News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Wallet sanitization (market busts, LE raids on vendors and YOU!) : Monero | Torhoo darknet markets

I want to talk about something I call wallet sanitization. That means separation and distance between your dirty transactions and your clean wallet. I will start off listing scenarios where you get to be the low hanging fruit.

1. A drug market or vendor reuses their deposit address, sometimes has a static one or even has it publicly displayed ( *removed* and their vendor shop is a great example).

You send to that address from an exchange, you are screwed.
You send to that address from your wallet and LE gets your wallet, you are screwed.

2. A market that only uses subaddresses gets busted. As part of that LE gets access to the Monero wallet of the market or there is something even more stupid going on that reveals some of the info (like deposit sizes, dates, times). LE can correlate that info with the transaction history of a cryptocurrency exchange.

You sent to market from exchange and wallet of market is opened. You are screwed, they can correlate the addresses of the market with the sends from the exchange.

You sent 3.1415926 XMR from exchange to market and have done this various times with different amounts and the deposit amounts on the market get revealed. These amounts you sent will be correlated with the received amounts on the market.

You were good and sent 3.1415926 XMR to your own wallet before sending that minus transaction fee to the market. You are screwed again. Amounts can be correlated, especially if they are around the same time or are very unique.

3. Its 2019 and a vendor or market gets busted and their Monero wallet gets revealed. Now its 2022 and you get raided by the LE for some other drug related reason. Your house is clean except for your Monero wallet backup seed. LE restores the wallet and now they finally know who sent some of those XMR to the drug market.

4. Your drugged up ass gets raided and LE gets access to your wallet. They see amounts going out and just in case they run those through their database of exchange deposits and what do you know! That idiot vendor deposited those amounts to their exchange account. Now their packages will be intercepted for 2 weeks, causing trouble for numerous customers and then they get thrown in jail.


You being a lazy and careless dumbass will get you fucked and inevitably you will fuck over others. In some other situations you would be killed for being the dumbfuck that you are.

Do not be the low hanging fruit.
Do not be lazy or lack discipline, do it right.
Do not rely on others not being dumbfucks, shield yourself from the stupidity and malice of others.
Do not cause chain reactions with your dumb decisions.
Do not be the broke-ass fucked up druggie that gets the "accidental" overdose, by your own hand or otherwise.
Don't owe money or favors.
Don't boast or talk.
DO NOT TALK! Nobody can keep their mouth shut, please. If I don't need to know then don't tell me.
Don't keep evidence. Don't make evidence.
Keep your lives separate, that entails having a life.
Make yourself seem like something else.
Blend in when you need to.
Make yourself look smaller and more insignificant than you are.
Don't take too many drugs.

It will all come crashing down eventually. How fast and how badly depends on you


Takeaways about Monero.

1. Never use the exchange to send to the recipient. Always your wallet first.
2. Never buy and send exact amounts that you need. Always buy significantly more. Combining smaller amounts will work too but combining amounts will hurt on-chain privacy in certain situations. Small and frequent purchases will also make you better match the profile of a desperate druggie. A big purchase can be an investment. Also a purchase right before your package gets seized is inadvisable.
3. Keep your wallets separate. Have a main wallet that is more easily accessible and backed up somewhere and have your drug wallet that is hidden and encrypted in tails. Do not let your tails USB fall in the hands of LE.

I would even go as far as exchange -> your wallet -> a temporarily created wallet that gets deleted after every use -> drug wallet. This way if your drug wallet gets in the hands of LE, it can not be tied to your main wallet. This would mean breaking up the XMR in the temporary wallet, before sending to drug wallet.

If you can 100% hide you involvement with cryptos then maybe its even worth not having a "your wallet". Probably too late by now though and few places in the world where you could do that.

Also, spend Monero. Use xmr.to to buy stuff with btc. Buy amazon gift cards. Having all those crypto purchases but no interest or knowledge in them or anything to show for it...
/u/bigss
5 points
6 years ago
Fuck, don't even use an exchange.
/u/dreadpirategayby
1 points
4 years ago
why not? All money exchanges, which is what the Feds consider Monero have reporting requirements, send your money in an envelope with your real name, and expect a paper wallet on return?

It's in a ledger, you better believe it
/u/NamasteLSD
3 points
6 years ago*
you're wrong mate "1. A drug market or vendor reuses their deposit address, sometimes has a static one or even has it publicly displayed ( /u/namastelsd and their vendor shop is a great example)."

I use a fresh btc address for every single transaction, never re-use an address for your and my safety, so please remove that from your thread or at least update it as its blatently wrong and puts me in a bad spotlight.... only address i re-use right now is a XMR address but that should be solved in the near future.

edit: from my understanding tho and it appears that im wrong about this; XMR is a privacy coin with a blockchain thats not publicly indexable? if im wrong about this then thats my mistake and i will look into resolving the statis xmr address sooner
/u/[deleted]
4 points
6 years ago*
[removed]
/u/NamasteLSD
1 points
6 years ago
I see. Im waiting on my dev to have dynamic addresses implemented as I have with BTC, but since thats not going as fast as i had hoped it would go, and people kept requesting monero, i decided to go this way. for now i'm leaving it as it is but I can add a warning to it.

for the customer, would: Exchange -> Customers XMR Address#1 -> Customers XMR address #2 -> My statis address
work?
/u/iPlay_Runescape
6 points
6 years ago
A single address between the exchange and you is enough to prevent the transaction being flagged at the exchange.
Exchange -> customer wallet#1 -> you -- this is ok if nobody is arrested.

If the customer makes a transfer to one of your public addresses and they get raided some day and their Monero wallet is opened, that is evidence that they sent funds to a drug vendor (you).

Exchange -> customer wallet#1 -> you -- not OK if customer is arrested.
Exchange -> customer wallet#1 -> customer wallet #2 that WILL NOT land in hands of LE -> you -- OK if customer is arrested.

If you get raided and wallet opened then you can't see who sent you funds, only the times and amounts could be correlated at the exchange level.

If you are using subaddresses and you get raided then everyone who sent from exchange to you is fucked.
If they used an intermediary wallet but the amount that they withdrew from exchange and sent to you is an exact amount, they are fucked, especially if it happened multiple times and around the same time.

Customers must
1.) Withdraw more Monero than they need, preferably enough for multiple purchases
2.) Ensure that if their door gets kicked down right now, the wallet that they used to send funds to you does not get captured by LE.


The harder it is for LE the less cases they can investigate.
The less they can investigate the safer this thing is that we do.
The safer it is, the more people will do it.
The more people do it the less they can investigate.
Too many people do it.
World changes.
/u/PopTartSkyCat
2 points
4 years ago
Hi, thank you for this informative post. I know its a bit old but is the information still valid? Also I was wondering about a slightly different scenario:
If we modify your example to:

Exchange -> customer wallet#1 -> customer wallet #2 that WILL NOT land in hands of LE -> Marketplace escrow XMR wallet #1 --> Marketplace XMR Wallet #2 -> Your XMR wallet #1 --> Your XMR wallet #2 --> Your KYC exchange account. This example seems more typical because AFAIK many marketplaces accept customer funds into their escrow accounts and then send funds to vendors from a different address.

Is this still safe?

What if we change it to:
Exchange -> customer wallet#1 -> customer wallet #2 that WILL NOT land in hands of LE -> Your wallet #1 (hot) -> Your wallet #2 (cold)
/u/underwoterotter
1 points
6 years ago
I transfer my funds from exchange -> windows wallet -> tails -> DNM
If I sent Monero from a wallet tied to my identity on Windows to a tails wallet and also sent leftover funds from a DNM to my tails wallet did I put myself at risk if I am raided and the tails address is in a database and found as a sent address in the Windows Monero wallet?
/u/WonderDog
1 points
4 years ago
What is a TAILS wallet? Is there a wallet on TAILS? If so, what wallet is on TAILS?
/u/kjen1938
1 points
4 years ago
Is there a way to buy monero with USD without giving away my identity?
/u/FlinStoner420 📢
3 points
6 years ago
We are in /d/monero

You can't look at the Monero blockchain and see how many transactions are going to your address. Neither can you trace a transaction if there is an intermediary wallet.

