus, the built-in non-custodial wallet in Haveno isn’t very secure since malicious updates could come with keyloggers to snag your private keys. But with OpenMonero, vendors can fund their bonds using totally isolated wallets like Cake Wallet, Moneroju, Monero Wallet CLI, Feather Wallet, Trezor, and more.
The Haveno platform mainly looks out for the network operators, but it doesn’t really do much to protect market makers. This leaves them open to the risk of exit scams since the liquidity, the most important asset, is fully controlled by the network operator.
Also, let’s be clear: Haveno isn't truly decentralized. Accounts and order books don’t get shared between different Haveno instances, which creates a fragmented setup that’s kind of like a local network. The system would work a lot better if there was one big network where accounts and offers were merged from various instances instead of just having this isolated system run by a single operator. That’s not how decentralization should work.
When we talk about fund security, decentralization isn’t the most important factor. What really matters are things like how quickly trades get finalized, self-custodial trade settlements and self-custodial funding, along with a solid reputation system. Without a reputation system, there’s no trust between trading partners. Plus, if we don’t have self-custodial settlements or funding, the admin could easily run off with all the liquidity.
I’d love to keep the conversation going if you have any other points you want to bring up. I think Haveno does a pretty good job of protecting network operators, and I really appreciate that it’s open-source!
However I think OpenMonero is more safe (multi-sig vs self-custodial) and has 98% less risk of total liquidity being jeopardized at all times. The occurrence of exit scams is relatively low within this model.
Reference: https://archive.ph/GsDsn
Interview: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
#Privacy #Markets #HiddenService #News #Work #Monero #Crypto #Hacking #HarmReduction #Guides #Bisq #cakewallet #haveno #retoswap #trading #p2p #escrow #localmonero #dex
1
If this goes decentralised before turning out to be a scam it could become a very important infrastructure project for Monero.
I could do shotgun scamming but exit scamming is not really possible due to self-custodial trade fuding (sellers) and self-custodial trade settlements (buyers). Plus the nostr based version is almost finished.
On the "Get our mobile app!" banner at the bottom of the website there is a direct download for an apk. Is there a repo for that?
Build from source
Recommended node version (use nvm): v14.21.3
sudo apt install torsocks
torsocks git clone http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-reactjs.git
cd openmonero-reactjs
npm install
npm start
Recommended node version (use nvm): v14.21.3
sudo apt install torsocks
torsocks git clone http://rf5cqoxqlitdx4umuce5dgihjzabql4hs3zjkvs3em7xzjfa5yyhkeqd.onion/om/openmonero-reactjs.git
cd openmonero-reactjs
npm install
npm start
On the "Get our mobile app!" banner at the bottom of the website there is a direct download for an apk. Is there a repo for that?
Yes, check the openmonero-reactjs repo hosted on forgeo. Link is in the popup if you click the "Open source arttribute" inside "Why use our service". Its the same code and can be self-hosted over tor hidden service.
Thanks. But I don't see any code for the actual mobile app only for the website.
For added security, the mobile app is not native (PWA) to have isolation from the filesystem. The web app is built with reactjs (selfhosting with docker possible), while the nojs version is based on php (codeigniter 4 framework)
1
why not make a decentralized protocol, like how robosats does and publishes orderbooks on nostr, so that openmonero can be even more open and resilient in case it goes down?
Its already under construction.
Quote Simple: That’s cool, so in the future, this can work entirely as a front-end javascript linked to Nostr? Then the site itself could be on Arweave or IPFS.
Quote OpenMonero: The decentralized exchange will offer a selection of various escrow providers, arbitrators, and instances for users to choose from. Users will not be required to create accounts with each individual provider. All escrow providers utilize the same backend code, and to engage with a specific provider, one merely needs to be aware of its domain (no additional configuration or setup is required).
Trusted escrow providers will be hardcoded into the code, while untrusted providers will be accessible through an integrated distributed hash table (DHT) network. The utilization of a DHT is crucial, as hardcoded directories are inherently susceptible to censorship. Furthermore, this approach surpasses that of a federated network, since defederation is neither necessary nor possible; the reputation system in place effectively mitigates spam from the outset.
Source: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
Quote Simple: That’s cool, so in the future, this can work entirely as a front-end javascript linked to Nostr? Then the site itself could be on Arweave or IPFS.
Quote OpenMonero: The decentralized exchange will offer a selection of various escrow providers, arbitrators, and instances for users to choose from. Users will not be required to create accounts with each individual provider. All escrow providers utilize the same backend code, and to engage with a specific provider, one merely needs to be aware of its domain (no additional configuration or setup is required).
Trusted escrow providers will be hardcoded into the code, while untrusted providers will be accessible through an integrated distributed hash table (DHT) network. The utilization of a DHT is crucial, as hardcoded directories are inherently susceptible to censorship. Furthermore, this approach surpasses that of a federated network, since defederation is neither necessary nor possible; the reputation system in place effectively mitigates spam from the outset.
Source: https://simplifiedprivacy.com/openmonero-interview-with-the-dev/compared-to-reto.html
1
Where is the repo for your mobile app?
https://openmonero.com/readme
or
https://nojs.openmonero.com => click the 'Open source code attribute' inside 'Why use our service'
or
https://nojs.openmonero.com => click the 'Open source code attribute' inside 'Why use our service'
1