Stay on topic:

  • This thread is only for comments discussing the uncertainties, shortcomings, and concerns some may have about Monero.
  • NOT the positive aspects of it.
  • Discussion can relate to the technology itself or its economics.
  • Talk about community and price is not wanted, but some discussion about it maybe allowed if it relates well.
  • Be as respectful and nice as possible. This discussion has potential to be more emotionally charged as it may bring up issues that are extremely upsetting: many people are not only financially but emotionally invested in the ideas and tools around Monero.

How it works:

  • Post your concerns about Monero in reply to this thread.
  • If you can address these concerns, or add further details to them – reply to that comment. This will make it easily sort-able.
  • Upvote the comments that are the most valid criticisms of it that have few or no real honest solutions/answers to them.
  • The comment that mentions the biggest problems of Monero should have the most karma.

Previous:


The first principle is that you must not fool yourself — and you are the easiest person to fool.

You are viewing a single thread.
View all comments View context
3 points
*

it’s not complicated, make sure that anonymity is maintained for all developers (like they do all their work from inside a whonix VM let’s say), and that you have copies of all the important monero mirrors somewhere (on a gitea instance accessible via .onion or something similar), in case if monero gets the tornadocash treatment.

that way they can’t go after the developers’ freedom of speech, and even if they take the repositories down from github, the show can go on elsewhere.

i’ll pitch in to advise people if opsec is brought up

permalink
report
parent
reply
1 point

Good! It would be nice to have that written somewhere accessible for all.

In case of Tornado Cash treatment everyone would also need a way to verify the signatures and authenticity for repos, links etc. That’s not trivial either.

permalink
report
parent
reply
2 points
*

Nah that’s easy too. you need to make sure the developers use PGP keys to confirm their identity. https://blog.nowhere.moe/opsec/pgp/index.html + https://blog.nowhere.moe/opsec/whonixqemuvms/index.html

but yeah the idea is to have a Disaster recovery plan, kind of idea, totally makes sense.

permalink
report
parent
reply
2 points

Great articles btw!

permalink
report
parent
reply
1 point

Nice! A disaster recovery plan would fit the bill nicely.

Unrelated, I have personally started switching from pgp to minisign (for signing stuff and confirming it’s indeed from me) and age (for encryption, when I don’t want prying eyes on my stuff, https://github.com/FiloSottile/age).

permalink
report
parent
reply

Monero

!monero@monero.town

Create post

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

Community stats

  • 273

    Monthly active users

  • 893

    Posts

  • 5.2K

    Comments

Community moderators