There is a problem if someone sends to you straight from an exchange and the exchange knows to look for that address on starts looking for that address in the future.

If a customer wallet gets compromised int the future and a transaction to that address is there then that is a problem for them.

Through known transactions like these or controlled purchases, you can burn yourself with Monero if you you send XMR back to exchange.

Watch this video on monero attacks https://www.youtube.com/watch?v=iABIcsDJKyM and watch the whole series

I'll remove your shop now from the post because I don't know when I'll be back. I trust that you are going to fix this ASAP. I'll put it back if not, there might be a delay until removal after that.

Take the time to understand the problem and what I wrote. Lives depend on it. If you have questions then I'm here.
/u/dutchkingz
1 points
5 years ago
I believe if your deposit address is public there is no way to view your in our outgoing transactions so dont worry mate

"
Monero because it offers better privacy features and is more efficient than any other cryptocurrency. Its single address nature makes it easy for the store to accept payments from customers without any communication off server except for confirmation of a payment anonymously received with a viewkey. This does not show any of your outgoing transactions or money trail even if the viewkey is compromised.
"
/u/stillslingin
3 points
5 years ago
cops ended up with my tails drive....couldnt do a fuckin thing with it especially connect it in any way to me and frankly even if it was on my person they would have no access to anything incriminating on it...kinda the point of persistence and amnesiac wouldnt ya say
/u/KeymasterKarl
1 points
3 years ago
is the encryption on persistent good enough to keep out LE?
/u/outerstar
2 points
6 years ago
> I would even go as far as exchange -> your wallet -> a temporarily created wallet that gets deleted after every use -> drug wallet.

LMAO so if you're using bitcoin that's basically $20 plus in fees. Any dark web vendor who is BTC only needs to be bitchslapped into reality.
/u/theRoyalMoose
1 points
6 years ago
This wouldn't work on Bitcoin anyway. Bitcoin is going for a fee model, Monero is going to tax holders with a constant mining trail emission. Monero blocks aren't full so network fees are around 1 cent.
/u/mugeanli
1 points
4 years ago
Hey bro, if the seller is busted by LE, wouldn't they be able to trace it to your drug wallet, then to the temporary wallet and then to your wallet for finally reaching to the exchange. What's the point of temporarily creating many wallets if any sequence of transactions are contaminated by the cops?
/u/KinKino
-4 points
5 years ago
LTC is better
/u/tokyohelsinki
2 points
6 years ago
Thank you for making this post OP, it's very helpful.

I'm quite new and *do not* want to put myself or and vendor in danger so would somebody be able to quickly mark my current understanding and give me a grade? :)

I plan on doing the following with clean addresses each time:
Real ID Exchange Buy BTC -> "Clean" BTC Wallet -> "Dirty" BTC Wallet -> "Dirty Monero" -> Vendor XMR/Vendor BTC (via xmr.to)

I'm just a customer and not a vendor and won't be purchasing large amounts. I just want to ensure that:
1. My identity cannot be linked to the vendor
2. I'm not putting vendor or myself at unnecessary risk

I feel like the likelihood of my "dirty" wallets being compromised are quite low as they are within Tails encrypted and I don't plan on keeping an easily accessible copy of my seeds.

I have a little bit of anxiety around the BTC stages of the exchange process. I know the addresses can be traced but I think the XMR stage "breaks the chain" in terms of following addresses? The only risk seems to be my wallets getting compromised?

Sorry for the waffle, I just want us all to be safe.
/u/GAY_RANDY
1 points
6 years ago
Seems good to me, a few things though.

Your XMR swapper might be keeping logs. You don't want to visit all of the swapping services over Tor (like binance). You might want to cut out the "dirty BTC wallet" in some cases and swap from your "clean btc wallet" straight into Monero on Tails.

Do not send your clean BTC and market withdrawal/refund into the same "dirty btc wallet". Separate wallet for refunds and withdrawals. The clean BTC in dirty wallet is still you from a blockchain analysis POV. If you combine that with dirty refund BTC you have made yourself dirty.

