Monero Under Attack | MONERO MONTHLY 08 - Ungovernable Misfits

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:01):
The business will fall victim to a ransomware attack every last seconds, eleven seconds.
I am investigator investigator
investigator.
And I work supporting
Our agenda for today,

(00:23):
we're gonna start with just the basics of Monero.
What it is, what it is, how it works, how it works.
Monero is considered a privacy token.
The world's
most private
privacy. Which means that in high, virtually all transaction details are exchanged. The world's most private
privacy.

(01:12):
Good morning, Seth. How are you? Good morning, sir. I am, I'm doing well. Back from a a week of vacation,
which is the first in a very long time. It's really nice. So Oh. Refreshed, but also realizing
well, not realizing because I've realized this for years now. But when you're more than an individual contributor, vacation just means you have more to do when you get back. So also feeling overwhelmed and swapped, but that's a that's a good problem to have. So Yeah. Can you

(01:40):
say where you went, or is that doxing? Or No. Yeah. I can say. Yeah. My wife loves loves the beach. So we went
to Miami Beach and just enjoyed some some nice pools, nice beach time, some good drinks, good food. Nothing too crazy. We like we like a a calm vacation. Lots of reading by the pool or by the beach. Not doing anything crazy. We learn that quickly. So

(02:02):
good rejuvenating time.
Get back to it. Get ready for the the second half of the year. Your missus is there reading novels and you're reading white papers, I imagine.
I may or may not have been reading, cryptoeconomics
by Eric Voskal. Do you know what? That's right up there on my list of what I need to listen to because
so many people that I respect rate it really highly. Did you feel that it was a good one? So I'm about halfway through. I do absolutely love it, and I think his

(02:31):
approach to a lot of the security models and thought processes behind how Bitcoin works are really interesting and really novel, like, quite different than a lot of the normal podcaster spiels about this stuff, even stuff that I've said and thought before. So I really enjoyed it from that perspective just that it's, like, it's not just preaching to the choir, but it's actually a different take on a lot of ideas,

(02:52):
within the Bitcoin space. I will say it's it's very dense.
Okay. So it's not, like, it's not for the lighthearted, but
if you have a pretty good under like, you, I think, would really enjoy it. I would say if you're very new to Bitcoin, it's not a good book to start with because it assumes that you understand a lot about how Bitcoin works, about how proof of work mining works. Because this is it's essentially like a compilation of short writings

(03:14):
that Eric made over years and then compiled into a book. But it's it's very fascinating. It's the first book in a long time that I've, like, earmarked a ton of pages of stuff I wanna go back through and think on more and write about as well and really good stuff. Really good stuff. I really highly respect his his opinion and thoughts on the space. Yeah. I, I've never actually spoken to him, but from the couple of interviews that I've heard and the bits that I've read, he strikes me as someone who just doesn't follow the crowd for clout and just say the things that's gonna get his back patted and his balls tickled. It's more just like, I have my opinions. I'm gonna say them, and I don't really care

(03:52):
who believes me or thinks the same, and I don't wanna be part of your club. He's he seems to be an independent thinker, which I appreciate. So as I said, I've got it saved. I think I think it's, like, on
audiobook
in one of the podcast players or something like that, audiobook format, which I need because I'm such a dyslexic fuck that I'll never get through a book like that. But yeah. Okay. Right. It stays up at the top of the list then. And rest of the holiday, just chilled, enjoyed some sunshine, good food. It doesn't get better than that. It's true. I'm finally rid of this this farmer's tan that's haunted me all my life. So This farmer's tan.

(04:30):
For now. I say rid of if that means for, like, the next month until it all wears away and it comes back. But, you know.
I like it.
So what have we missed,
in the world of Monero?
What's been going on? I've also been sort of away from the computer and doing other bits and pieces. So I've heard that there's

(04:51):
a load of fear swirling around at the moment. I've not really dug into it, but I'm sure you have. So what's going on in Monero world? Yeah. It seems like,
anytime I kinda step away for a week or something and try to digital detox and disconnect,
something
new and absurd happens. So you're you're right. There's a whole, a whole new, wave of fear, uncertainty, and doubt, FUD Excellent. Swirling around Monero, specifically around Monero mining.

(05:20):
And the reason for that
I'll preface this with the people doing this, I think, are bad actors, And I have a very intentionally not named them on, like, Twitter and stuff while talking about them because I think the entire point of this is just a marketing ploy to take advantage of Monero's
market, Monero's engagement and community to essentially boost their own idea. Obviously, we'll talk about who it is today. But Yeah. Basically, what has been happening over the last month is there is a a cryptocurrency that's been around for a while,

(05:48):
I think, since, like, mid last year called Cubic.
I haven't dug deeply into what it is, but the founder has been doing a lot of shady things, including doxing Monero community members, like pictures of their front doors
and
What? Really sketchy stuff. Like, really sketchy stuff. He did that to a community member I don't respect, but that doesn't matter to me. It doesn't matter if I like the person or not. They should not be ducksed on ducksed on Twitter. So there's a lot of sketchy stuff, like, a lot of reasons not to not to trust the things that are said here and to to not take things at

