News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Are onion monero nodes still safe? : Monero | Torhoo darknet markets

Since the chainalysis video came out now we all now clearnet nodes aren't safe anymore but, what about onion nodes. Are those sufficient or is running your own remote node the only way to prevent being attacked. Are you be safe from being tracked if you didn't directly buy the monero on kyc but instead swapped from other cryptos on Tor DEXs. I would also be using tails if that changes anything.
/u/stomachhead
3 points
9 months ago
Well the best choice would be to have your own local node-you use all the OPSEC benefits Monero is bringing to the table.

With a remote node its a little better that you are staying inside the onion network at least when using a .onion address node.

The worry is the meta data that a compromised node can keep and collect.

In a full non pruned self hosted node there is I think a ring size of 16, that's what you are using when you use a remote node, using another persons local node.

If the node is malicious they can compromise how the ring works and get more data than they otherwise could.

Since you are connecting over tor to a .onion there is no Exit IP, you remain in the network using their relays as well. They do not really get much considering the solidarity when remaining inside the onion network. Overall though its better to have a local node man. You never know when a remote node has been chain anal fucked, and even though its just meta data at that point why are you even playing with fire.

I understand if you are using TAILS or have storage restriction but the blockchain is around 130GB. Download it, I highly suggest you find a way to make that happen.
/u/doctorx123
2 points
9 months ago
It's safe. Don't listen to these fear mongers. There are no news reports of users being busted from these poisoned nodes.
/u/Smokeybear 📢
2 points
9 months ago
I'm glad I didn't buy monero kyc despite everyone saying it was fine before all this came out.
/u/pussYmaster3000
1 points
9 months ago
Depends on what you're doing. If you're only buying things occasionally, you don't need to run your own node. Just use the Feather wallet with a remote Onion node and you'll be fine. But if you're using Monero on a daily basis, I'd recommend setting up your own local node on Whonix.
/u/snickerfiend
1 points
9 months ago
I use FW on Tails, but don't ever toggle settings as I know very little about nodes and shit. Is there something I should be doing?
/u/AdamVenberg420
1 points
9 months ago
Nothing is safe anymore. It's better to rely on yourself and not other things. Host your on node and always keep your private keys private!
/u/unchecked385
1 points
9 months ago
Ideally you should run your own node that you access via your own onion service. Failing that, I guess see if anyone you personally trust is hosting an onion monero node, but that's really not ideal and should only be done as a last resort if you're unable to self-host your onion service.
/u/BonesKoopa
0 points
9 months ago
Nowhere is safe anymore. These days, you have to take them extra steps, upgrade your criminal portfolio, and get a fake ID, get a burner with it, register anything and everything on that thing.
When you can afford it, save money for a retainer, and another ID. Season that ID, don't season the retainer.
Get a better retainer when you can afford it. Have two of them under the sleeve for any situations that may rise as you continue to build an army of alternate IDs to be able to swiftly operate under the noses of your adversaries. Get library cards, Starbucks cards, Bus cards, use as much public wi-fi, reminisce your fellow citizens by continuing your covid fashion attire, face-mask, gloves, 6' distancing. Sunglasses under the plastic visors Scarf, long sleeves, crocs.
Run your own nodes on public wifi.
/u/Byt3Band1t
0 points
9 months ago
I'm sorry I had to chime in real quick after seeing these comments. I don't know where any one of you got the idea that connecting to a remote node would be a first class ticket to prison. Let me remind you all that some people are unable to run their own full or pruned node whether it be because of bandwidth limitations, hardware limitations, limitation of knowledge of how to work with a local node, or whatever else it may be. Yes, a local node is the best option to get all the security and privacy Monero provides, but for some that just isn't an option.

Let's break this down really quick.

What's the problem with remote nodes and how can we mitigate those problems?














Issue Explanation and Mitigation
IP Logging When connecting to a remote node, as with all services on the internet, they are able to see your IP address. This could potentially lead to a transaction being linked back to you if you do not take the proper precautions. How do you mitigate it? Simple. I think most of you already know the answer. Use a VPN, preferably one that doesn't take any personally identifying information (PII), like Mullvad for example, or, even BETTER, use the very network you're on now to see this post TOR!

Connecting to a remote node over Tor would be preferable here as it is more secure than a VPN with more hops. The most secure way to mitigate this attack is to only use nodes that work over Tor as a hidden service aka "Onion nodes". Connecting to a regular node on the clearnet over Tor is fine but when you use a .onion node, traffic between you and the node never leaves the Tor network. Meaning everything stays encrypted and anonymous, there are six nodes between you and the onion service, three for your route and three for the node's route, meeting at a rendezvous point in the network. You can read more about this on the Tor Project's ⚠️website⚠️. As long as you are hiding your IP address in some way shape or form, you will be fine here.
Malicious nodes and bad data Unfortunately, there are some bad apples out there as with any P2P network. The good news is, if you're using a pretty popular and trusted wallet such as Feather or Cake wallet, you don't really need to worry too much about malicious nodes, as the ones those two use are generally considered to be trustworthy and safe. Either being run by the devs themselves or by prominent figures within the privacy/security space such as sethforprivacy. What can a malicious node do and what can you do to mitigate them?

You will typically see a malicious node doing any of these three things:
  • Censor: A bad node could block your transaction from being broadcast to the network, making you think you've paid for something when in reality, on the regular blockchain, there is no record of it.
  • Extort: A bad node could, in theory, manipulate transaction fees, making them higher. I believe there was a bug recently that allowed for this. Not sure if it's been fixed.
  • Tamper: A bad node could have an altered copy of the blockchain, feeding you bogus data related to your wallet. Tricking you into believing funds have been spent or added when in reality on the regular blockchain there was no activity.

So, how do you mitigate it? How do you not fall victim to a malicious node? Well, first off, the chances of you connecting to a malicious node is, rare. Especially if you're using a trusted wallet such as Feather or Cake wallet with their built-in remote nodes. I would say your risk is higher if you're using something like monero.fail and picking out nodes at random to add to your list.

Let's say you accidentally used a malicious node, what do you need to look out for? Pay close attention to your wallet activity. It should be easy to spot if a node is malicious. Check there is anything that seems off with your wallet. Are there transactions that aren't supposed to be there? Did you have to pay an abnormally high fee to get your transaction through? Did you send your favorite vendor some monero an hour ago and he still hasn't gotten it? These are all signs you are connected to a bad node. Check the blockchain, make sure your transactions are going through, and remember, if you did connect to a bad node it's not the end of the world, your funds are safe on the real blockchain. There are thousands of other good nodes keeping track of your precious funds. Connect to a good node again and your wallet should go back to normal. The weird transactions will disappear and fees should go back to normal.


I hope this clears things up for everyone. Please stop fearmongering. I get that we need to protect ourselves and OPSEC is #1, but don't spread misinformation as it can ward off others who, like I mentioned above, might not be able to run their own nodes and rely on remote ones. Educate people on the potential dangers and teach them how to mitigate them. Enough of "remote node bad".

TLDR; Local nodes are better than remote nodes, however for the people that need remote nodes, simple tasks like hiding your IP and paying close attention to your wallet activity and transaction fees is enough to mitigate most problems with remote nodes.
/u/Smokeybear 📢
2 points
9 months ago
Thanks I feel a little better that onion nodes are safer. Still I think I'll try to run my own node.
/u/Byt3Band1t
1 points
9 months ago
No problem. Anyone who is able should run their own node. For everyone else, just use common sense and be vigilant.
/u/asfaleia
0 points
9 months ago
Nope, no remote Monero node is safe and it never was safe anyway.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo