Thanks for some real information, Heuristic. I have a few comments thereupon:
Recently, a largely incompetent attacker bumbled their way through a Sybil attack against Monero, trying to correlate transactions to the IP address of the node that broadcast it. Whilst novel in that it is the 1st Sybil attack of this sort, it was also quite ineffective. 1/n
First off, this clumsy attack had no effect on any of Monero's on-chain privacy mechanisms (ring signatures, stealth addresses, confidential transactions). Additionally, it is important to note that this is an attack that you could execute against nearly every cryptocurrency, 2/n
So, OP here is
blatantly lying by comparing this to Ciphertrace:
Main reason why I decided to go public are blatant lies that there is nothing to worry about Chiphertrace and that Monero is private.
Ciphertrace claims to achieve probabilistic transaction clustering via blockchain analysis of Monero. (I do think that the threat of that should be taken seriously, but proportionately and not with hyped-up headlines.) badcaca is a network-layer attack—and apparently done by idiots, as will be seen presently.
I should elaborate a bit on what I said here:
My first thought is, “Whose IP addresses are those supposed to be? The originating nodes’? Contra what it says in the badcaca FAQ, Dandelion++ would make it easy to mistake the IP address of the originating node.”
Against Dandelion++, badcaca’s technical analysis rises to the level of, “lol no u”:
How are you tracking people's IP addresses? Didn't Monero implement Dandelion++ to prevent that?
Similarly to Monero, Dandelion++ is only private on paper.
Having read
the actual Dandelion++ paper when it came out, I can safely call this ridiculous.
N.b. that Dandelion++ does not claim to prevent all network-layer monitoring; specifically, targeted attacks are not within its threat model. The threat that it is designed to counteract is
mass surveillance by spy networks of Sybil nodes. It is exactly the type of technology which will make badcaca associate transactions with
the wrong IP address.I only track transactions, identities, and if they watch kinky porn.
There's a few transactions in here that I'm 100% sure you have the wrong originating IP address for.
This is harmful to innocent bystanders (as well as people who are having their
privacy invaded for watching legal kinky porn—if
any of these listings are correct, which I would not assume!). It is defamatory to anyone whose IP is incorrectly listed, among other things.
If you are running a Monero or Bitcoin node (or a node for any other currency), it is important to be aware that Sybil attacks can be more subtle & less clumsy than this.
As fluffypony observes, network-layer spying is a problem for any cryptocurrency. Bitcoin Core has done some significant work against it; and Monero is ahead with its Dandelion++ implementation.
I recommend that Bitcoin users who want an easy-to-use solution should use Wasabi Wallet (onion), which submits transactions to the network through one-off random node connections over Tor. This provides even stronger privacy than Dandelion++ (but it is only suitable for low, personal-use transaction volumes).
Electrum Personal Server uses
the same strategy, as does JoinMarket.
If you care about your privacy, you should always be using Tor for private financial activity.
Even with Tor, Dandelion++ and/or other protections are still important to prevent spy nodes from correlating your txids as originating from the same (anonymous) node.
They can also be much harder to detect in practice if the attacker has enough money to deploy reasonable infrastructure. There has also been purpose-built Sybil node software created for Bitcoin (see: github.com/basil00/Pseudo…) that actually behaves pretty well. 14/n
https://github.com/basil00/PseudoNodeGood link. :-)
I hope no-one is stupid enough...
All too oft a futile hope. :-(