(06:20):
at face value from them. But, basically, this new relatively new cryptocurrency over the last year has not been doing well in terms of price, and it seems like their latest ploy to try to kind of revive the engagement in the community around the coin is to
essentially create a new mining pool for Monero
where they pay miners
in their token,
Cubic,

(06:40):
that they just print. There's like it's like a billion is printed every week or something like that. Like, a lot of Okay. It's a very high,
coin count cryptocurrency.
They pay the miners in that, and they're essentially subsidizing people to mine Monero on their pool.
So as you mine on their centralized pool, you're mining Monero, but you're getting paid in their cryptocurrency, and they're paying you extra to do so,

(07:04):
which, obviously, no one can stop that. Someone wants to subsidize mining. That's obviously something that can always be done.
Mhmm. And as part of that, their goal is to attack the Monero network to get enough network hash rate so that they can be over 51% so they can have a majority share of the mining
and essentially attack Monero. So they've said, supposedly, they're gonna do this, I think starting August 2 through the rest of the month of August. Mhmm. They're supposedly going to have 51% or more of the network hash rate and attack

(07:33):
Monero. So far,
the most they've been able to amass for a six hour period is about 30% of the network's hash rate. And
for, like, a longer period, which they would really need to sustain to do anything
serious with a 51% attack. They've only been able to accrue about 20% network hash rate. The way they're doing it is very sporadic and intermittent. They've lied about the amount of hash rate that they have. Multiple Monero community members have dug into this and and proven that they were lying about the hash rate they have. But it looks like, basically, they're either

(08:03):
using some sort of compute resources
off and on throughout the day, or they were just renting hash rate from someone,
and deploying it not all the time, but only some of the time.
Supposedly, what's going to happen
any thoughts on that or questions before I get into kinda, like, what you can do as an average person?
Yeah. A few thoughts. One, I always think these kind of things are quite good tests

(08:27):
because
if this is happening with, you know, some
cryptocurrency
founder
fucking around,
if you can't survive that, then you know you can't survive any sort of state level attack. So it's kind of like a it's kind of a good test in some ways.
But at the same time, I'm thinking, like, what do they hope to other than, like, you're saying, get some,

(08:53):
I guess, no press is bad press, but it kind of is as well. Like, I can't imagine someone listening to this being like, okay. So there's a guy going around doxing people's front doors, which is disgusting. Like, even if I had a friend who did that, I would fucking beat them senseless. You can't do that as absolutely
Mhmm.
Dangerous and stupid and disgraceful thing to do no matter what the backstory is.

(09:15):
And then on top of that, it's like now they're attacking one of the most useful cryptocurrencies
in the world
that people heavily rely on.
I can't imagine someone listening to this and going,
oh, right. I'll go buy some of that fucking pointless coin then. Do you know what I mean? Like, it it is marketing, but it's fucking terrible marketing.

(09:36):
I mean, it's not marketing that's going to win over Monero community members.
No. But it could be marketing that would win over just people seeking
pure profit. Like, just thinking, oh, there's a lot of hype around this coin. I'm gonna buy some just in case Lots of other people buy some, and it kinda has this, like, pyramid scheme quality of Yeah. I'll just get out first. Like, I think that's the like, it's the d gen that could be attracted to this. And, like, a lot of the the biggest writing has been just people, like, AI generating garbage. Like, someone from unstoppable while it just basically AI generated a thing about this attack and had lots of inaccuracies and Right. It's just a lot of, like, I think that's the type of people that it's going to draw.

(10:15):
Definitely not people who actually, like, care about human freedom or something like that. Like No. No no one like us, but I think that it can draw that. But like you said, it is, I think, going too far in the, like, no press is bad press concept.
Yeah. Yeah. That's I I can't see that's a winning strategy, but maybe it's just desperation.
And then the other thing that I was thinking when you're going through it is, like, you said at some point, they've managed, I think, 30% over a six hour period.

(10:42):
That's quite a lot.
It seems
like that's kind of quite scary. Like, most of these things where they're talked about, I'm like, it's just like hype and whatever. Like, is there any part of you that's like, okay. This is like a realistic
problem here, or are you thinking that
on the other side, maybe people spin up more hash rate on different pools to combat this?

(11:05):
Like, how does that work? Is it like a hash war kind of thing where people who care about privacy gonna try and protect against this or, like yeah. I don't know. I I don't I don't understand the technicals enough to say more than that, really. Yeah. For sure. So, I mean, I think you you hit on a really good point that it says just a good test. It's a good proving ground of what Monero can resist in terms of mining

(11:27):
attacks. I think, like, we've always talked about this idea of, like, a nation state subsidizing mining or a nation state, like, paying Amazon, for instance, to point one of their data centers to a Monero mining pool and Yeah. Mine empty blocks as a censure censorship attack or something like that. Mhmm. But the thing that, at least, I've never thought about is
someone can just print their own money in a new cryptocurrency and then subsidize miners and hope that they're profit motivated enough to essentially attack Monero

(11:52):
in order to gain this other cryptocurrency that someone can just print out of thin air.
I hadn't really considered that angle of the attack,
but it's a very important one to consider because
miners generally are only profit motivated. I think that's not as true in Monero for multiple reasons, but they are generally profit motivated. So even if their profit comes from something that's a scam, if it's profit, there are probably a lot of miners that would be willing to do that. So it's an interesting angle to to think about there of, like, how do we protect against that? And the very simple answer is the way

(12:25):
Monero gets stronger
is you mine. Like, you, the listener, take the time
to start mining Monero on your laptop or desktop when you're not using it. There's lots of good tools for this. I posted an article on x that that had the three main ones. But, essentially, you can
mine with
goopax, which is the that we talked about already on the show multiple times.