Also keep in mind BTC and XMR amounts being tied together. Swap a bigger amount of Monero and send less of it to market/vendor.
/u/tokyohelsinki
1 points
6 years ago
Thank you for the reply :) Is there any value in having a two BTC accounts in the pipeline? I'm kind of feeling a single one would suffice and make things less complicated to keep track of. I don't suppose it matters so much if "the clean BTC in the dirty wallet is still me". the most important aspect seems to be breaking the chain with Monero and not mixing returns/refunds/withdrawals. Is this right? Also the BTC and XMR being tied together?
/u/GAY_RANDY
1 points
6 years ago
BTC and XMR can be tied together by looking at amounts if they roughly match and times if one is shortly after the other.

XMR 1.123456789 leaves exchange BTC worth approx 1.123456789 enters drug market via xmr.to 20 minutes later.

or xmr 1.123456789 enters drug market.

To see the xmr entering you need to get the DNM Monero wallet.
Te see the BTC you need to look at the blockchain.

Monero is much better but not invulnerable. To prevent this you withdraw and deposit different amounts.

I don't think there is value in having two BTC accounts, other than one for receiving dirty BTC from a market.
/u/boodycut
2 points
5 years ago
First off i would like to say this Post and the comments following it were incredible and i know im posting a bit late. Guys i have to admit that i was a noob and was careless for quite a while. It has pretty much always been Coinbase>Coinbase Pro> some random wallet>DNM. Was mostly weed products and never any huge quantites but recently realized how dumb i was and changed everything. My question? Do i have to be worried about LE? is my door going to get kicked in?? im super paranoid. Any wallet from before is gone for good.
/u/[deleted]
1 points
5 years ago
Would it help if someone would support your paranoia now and tell you "yes better pack your suitcases immediatelly because they will come soon"?
I was pretty dumb too a few years ago. But i dont really worry. I dont think that i am worth it to get investigated and even if then its anyway too late now.
Just make sure to now follow enough OpSec to make you feel safe and make sure that in case LEA knocks your door down they will find as less as possible of problematic material.
My biggest mistakes are now about two years ago and i doubt that there will now or in future happen anything problematic.
Even if my name is somewhere on a paper i hardly doubt that they will care for something what happened two years ago. I even think that everything what is half a year ago is not interesting anymore.
There are much hotter traces to catch for LEA than someone who bought a few gram weed half a year ago.
Calm down. Think about your OpSec and go on doing whatever you do:)
/u/uptight
1 points
5 years ago
I think if LE has a solid hint about someone, they could come at any time. Or they'll never come. My thoughts are that this highly depends on the focus and strategy of the department. Sometimes they might just need a win, go for the low hanging fruit and also have something to brag about in the press.
/u/ColdFish
2 points
5 years ago
Split your seed. Put a lawyer on retainer, cut the seed, give him a portion in a sealed envelope. Cops can't penetrate atty/client relationship. Seed is safe, encrypted and password protected wallet is safe. LE can't access.
/u/cripplingdepression
2 points
4 years ago
correct me if i am wrong, but even if LEO bust a DNM and get access to their monero wallet database, you cant tell what address sent what amount, unless the sender also gets busted. as long as you send from exchange to intermediary wallet and from intermediary wallet to DNM wallet you cant do analysis of either the sender, or the value sent. if sender sent from exchange to dnm then exchange can bust you based on the logs they keep but if sender goes from exchange to intermediary wallet to DNM as long as sender doesnt get busted with the wallet then they should be ok yes?
/u/TheDruid
1 points
6 years ago
Maybe I'm doing bad Opsec, but

Buy BTC/altcoins > send it to an exchange no KYC/no real ip/no real email, name, any info = fake, exchange to xmr > Send it to xmr.to (Onion version) > personal btc address (This may change every few transaction), hidden, crypted > Market deposit or wallet-less market aka directly on escrow or vendor with FE. > buy the Items.


Is that complicated, or is that a bad opsec?
/u/Constable_Pepe
2 points
6 years ago*
So you are sending XMR from exchange to xmr.to? And you personal BTC address is in Tails or all BTC transactions are Tor routed?

