2024 Paper: How to De-Anonymize Monero on Tor
2024 Paper: How to De-Anonymize Monero on Tor
Academic paper from last month's International World Wide Web Conference for people who enjoy reading such things. :-)
*"Our approach involves injecting malicious Monero Tor hidden service nodes into the Monero P2P network to correlate the onion addresses of incoming Monero Tor hidden service peers with their originating transactions.
And by sending a signal watermark embedded with the onion address to the Tor circuit, we establish a correlation between the onion address and IP address of a Monero Tor hidden service node."*
Deanonymizing Transactions Originating from Monero Tor Hidden Service Nodes
That is the actual title of the paper, which is very different to what OPs implies.
also the attack requires a very large % of both monero nodes communicating with tor and also tor nodes themselves. unless there is something im not understanding. i read the paper for a while, that's what it seemed to me
In the Tor community we are considering how much a relay operator can have in total and where we draw the line. NTH currently has almost 20% exit traffic and we (5 orgs in an AS) have a bit more. https://nusenu.github.io/OrNetStats/
This chinese paper boils down to the common psychopathic wet dream: an adversary with unlimited resources will control every aspect of life in a totalitarian fashion. It's a fluff: collecting IPs does not "de-anon" any monero tx.
Don't be intimidated, this has never materialzed in the last 10000 yrs. In fact, China has legalized (illegal) mining (metal) coins after its paper currency collapsed (in the 15th century). It can happen again.
They don't like us --- and we don't like them. This aggression against humanity will not stand.
And by sending a signal watermark embedded with the onion address to the Tor circuit, we establish a correlation between the onion address and IP address of a Monero Tor hidden service node
And what does that achieve? He can also easily find my Monero node IP's + IPv6's + onion addresses in a Github issue and does not need research wodoo. ;-) He cannot see who connects his wallet there via Tor.
It could help if they want to ban Monero and find those who are probable to be using it, and those who are contributing to the infrastructure.