(12:46):
That makes it much simpler for you to mine using p two pool, which is the the best decentralized way to mine Monero and protect the network. Mhmm. And earn some Monero.
You can mine via the Atari universe miner, which you talked about, Tari, a little bit. I'm not sure if that was last show or the one before that, but they have a really cool, like, well well written, very beautiful,
miner for Atari that also merge mines Monero. So you can use that to mine Monero.

(13:10):
And then you can also use the actual official Monero desktop wallet to mine Monero via p two pool as well. That one's gonna take a while because you have to also sync Monero's blockchain from scratch before you can actually start mining. But that is an another option as well that's that's quite straightforward. So that's this I mean, that's the simple answer is, like, you can defend Monero, and that's the the kind of the two the double edged sword of Monero's proof of work essentially using

(13:34):
common
CPUs as the ASIC for Monero is that anyone can mine. The painful edge of that is that anyone can mine. So if you have a data center or you have a bunch of compute lying around or someone has idle compute that they want to rent out Mhmm. Anyone can pay for that service that can be used by anyone. Yeah. And so it it that is the downside of being ASIC resistant is that an attacker like this Cubic project don't have to go out and buy a million dollars of ASICs. They can just use existing hardware that they already have, or maybe they have some partner that owns a data center that has idle compute or something. That is one of the downsides to this. I think that that downside is worth the benefits that we get from ASIC resistance at this point, but this is, again, one of those, like, really good tests of how resilient is the network, how many Monero community members will actually mine,

(14:23):
and we'll actually take the time to do this. And, yeah, we'll see. I can I can also break down a little bit of, like, what actual
harms here are of a potential attack if that's useful?
Yeah. That would definitely be good. Just before you do that, I was just as you were saying that, I was thinking back to, I think, probably our first episode where we're talking about this

(14:44):
symbiotic
relationship between Bitcoin and Monero and also
the fact that the differences are actually
very useful because
it makes it less fragile as a whole system, and I think
this is another sort of proof of that. It's like, okay.
This is not an attack
that realistically

(15:04):
could be waged on Bitcoin
by these type of people. It's, because of a six. But it is something that potentially could happen here,
and that's why there's the importance of having both in my eyes at least. Is, like, if one's being attacked in one way, it would be harder with the other. In the same way that it's much harder to attack and trace and track people on Bitcoin, it's it's nowhere near as easy on Monero. But in terms of attacks like this, a six of just the general just the amount of hash rate that there is on Bitcoin makes it extremely resilient.

(15:38):
So, yeah, I you know, that's just something to highlight.
I get frustrated with people on both sides attacking each other, and it's like, no. This is actually
a very, very good system to use both.
They both have their benefits. Yeah. Yeah. For sure. Yeah. Yeah. And I know we've talked about this idea of, like, basically, that idea of, like, Monero being a hedge against some of the choices in Bitcoin and vice versa. Like, that is an important thing to keep in mind is that Monero has made some choices that could be advantageous, but this maybe this will be a reason to say that basic resistance is is a bad idea. Like, I think that'll it'll again be a very interesting test, and I hope that the Monero community

(16:17):
takes it and learns from it. Like, that should be a key aspect of this too. It's, like, we shouldn't just rage against another attack. We should obviously do what we can actively to protect Monero against that attack. But, also, we should be thinking, how do we how do we actually learn from this? How do we make Monero stronger and more resilient?
And, thankfully
I guess, thankfully, maybe not the right word, but we've had lots of different attacks over the years in the Monero space. I think often more than Bitcoin has seen from a, like, a technical perspective. It would make sense. So it'd be fascinating to to add this to that list. I think just, like, to jump into, like, what people should be keeping an eye out for is, like, if you do see that this attack does actually happen, is actually successful,

(16:57):
obviously, just keep an eye on social media. Like, we'll talk about it, as well if something like that does happen. The only real risk
is if you are providing goods or services for Monero,
you shouldn't accept Monero in the event that there is an active ongoing 51% attack. You shouldn't accept Monero with a low amount of confirmations.
You should increase the required amount of confirmations before you actually consider that Monero confirmed and you deliver the good. Because that's the main risk here is that they would try to double spend Monero that they're mining. Maybe they try to buy a gift card and then double spend the Monero back to themselves

(17:31):
with their extended hash rate. And then they get the gift card, you can't get that back, and you also don't have the Monero. So that's the key risk here. So if you're a merchant that especially if you're using BTC pays, it's really easy to change. They have some default policies, like, same as store policy, one confirmation, 10 confirmations,
or there's a custom option, and you can just set it to however many confirmations you want. Obviously, that's gonna kinda depend on your your risk profile. If you're out doing relatively small sales, it might be fine to leave it at one or maybe do 10. If you're doing