Buy BTC/Alts with identity. - This is unavoidable, anonymous is better but its not possible for most people or its very cumbersome and expensive. Also alt coins might get less scrutiny or there might not be a chain analysis package for all of them, so more work for the popo.

Sending those coins to fake identity exchange is good - (assuming the email used can't be tied to you by IP, IP used on exchange can't be tied to you). Chain analysis can still tie you to that exchange account, you can bet your ass that a non KYC account on Binance still has every action logged.

If that exchange account is tied to you through chain analysis and an amount of XMR is sent out from the exchange and an equivalent amount of BTC is sent out of xmr.to wallet (you can count on xmr.to being spied on) AND that BTC gets flagged for drugs, you could get implicated. Maybe it happens 5 times?

All exchange XMR withdrawals could be correlated with xmr.to BTC transactions automatically and that used for flagging people. Just because iit doesn't happen today, doesn't mean someone wont build a tool for it a year from now. BTC ledger is forever. Anything relating to finance must be kept for 11 years (depending on jurisdiction). Because shadyexchange.com isn't cooperating with LE right now does not mean that 6 months from now they won't give real time access + all logs to some regulatory body.

If I were you i would withdrawn more XMR than I need to my Tails Monero wallet and then use that for BTC payments.

The point is for buyers to use XMR and for vendors to accept XMR. This way an opsec failure is less likely on either side and its safer for everybody.

Security by default is the key. The less you have to do or keep in mind the better.
/u/TheDruid
1 points
6 years ago
"So you are sending XMR from exchange to xmr.to? And you personal BTC address is in Tails or all BTC transactions are Tor routed?"

Yes I'm. all my transaction are made Under vpn (Binance and email, always undervpn, since I have a dedicated browser+ a system level vpn), for clear site, and tor for wallet and xmr.to. Wrong move?

-.----------------------

You are correct, I'm buying BTC with real id, well, not btc, but altcoins, this can be done, at the moment, in my opinion, since I made only few, and low transactions, nothing big. As soon as I get bigger and bigger, localbtc, or ATM will be the route for me.

-.----------------------

"All exchange XMR withdrawals could be correlated with xmr.to BTC transactions automatically"

This made a point. So I will introduce a new step. Xmr wallet, under tails/tor, to send the xmr from binance to the wallet. Then xmr.to (TOR), then personal tor wallet, then market. This sound more secure.
/u/iPlay_Runescape
2 points
6 years ago
Make sure your VPN is not under your name, preferably paid for with XMR.
Don't use your crypto buying VPN for checking your gmail or watching your TV subscription. Keep it exclusively for crypto.
Consider creating new VPN subscriptions periodically, shouldn't be needed if hey are not actually keeping logs. Its likely ok for crypto buying to have a single account, probably not for drug market admining.

What happened with WSM admins is that they got narrowed down and they checked local banks who had a subscription for VPN. Wtf? VPN in your mom's name? Why?

It should be ok to send from Binance straight to your Tails Monero wallet. Those transactions should be bigger than your xmr.to conversions or the funds that you are sending into a Market.

Evry time you buy crypto should not correlate with you getting a package. This can be correlated years into the past. You can have 50 packages land and then 2 do not. They look into you, see what you buy from Coinbase, see that you regularly receive packages and that matches your Coinbase purchases. Then they bust your door down.

Monero is King. You don't see when something was spent or how much was spent. There is no story to tell.
/u/TheDruid
1 points
6 years ago*
VPN are not in my name, they are actually hacked accounts, well, carded accounts, so no name correlated to me. And yes, no log policy, and yes I will switch VPN account from time to time, I was considering to have ready 2-3 accounts, to switch from, just to be sure.



"Every time you buy crypto should not correlate with you getting a package."

This is a problem for now, since It is correlated, but as I said earlier, the more I need to buy, the more I will move into ATM machines, I have one relatively close to me.
Then no id required under 1000€ so yeah

-----

"It should be ok to send from Binance straight to your Tails Monero wallet. Those transactions should be bigger than your xmr.to conversions or the funds that you are sending into a Market."


Will try to do this. And if I think about it, I can always buy more xmr, and let the dust for the next order. keep recharging the account. This only till I need an ATM, since after I use the ATM, no more real ID link will be needed/associated.