(18:00):
thousand dollars at a time, maybe you wanna do 20 confirmations.
And just keep in mind that Monero confirmations are every two minutes, not every ten minutes. So it's a little bit different than in Bitcoin. So that's something I mean, let's see how it unfolds, but, Uncoverable, I might make a couple of changes, but we're not so much at risk. But I imagine
you guys at Cake are probably thinking about this

(18:22):
fairly deeply with the services that you offer or offer through partners. And, you know, I'm not sure what the exact mechanics of how you do it, but could be quite a big problem if you don't get out in front of it, basically, or or, like, coin cards or, you know, any of these services,
could get hit pretty hard.
Yeah. For sure. Those with, like, digital delivery are particularly vulnerable because you're generally delivering something that can be redeemed immediately, and then you just lose that value. Yeah. It's it's definitely something we're thinking about heavily. I think just, like, the last thing I want to leave listeners with is

(18:55):
I do really think this is just a marketing ploy. I don't have high confidence that they actually will be able to successfully attack Madera's network, so I don't want people to just freak out and lose their minds over that. I I think,
Luke Parker, who's a brilliant Monero developer and researcher, he wrote this on Twitter yesterday. He just said, fearmongering and promoting a project which aims to remove Monero's decentralized block building and appears to be the same as any other centralized mining pool even if shares are submitted over some centralized network.

(19:21):
Don't contribute, though. Don't get manipulated into it. Don't engage with their stuff on Twitter or their social media. It's exactly what they want. Just go mine Monero to help support the network. Just in case something happens, you'll be doing your part to help make it harder for them to attack Monero, And just keep an eye out for word on this, but definitely interesting times. Never a dull moment in Monero. It reminds me of, like,

(19:43):
fake Toshi kind of stuff. Fake Toshi and his little crew. You're watching it, and you're like, what you're doing is
so fucking retarded and stupid. Like, anyone who has half a brain as I look at this, like, so stupid and pointless and, like, this is never gonna work. But if someone has deep pockets and especially if they can print their own currency,

(20:03):
these kind of stupid attacks are gonna continue to happen. It's just weird watching it. It's just like it doesn't feel real when you see these sort of stupid attacks.
Yeah. Definitely. I I think, like, one positive of these, though, is if something like this is attempted and fails, like, fake Toshi,
it does discourage and disincentivize other people who are doing the same thing in the future. That's true. So there is this kind of effect of,

(20:27):
a a ripple effect of if this entity
tries to attack Monero and fails and spends a lot of money to do so, it'll be a good evidence of why people shouldn't do the same thing in the future. It'll discourage more attacks. So there there can be some upsides if this settles the right way. But, obviously, you can have the the flip side as well. If if it's successful, it can incentivize other people to do the same thing. So Let's put in the show notes

(20:49):
links to all the ways that people can mine on their computers.
I'm sure we did it on the first or the second because I did it on my laptop, but my laptop then died. So I I don't currently have it running, but I have to do that again. If we put links to all the different ways, and if you are listening to this and you do care, even though it might seem futile and it you know, like, it's not gonna make a difference, these things do make a difference. So consider clicking on the links that I'm sure Jordan will put in the show notes.

(21:17):
Yep.
Okay. Next up, just before we jump into the software updates, I just wanted to call out somebody who I've seen working tirelessly
for Monero for years, like, since I got into Monero way back when this guy has been well, I should say guy or gal gal. I have have no idea. Has been working tirelessly,

(21:37):
like, around the clock for Monero behind the scenes with essentially no public recognition.
Their name is Selesta, s e l s t a. They've been super active on Reddit, in IRC, on Matrix.
But, ultimately, they're also somebody who's coordinating so many vital things behind the scenes, like the entire release process for Monero. They're running huge parts of that. A lot of the PR review,

(22:01):
issue
handling in GitHub, like, a lot of the behind the scenes stuff that really makes Monero tick,
they're doing. And because of the way that they do it, they're very quiet about it. They don't have Twitter or anything like that. A lot of people just don't realize all that they're doing. And and I just wanted to take two seconds and just kinda call them out for the incredible stuff that they've been doing. They are funded through the CCS. So if you see a CCS

(22:25):
request that needs funding from someone named Selsda, definitely just know that, like, I can highly, highly, highly recommend donating to that. I donate every time I see it, and just super, super thankful for their work over the years. It's it's pretty amazing
how people can dedicate so much of their lives to something like Monero and very clearly not do it for their own
benefit or their own Internet points or anything like that. But really just do it for the the love of freedom, for the love of a project like Monero,

(22:51):
and finding a finding a way that they can contribute long term. It's just just really, really cool to see. Well, shout out to you, whoever you are. That is awesome to hear. And,
yeah, consider donating to these types of people. They just do it, like you say, for the love of freedom, and that's a pretty incredible thing to dedicate your time and your life to. So shout out to you. And I can't say I'm good at this, but it is also just cool that people could do that kind of work and not not just constantly shitposting on Twitter. Like, I'm I'm not one of those people. I definitely am occasionally shitposting on Twitter at least, but

(23:23):
it's nice to see that humans are capable of, like, building amazing things
quietly and just, like, doing good work and not doing it for the the clout, which is is pretty cool to see.
Okay. Let's, let's jump into our software updates.
Do a few today. We're gonna keep this a little a little shorter than normal, get you all back out into the world after you catch up on your Monero stuff.

(23:43):
But couple quick k quality updates for you.
So we actually have four four releases technically to cover, since last month, but two of them are are smaller point releases. So we launched version five dot one, five dot one dot one, and five dot one dot two. Just kind of combine those all into one. We launched those, over the course of the first few weeks of July.

(24:05):
The biggest things for you to know about are built in tour support is finally live. Nice.
Android only right now, but we're we're working on bringing it to iOS as we speak, making good progress on that. So I'm I'm hopeful that that'll be in the the next release or two somewhere soon. Probably in the month of August, we'll have iOS,
native tour as well. But that's been a long time coming. We've been trying lots of different things behind the scenes to find what works best and really excited to get that out. Obviously, it's just a really vital tool for network level privacy.

(24:36):
I will say it's not for everyone.
Just expect that the user experience will degrade when you're using Tor. It's just a a downside of the way that the Tor network works. But if you're willing to put up with that or you know you have a threat model that necessitates
using Tor, like, specifically for connecting to nodes or freezing the swap services, Now it's way easier and more reliable than it used to be. So that's that's definitely a huge addition for us. Very nice.

(24:59):
Other main thing in those releases was that we we rebuilt the cake pay UI. So as a refresher, cake pay is our way that you can buy gift cards and debit cards directly in the Cake Wallet app for Bitcoin, Monero,
Litecoin, a few other things. We rebuilt that UI from the ground up. There are just lots of things that need to be improved. But, ultimately, the main reason we did this is we're paving the way to with the new provider, allow you to do in app redemption

(25:25):
of your gift cards and debit cards. So instead of having to get the email and go through this, like, PIN code and link rigamarole, it's a little painful right now if I'm honest, you'll be able to just immediately get the barcode,
the gift card code in the app right after the payment's confirmed. So it'd be much more seamless and especially better for in person. It's like if you're going to to Lowe's or Jersey Mike's or your favorite restaurant and they have gift cards on Kickpay, you can buy it even while you're checking out. Get that code. The cash register or cashier can scan it, and you can be on your way. So that's that part of it is not out yet. We're aiming for that probably in the month of August as well. But we built out the the whole new UI, to get ready for that,

(26:05):
which is helpful today. And then, obviously, the in app redemption will be coming, which will be a a a big step forward as well. Nice.
Our editor, Kerim, who's been doing some really awesome work recently, and he has been heavily leaning on Cake Pay for all the payments I'm sending him and everything else, and he's constantly
singing his praises. He's like, this is literally changing my life. It's so much easier. Like, it's so easy to go and do my shopping and go and get things done.

(26:32):
And like any good, Uncoverable Misfit, he's also complaining when there's problems. So Oh, he's doing that stuff. Some good feedback and told us some issues in the new UI that we've already resolved in the the upcoming release. So, yeah, he's doing good work both ways.
Our native QA testers, the uncomfortable misfits. Exactly. Yeah.
I love gift cards. I keep say people keep asking me about, like, spending and all that kind of stuff. And, like, I think gift cards are one of the best things

(26:59):
in the, like, Bitcoin and Monero
world. I think it's such a fucking
especially if you're earning
in Bitcoin or Monero and you wanna use this stuff. It, like, honestly makes life so much easier
in The UK. Like, all the shopping that I'd have done at any grocery store, all of the, like, diesel and petrol and, like, general day to day stuff, ordering on Amazon, whatever it is, it's like you could pretty much do everything, like loads of restaurants, loads of places. And if you compare that to

(27:31):
trying to well, either going through an exchange or trying to go through, like, Bisc and having offers not go through or, you know, Peach or any of these other options, like, it's a lot fucking easier.
Yeah. It's it's pretty, like, it's very underrated. Like, it is definitely something I wish didn't need to exist. Like, in the the best possible world, we would just pay directly to Monero. Like, I I wouldn't I would prefer that cake pay didn't need to be a thing. But, unfortunately,

(27:57):
it does, and it's really, really useful.
And, like, you also shouldn't forget about the debit card option. I will say, like, our debit cards right now are good, but not amazing.
We are coming out with new debit card options that will be even better. But even the current ones, you can add straight to Google Pay or Apple Pay if you use those. And that way, you can pay at any in store entity that takes credit cards as well. So you can pretty much pay for everything if you're willing to take a little bit of extra time to go through that and get those and definitely trying to make that easier and easier as we go. But it's it's one of those very, very underrated things. And until you try it, you're like, I don't know if I wanna go through the hassle, and then you try it and you're like, okay. This is actually, like, really, really straightforward and easy. Yeah. Anyway, I'll probably throw us off, your software updates there, but just sometimes

(28:41):
I just want people to consider these things because a lot of people ask me and haven't tried it. But, honestly, it's a fucking amazing service.
Yep. Yeah. Yeah. It's definitely a vital one. So looking forward to bringing bringing more improvements there. Jumping back into the software updates, cake wallet, we're about to also release version five dot two. As of recording this, July 29, it's not technically out, but it's supposed to be out today. It'll be definitely out by the time this recording goes live. So wanted to to throw that one in here as well.