And i agree with you, monero is the king, afaik.

And thank you for all the tips.
/u/ASTROLAND
1 points
6 years ago
Great post
/u/mdma_roller1
1 points
6 years ago
in my case:

KYC exchange for ltc -> Electrum-LTC wallet (doesn't need to be new every time, just different subaddress) -> morphscript.py to a fresh XMR wallet -> Fresh XMR wallet -> "Dirty" XMR wallet -> Market Wallet.

This is proper OpSec?

i do ltc to monero for the low fees, but i usually use morphscript to send straight to dirty wallet (done it one time)

From what I understand I need to make a fresh XMR wallet for each MorphScript use, then from the fresh wallet to dirty wallet (with new address every time) and then send to market.
/u/[deleted]
1 points
6 years ago
Is there an .onion BTC->Monero exchange for the "temporary created wallet"? Something like XMR.to, but reverse maybe BTC.to? lol

I have some leftover BTC on a market and I want to convert to XMR and slowly send back over to desktop XMR wallet over the next week or two.
/u/stillslingin
1 points
5 years ago
appreciate the insight brother...im new to xmr and was torn between buying xmr from localmonero and sending to tails xmr gui wallet, then to market... or lbc- clearnet elec- tails elec- then converting via morphtoken inside tails sending to my gui wallet then market....are either of these viable options?
/u/HermanMurphy
1 points
5 years ago
This is the route I take as well. BTC Market>clearnet elec>TAILS elec>Mophtoken>TAILS Monero GUI>Market/Vendor

I'm assuming this is good enough?

You got your TAILS drive confiscated??? A TAILS drive with Persistence is safe though, right? (assuming no record of persistence passphrase)
/u/5pctoff
1 points
5 years ago
What happened to the days when we got off our lazy asses to buy weed from the local dealer?
/u/drjuhy
1 points
5 years ago
is it ok to get paid from the market to a mymonero quick access wallet online which you don`t provide personal details for? If so, whats the best way to cash this monero out?. I will not be buying monero to pay for items i will just simply be receiving it.

Feedback will be much appreciated.
/u/spacecat1999
1 points
5 years ago
>I would even go as far as exchange -> your wallet -> a temporarily created wallet that gets deleted after every use -> drug wallet. This way if your drug wallet gets in the hands of LE, it can not be tied to your main wallet. This would mean breaking up the XMR in the temporary wallet, before sending to drug wallet.

There's no reason to have a "drug wallet" at all. Just create a temporary wallet for every transaction whenever sending coins to/from a marketplace. Keeping a drug wallet around just opens you right back up to all the problems you're attempting to mitigate.
/u/6ixshotbigdaddy
1 points
5 years ago
New to the whole Monero thing want to learn more!
/u/mdp2plane
1 points
4 years ago
3 weeks ago Cipher claims credit for this or something similar. Its been known for a year. So FlinStoner420 = Ciphertrace CEO #FoundConfirmed

Or is what Ciphertrace is doing different? Just sounded like they were peeling data from unclean & not distanced wallets - non sanitized versions.
/u/AccountVerified
1 points
4 years ago
All counts for jack shit if your running tails with UEFI boot ! as Microsoft's UEFI is a hidden firmware OS screen capturing your desktop every n seconds.
/u/therat
1 points
4 years ago
how does one go about change this, if a UEFI boot sequence happens to be used
/u/AccountVerified
1 points
4 years ago
need to go into BIOS and switch to Legacy. If that cannot be done, that machine is already compromised. Sometimes, old tech beats new tech.
/u/loftip22
1 points
4 years ago
Do you honestly think they have the manpower worlwide to annalyze BTC-XMR,for many many buyers just buying their weekly personal amounts say 3.5g coke or say 5g herion,as i would think there are alot of customers doing that especially when pay day comes once a month maybe they buy more as you know the bigger amounts cheaper your product,just a thought.