(29:08):
The three big things here, one of them is just a really good quality of life improvement, but you should be aware of in case you have a very specific reason you don't want this, is the ability for cake wallet to automatically switch between
the, like, preset trusted nodes if there's a connectivity problem with one of them. Right now, the way it works is you just default or connect it to the one we recommend. Ferminero, that is our own node infrastructure that we run, that we've put a lot of time and effort into. You can obviously add your own node, whatever you want. But now if you have a connectivity issue with the node that you selected, it'll will automatically detect that, will handle it, and we'll try to connect to another node if we can't get that node working,

(29:45):
which is obviously really good for user experience, especially for newer users. But if you are very privacy conscious,
you will obviously want to add your own node, which you should be doing. You should be running your own Monero node. Add your own. And if you really don't ever want it switching to anything else, just go ahead and remove any nodes that you don't trust from that list. But it gives you that flexibility of being able to to have uptime even if, like, your home node goes down. You won't have to go in and manually switch the node and figure out whichever other one to use. That'll happen automatically.

(30:12):
I'll definitely make sure too that we have, like, a toggle for this in privacy settings so that you can just disable a feature entirely, but it'll be a a really good quality of life feature for that. And then the other main things here, so we are bringing ledger support for desktop for Mac OS and Windows to start with Linux on the way a little bit down the line.
So you can actually do your cold storage from Monero in k quality for desktop. I will kinda copy out that with we are kind of redoing the desktop from scratch as well, the desktop apps.

(30:40):
So throughout the course of the year, by the end of the year, you'll see new desktop apps have a lot of a lot better UI and better functionality. But even even in the meantime, you can go ahead and use Ledger for desktop now over macOS and Windows.
I've never used your
desktop stuff. Do you have stats? Or I guess you probably can't quite, but do you have some sort of idea of what percentage is mobile and what is desktop? I assume it's, like, almost all mobile.

(31:05):
It's so we we don't have any way to have any stats on desktop because there's not even app stores that were listed in on desktop. Well, no. I shouldn't say that. On Mac, I could get stats for that. I haven't looked. It's more than you would think, but it's not a ton of users.
But we don't have any stats on Windows or Linux because those are just direct GitHub downloads right now. Yeah. Okay. Yeah. Yeah. In theory,

(31:25):
so we are gonna list k quality in the the Windows
App Store as well as this release will be the first one where we are able to, like, properly sign it in the way that Windows requires, which is an onerous,
horrifying process of the right certification.
Would not recommend. It's been an absolute nightmare because it's not just like a certificate that you sign it with. It's like you have to have this, like, crazy validation process of your company, and it's like it's very

(31:52):
detailed and invasive and not great. But what it does bring is that when you install Cake Wallet on Windows, now you won't get the this is malware. Don't install this Mhmm. Warning because now we're we're Windows approved.
The funny thing of how this works is we don't have to change anything in the app itself. So it was marked as malware before. We pay money and go through this process. We don't change any of the code, and then it's not marked as malware after like magic.

(32:15):
It is. It is. Yeah. The code doesn't change, but suddenly we're not malware anymore, which is Yeah.
Is hilarious to me. That's how that's how the the world works, unfortunately.
But that will be a good change as well. That also allows us to actually be in the Windows App Store. So we'll get some stats on that at some point. But Okay. Obviously, as always, we're not we have no logging or anything for specific

(32:36):
installs. We just see, obviously, the amount of downloads for given platforms where we're in an app store.
Yeah. Last real quick thing. So this does pave the way as well. Five dot two paves the way for a ton of improvements in Cupcake. We'll get into that on the the next episode of Monero monthly because we'll be releasing the new cupcake in between now and then. But, essentially, what that means is better Monero support, better onboarding, and then we'll also have Bitcoin support. So you'll be able to do your Bitcoin cold storage in cupcake as well, and this this release of cake wallet lays the groundwork for that too. So exciting stuff. As always, we're shipping like crazy. The dev team is nuts.

(33:12):
But that's a good thing since store. Yeah. Set that with q on, was it freedom sec Friday or can't remember when it was within the last week. We were going through all the different releases, and he was like, fucking hell. They've done, like, four since I went to sleep.
We're quick. We're quick. Yeah. And a couple rapid fire

(33:33):
software updates for you. So a new version of Monero has been released, the the actual node software and desktop and CLI wallets. That's version zero dot 18 dot four dot one. It is just a point release, so there's nothing huge in here. It's mostly bug fixes and other minor improvements.
The one thing I'll say that is specific to me and other merchants that have a lot of payments, but the biggest improvement here is that now in the Monero Wallet RPC tool, which is the one that BTCPay uses, you can do sub address look ahead, and it will actually work, which is really important if you receive a lot of payments

(34:11):
and thus use a lot of sub addresses. It's the same concept as, like, AppLIM and Bitcoin
where Yeah. A Monero wallet will only look for I I believe it's the first 200 sub addresses, and then it'll just keep looking for the next one after that. And so if someone, like, goes to pay multiple times or something, you'll generate multiple sub addresses, but you won't receive funds. If it happens enough, your wallet just won't see any of your Monero even if you're receiving it and it's working properly. So it can be a real headache, especially if you're, like, restoring your BTC pay instance. Like, you create a new one and you wanna use the same wallet. Like, I literally could not do this when I spun up a new BTC pay instance because the Monero software wouldn't handle the sub address look ahead. I had to do a whole new Monero wallet for it to work, but this fixes that. So now you'll actually be able to set the sub address look ahead manually

(34:54):
and tell it to look for more sub addresses than normal or a specific range
so that, it can find find the funds that you've received. You've been able to do this in feather wallet for a while, but this is new to the Monero core software, which is especially important for PTC pay merchants. So it's a it's a good quality of life thing. Hopefully, it's something no one ever has to deal with because it's a nightmare. But now you can actually do it within the official Monero software, which is great. We also got a new version of p two pool. Obviously, we talked about p two pool a lot in the past, but this one, again, nothing major on the actual, like, user facing side. But what is really important that came out with the four dot nine

(35:30):
this last month are reproducible builds.
So for anyone who's not aware, basically, reproducible builds mean that anyone can take the time to build the software and compare the hashes that they get of the files at the end of that build process. They should always match the hashes of the files that are actually published,
by Shurnik
for p two pool. And that helps to ensure that the binaries that people actually downloading and using for p two pool are exactly what is buildable from the actual Git repo, which is a just a really important security tool that's common in some Bitcoin wallets. It's common in Bitcoin software. That's common in Monero's core software as well. Monero itself has had reproducible builds for a long time, but it's a pretty complex thing to get working properly. So it's good to see that brought there and just bring some more security, some more assurances

(36:15):
to those people running p two pool directly.
Last two,
quick one, cup rate the Rust based from scratch Monero node software. Got another version. It's running beautifully.
I unfortunately lost the timestamps of how long it took me, but on a really old Lenovo
ultra small form factor desktop that I have at home, I synced this version of cup rate. I believe it took me three hours and twenty minutes to sync Monero from Genesis, and this is on a an old SSD, an SSD, but still an old one. And pretty low end, like, over a decade old hardware. So it's it's pretty absurd the the speed that they've been been able to achieve for initial download. So great to see that progressing. Good work going on around that. I'm glad they've been getting funding to work on that too.

(37:01):
Last software update, and then I'll I'll check it your way, Max, for the boost,
is Unstoppable Swap, which we've talked about before. They're an atomic swap,
software tool where, basically, they've been building out the atomic swap software that was first built by the Comet network team. It was the same protocol that was used by the samurai wallet team for their atomic swaps. Unstoppable swap has been building around that for quite a while now with a basically, a simple desktop GUI for doing those swaps.

(37:27):
They've rebranded to Eigen Wallet. I hope I'm pronouncing that right. That's a terrible way to run. Eigen Wallet. I,
yeah, Monero
branding.
Yeah.
It's
it's fine. I need to figure out what it means because I don't know what I can means. It sounds German to me, but I don't don't know. It's very bad. Unstoppable

(37:49):
swap was a good name because it's very clear, like, what are you doing here? Well, I'm doing an unstoppable swap. That's what I'm doing. That's what we do. But now we're Eigen wallet. So,
you know, I've I've just gotta say the truth there. That is a terrible one.
Yeah. Unfortunately, I didn't wanna be the bad guy, but it's nice to have someone else be the bad cop sometimes.

(38:09):
Thanks for that, Max.
I'm sure it's it's still a great service. I'm sure you're great people and all that, but I'll just say it as I say it. Consider, consider not changing it to Aiken.
It it is. I will add the the I think the reasoning behind this is because they're not just an atomic swap tool anymore.
They're they're apparently launching a, like, full fledged

(38:31):
Monero wallet that has their atomic swap process integrated. So I think that's the main reason behind the rebrand.
Obviously, I also don't like the name itself, but they are doing more than just atomic swaps now. So I think that's the kind of the idea behind it. I haven't had a chance to test this yet. I am very curious.
Supposedly, it's gonna be cross platform as well. So Android and iOS.
So definitely will be interesting to to take a look at. I love seeing new,

(38:55):
maybe competitors isn't the right word, but new,
yeah, we'll just say competitors in the Monero wallet space because it means that everybody's gonna have to work a little harder to build better products for the the end user, and that's a good thing. So Yeah. Definitely curious to see how that goes.
Very nice.
Alright. And like you said, we'll go into the cupcake stuff next
time, next month it will be.

(39:16):
We couldn't get any of our XMR chats
today
because they're doing maintenance.
So anyone who sent an XMR chats
with questions and everything else, we're not gonna be able to cover those today, unfortunately.
We will have to push those to next month. So we'll have a lot of questions and stuff to cover next month,

(39:39):
and probably less of the, software updates and stuff. But we haven't forgotten you. I apologize.
But we do have
the boosts.
First up from John with 21,420
sets. I look forward to hearing from SPA and MTC
on the rebuttal to border wallets potential crypto

(39:59):
cryptographic failings.
Did we hear anything from them? I've not I've not heard anything from either of them.
I want to say that
Super Fat Arrow
oh, yeah. No. I I haven't seen the actual video yet of the presentation from an ArrowCon.
And actually, if you look at that again just to see if if they've listed it, but I think that was the main thing they were waiting for. I believe Superfeder reached out on Twitter and was just looking for the the video to learn more about the specifics.