I don,t think they wastes much time and money for a few grams to tye the kid over untill he/she gets payed again.Whats your thought on that?
/u/encom75
1 points
4 years ago
What a good thread! Very helpful. ;)
/u/[deleted]
1 points
4 years ago
How to sanatize offline wallets?
hot wallets can be deleted anytime and regenerate but offline wallets are expensive
/u/colimbo87
1 points
4 years ago
I think I am good and I have posted about this before, but checking again, this is what I do:

Buy BTC on clearnet > Send BTC from the clearnet exchange to a clearnet Electrum > Send from clearnet Electrum to another Electrum on Tails > send from that Electrum to Elude, convert to XMR > From Elude to my Monero wallet. For every Elude -> Monero wallet, I always make a new subaddress to receive the new XMR > From Monero wallet to the vendor on the market (usuallly not to a market wallet but straight to the vendor). Good?
/u/publicactive
1 points
4 years ago
I would add/stress that one should run a local node, preferably VPN but not a big deal and learn to use the CLI, it is the wallet that is always most updated and secured.
/u/front_ddea
1 points
4 years ago
okay your post has loopholes in it.

but i have another question - WHAT IF MONRO TRANSACTION GETS TREACEABLE ?
lol then all your hard work in writing this post is for "NOTHING" .

please dont mislead USERS(NOOBS) like us. if you really want to post something thats worth it , then post something that "I WILL APPRECIATE".

what i meant is post regarding how to buy/use monero in DNM with all the past - present and future weaknesses in mind.

lol i haven't even talked about possible quantum computing attacks on blockchain.

I am not criticizing your post, its just dont give users half knowledge. then they will just follow your post and end up in jail.

lemme give you a topic to start with "just search monero transaction traceable" LOL i am not even talking about current ciphertrace drama.
/u/dreadzap789
0 points
5 years ago
People, start using "Samourai Wallet" - Its a anonymous wallet and they recently integrate Coinjoin protocol which they now call whirlpool. It will anonymous your bitcoin... I recommend everyone in dark-web start using Samourai Wallet. There is no KYC its works on TOR.. just excellent.. Check it out... Its just best anonymous Wallet.
/u/encom75
1 points
4 years ago
I just noticed that I have that and it downloaded with my Monero wallet. Need to check that out.
/u/5pctoff
0 points
5 years ago
Also, while it's a pain in the ass. Setup a new wallet for each "purchase". Destroy when exhausted.
/u/dreadzap789
-2 points
5 years ago
> I would even go as far as exchange -> your wallet -> a temporarily created wallet that gets deleted after every use -> drug wallet.
What a stupidity??? Even this can be traced...
Even ff you delete the temporarily created wallet inbetween, There is blockchain record which cannot be erased... backtrack will show your wallet address...
DONT DO THIS! WARNING.

Better use an Anonymous wallet like - Samourai Wallet

They where whirlpool integrated now... and the wallet runs in TOR.

Even the IP address is recorded in the Meta data of Block record fro teh transaction.. SO you will be traced... use wallet like Samourai Wallet which runs on TOR.
Stay Safe.
/u/[deleted]
1 points
5 years ago
[removed]
/u/dreadzap789
1 points
5 years ago*
Just to clarify, what I mentioned regarding IP address record, I was referring to the Wallet Account you use.. Not the Blockchain itself. For example, if you use use a Wallet of Coinbase, your transaction is recorded with the IP address by the wallet. The Wallet stores your IP as Meta Data. Which is why I recommend to use Samourai Wallet which runs on TOR. yes, CoinJoin protocol is not perfect, but its better than just sending BTC directly RIGHT?
Something is better than doing nothing right?

I have question, What did you mean by - Monero's ledger is opaque. Addresses do not exists on the blockchain. ????
If addresses do not exists on the blockchain then how are we checking the balance of the Wallet or the Transaction Completion. Offcouse the Amount send is hidden in Monera which is why its the best Privacy Coin out there.. as you will never know how much the both party has exchanged compared to BTC where transaction is Naked.

If the LE takes over an Market Place, then they will have the Monaro Wallet address of a Vendor through which an back query will give the transaction address which received funds... How can you say that Addresses do not exists on the blockchain. Nothing can be "backtraced" to "show your wallet address".???? Offcouse they can, when they get hold of Vendor Wallet RIGHT?