(40:27):
Okay. But it Alright. If they wanna learn more, they can also always reach out to Aaron Fikert, who's the dev. He used to go by, Sarang Noether,
in the Minare community. But he's the he's the researcher who came up with the idea and was was talking about it at the conference. So, obviously, you'd have more Okay. More details.
Yeah. It'd be interesting to hear back from them. For sure. If you do get in touch,
SPA or MTC, let us know and let us know how that conversation goes.

(40:52):
Huge Jizzy Loads
with 21,000
sets says, use the tools,
hashtag
free samurai.
Thanks, huge jizzy loads.
Shadowy badger with 7,777
sats
says, let's fucking go.
Whirlpool
and Monero.

(41:13):
Late stage Huddle with 6,000 sets says, there are days when I feel like squawking
fucking
Mongoloid
screeching it into the ether
with nonsense.
I've
just never been able to articulate it just as well as Max did.
I don't remember that. I do say mongoloid a lot. I don't know what I was, squawking about. Can you remember? Probably not. You've got more important things to

(41:41):
It's it's hard to remember all the times that you squawk.
Yes. Squawk squawk. If I remember that, I wouldn't be able to remember anything else, I think. Exactly. No. I think that goes in one ear and right out the other. Yeah. That's best. That's best for everyone. Well, let's say shuttle, you can let me know, but glad glad you liked it.
Turkey
sends 500 sets. No message.

(42:01):
Riven Stokes or Reeve and Stokes.
I have worked in a south and north country, and I can confirm that the superior efficiency is honestly not there,
at least on my industry.
Good pod, though. Thought I was hearing a BBC propaganda
for a moment.
Oh, thank you, mate.

(42:22):
User
+1
497-2034
sends 500 sats, no message,
and pies with a 100 sats says thank you, gentlemen.
Thank you, pies. Thank you to everyone who's boosted.
Thank you to everyone who sent in XMR chats. As I said, we can't access them, but we will cover them on the next episode.

(42:44):
And
that means today is a bit of a shorter one. I don't think we've got anything else to cover unless you do, sir. No. No. Sure and sweet. Okay. Very nice.
We'll catch up on
fried are you back on Friday for Freedom Tech Friday? I am. Yes.
Nice. Okay. So the whole gang will be together because

(43:04):
yeah. I love how we launched it, like and then with two of the first four weeks,
two and I out, basically.
Yeah. I'd like to just pat myself on the back and just say,
come on. At least I was consistent there. At least I was there.
He he may squawk,
but he'll always be squawking whether you want him to or not.
He may squawk and you might not hear the squawking because you might have so many technical issues that you can't even actually hear the stream, but at least he's trying.

(43:33):
It's the thought that counts. Yeah. Well, we'll catch up on Friday.
This won't be out
for a week. But, yeah, good to chat to you, mate, and I'll speak to you on Friday. Absolutely. Have a good one. You have a good week.
Thanks for listening, and a huge thank you to everyone who's been sharing Ungovernable Misfits with their friends and family,

(43:56):
boosting the shows, sending in XMR chats or questions.
All of this really helps us grow and we really do appreciate it. I also wanna say a huge thank you to our sponsors,
Foundation,
k Wallet, and our new sponsor,
MyInbox.
MyInbox
offers virtual private servers,

(44:17):
domain registration,
web hosting, email hosting,
dedicated servers,
help you run nodes for Bitcoin or Monero,
and you can pay for all of their services
completely privately
with no details,
and you can pay in Bitcoin,
Monero,
or I think pretty much any other cryptocurrency

(44:39):
if you wanted to. Just get in touch with them. Go to mynimbox.io.
And if you have any questions, you can reach out to me or them, and we'll have someone on very soon to answer any of your questions.
Go to
mynimbox.i0
for any of your hosting needs,

(45:01):
and go to foundation.xyz
if you want hardware
that isn't shitty,
that's designed beautifully, that's
fully open source, that has a proper team behind it, where you can actually store
your Monero,
not on a ledger, but on a proper, well built,

(45:21):
beautifully designed device.
Foundation.
Xyz,
and use the code Ungovernable
for a discount.
And finally, before you go,
if you aren't already using Cake Wallet and you're in the Monero world and listening to this episode,
what the fuck are you doing?
Go and check them out.

(45:42):
Cakewallet.com.
They have over half a million users. You can use this wallet on pretty much, I think, any device,
whether it's Mac, Windows, Linux,
iPhone, Android. You can download the APK.
You can do swaps.
You can buy gift cards.
You can buy Visa cards. You can actually live on your cryptocurrency.

(46:06):
And if you use this and you have any questions,
you can reach out to me and Seth on each Monero monthly and banter us.
I've known Seth for a few years now, and I know he does everything that he can to keep users safe, secure, and private.
I love using K Wallet, and they look awesome after their rebrand.

(46:26):
As always, if you have any questions, please do reach out, and we'll catch you on the next one. Stay ungovernable.

All Episodes

Monero Under Attack | MONERO MONTHLY 08

Episode Transcript

Popular Podcasts

24/7 News: The Latest

Crime Junkie

The Clay Travis and Buck Sexton Show

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}Monero Under Attack | MONERO MONTHLY 08