Is it not? Please share your thought////
/u/[deleted]
1 points
5 years ago
[removed]
/u/dreadzap789
1 points
5 years ago*
@Thotbot: Want your input on this question -
If LE finds the Monero Wallet address of the Vendor during Market Takeover, can they query the Blockchain for Reverse analysis to find who sent funds to the vendors Monera Address. (Lets consider, LE doesn't have the Private Key of Same Wallet of that Vendor, but only has the Wallet address from the Logs of Market). Do by just having the wallet address, can they reverse find analysis to Buyers wallet? Can you please explain?
/u/[deleted]
1 points
5 years ago
[removed]
/u/dreadzap789
1 points
5 years ago
Okay I got it... So only if the Private Key gets compromised, Then you can see the senders address and the amount...
/u/dreadzap789
1 points
5 years ago
@Thotbot, Also can you send me the link to the Part-2 of this Thread: http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/272e1b2a9317a973c99d
/u/[deleted]
1 points
5 years ago
[removed]
/u/dreadzap789
1 points
5 years ago
Okay will be looking forward for this Monero Bible. Thanks
/u/boogknight
-3 points
6 years ago
We just read a white-paper on "dust attacks" for XMR...written by a university research team that ran a year-long study on how to perform this attack with a success rate ranging between 48% and like 65% (or somewhere in that range). We won't provide any links since they'll just get removed, but we recommend you Google Monero+Dusting+2019 and the first result should give you more info on Monero Dusting.

Monero uses a 10-in/1-out methodology, which means for every single outbound transaction, there are 10 associated inbound transactions. In order for anyone to "track" a Monero transaction, they would have to dust the entire XMR blockchain and have enough crypto out there to guarantee that their crypto is eating up at least 6 of those 10 inbound transactions. If a person or group can be 100% certain that 6/10 inbound transactions are their "dust" transactions + 1 more for the "illegal" transaction taking place, that gives them a 70% probability of tracking funds. But with as many XMR transactions that take place in a day, that would take literally millions of dust transactions from the attacker all day, every day.

It is
technically feasible in Monero, they are significantly more difficult to execute because, in Monero, public addresses do not appear on the Blockchain.


So, theoretically || (IF) a buyer or vendor were to use a singular wallet address to send/receive funds repeatedly && (AND) an attacker could be 100% certain that their dust was in place on a minimum of 6/10 inbound transactions && (AND) they were able to correlate the date/time & amount of both the XMR sent and received by somehow "seeing" the actual addresses of both parties (which is mathematically improbable) this could work and HAS worked according to the paper we read.

Great Read...

TBK
/u/theRoyalMoose
3 points
6 years ago
There was a flawed study on output spam attack on the Monero network. The corrected paper will probably be out soon, if the academics know whats good for them.

Having a static public address opens you up to a poisoned output attack (knacc attack) that is more easily executed. Otherwise you would need to solicit an address, make a purchase to not be suspicious. With a public address you can drip small amounts into the account and wait for the vendor to fuck up (combining the dust with other XMR and depositing it to exchange or sending it to some other monitored wallet that can tie the transaction to an identity.
/u/boogknight
-1 points
6 years ago
Perhaps, if you had enough dust out there && if you knew the public address && if the target used the same address for everything. But if they're creating a new address everytime, that removes 2 of these 3 conditions and leaves just a dust attack.

TBK
/u/[deleted]
1 points
6 years ago
[removed]
/u/boogknight
1 points
6 years ago
We were just thinking of the sitewide rules about posting actual links, not trying to imply that there was any censorship going on. But it is good to know this is a safe space to discuss these things.

TBK
/u/[deleted]
1 points
6 years ago
[removed]
/u/boogknight
2 points
6 years ago
No Worries. We are currently being attacked by alts or a bot, and our profile score has dropped 600 points in about 36 hours, so if we had checked us out and saw the numbers we're at now, then we'd probably have misinterpreted the intent as well. We think you're doing a helluva job here /u/Thotbot. Keep it up m8.

TBK
/u/HugBunter A
1 points
6 years ago
Was thinking to add this for transparency reasons, I'll consider it for the next update
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo