this post was submitted on 02 Nov 2023
53 points (96.5% liked)

Monero

1583 readers
38 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
admin@monero.town
53
Almost entire balance (2675 XMR) of Community Crowdfunding System (CCS) Monero wallet has been stolen (github.com)
submitted 10 months ago by Rucknium@monero.town to c/monero@monero.town
29 comments fedilink hide all child comments
 

Timeline of events

In the last Monero General Fund transparency report in March 2023, the General Fund held 8452 XMR. As far as we know, this separate wallet is safe and unaffected. It would be possible to pay people with active CCS proposal from the General Fund, but nothing has been decided.

you are viewing a single comment's thread
view the rest of the comments
[–] Saki@monero.town 5 points 10 months ago (2 children)

Is multisig such far from being practical yet? Does that also mean Bisq-like platform (Haveno) is still far from being practical?

A Monero user tends to proudly think that Monero is good, rather philosophical, being actually used for good reasons, and community-based… but it’s been hacked… I guess people will laugh now. Everyone can draw a lesson from this, though…

@UncleIroh@merovingian.club While “Windows 10” is obviously alarming, this doesn’t seem as simple like that, like pointed out in the linked thread. Maybe password-based (not key file) SSH was the problem? Btw that “someone” is hinto-janai, the person providing gupax among other things!

[–] ErC@lemmy.cryptoriot.org 4 points 10 months ago (1 children)

Is multisig such far from being practical yet?

It is not. See this comment of mine on reddit and fluffypony's answer: https://old.reddit.com/r/Monero/comments/17m6w9e/psa_ccs_wallet_incident/k7mj2he/

[–] Saki@monero.town 2 points 10 months ago

Thank you very much. You pointed out there: "Nobody really used it, so it ended up being unstable and full of problems" and there was a reply, saying you “can't really force anybody to use something”.

I’d like to add another point of view. With reliably working multisig, we can have our own Bisq-esque DEX (at least in principle), and many people would love to use it, once it’s really available, right? For example, one might be able to sell and buy XMR in a safe and reliable way. Or eventually, though this might sound like a pipe dream but at least in theory, we might have a P2P proxy-store, where basically anyone can offer doing any shopping they can do for you. Just like on Bisq, both send securities first to discourage any cheats. When the seller ships whatever you’re buying, they “confirm” (or sign). When you receives it and everything is fine, you confirm too. Then, and only then, your security will be back and the seller will receive the locked xmr you initially deposit, and everyone will be happy. Multisig seems necessary (if not sufficient) for this to work.

we had become complacent because everything had "worked just fine" for so long.

This comment of fluffyponyza is also understandable. Generally, a programmer doesn’t want to change things when it’s working fine. “If it ain’t broke, don’t fix it.” In this case, something was (easy to) broken, though. Hindsight is 20/20.

Given that multisig is already available (just not yet well-tested), let’s stop joking like “We should keep our Monero in some other coin,” and try to think a bit more positively. At the very least it has been clearly demonstrated that Monero is so private that even core developers can’t trace it…

Troddit version links (a Tor-friendly instance) https://troddit.esmailelbob.xyz/r/Monero/comments/17m6w9e/psa_ccs_wallet_incident/k7mj2he - Onion -> http://troddit.esmail5pdn24shtvieloeedh7ehz3nrwcdivnfhfcedl7gf4kwddhkqd.onion/r/Monero/comments/17m6w9e/psa_ccs_wallet_incident/k7mj2he

[–] jet@hackertalks.com 3 points 10 months ago (2 children)

Yeah. Two different people had the secret keys for the same wallet. One of them kept them in an air gapped computer. The other person kept them online in a computer accessible via SSH.

Even assuming these two trusted individuals we're not directly involved, having an always online computer with a half a million US dollars on it is a big risk.

I'm in no way trying to second guess the tragedy here. I'm just speaking for people who might have a similar problem on going in the future.

For a shared wallet, something like paperback, using Shamir's secret sharing distributed amongst trusted parties. Could be good. It would require multiple parties to conclude to unlock the key.

https://github.com/cyphar/paperback

The offline wallet signing is really cumbersome, but it is something to use when we're talking about huge amounts of money. https://monerodocs.org/cold-storage/offline-transaction-signing/

I remember reading about air gapped QR wallet signing. https://github.com/nasaWelder/lunlumo which is interesting, but I thought there was something more polished available. Anyway a program that allowed you to easily sign transactions from an air-gapped computer, could be interesting for these trust problems.

So honestly multi-signature transactions are probably the right way to go. It increases the difficulty of hacking the computers to hacking multiple computers

[–] Saki@monero.town 4 points 10 months ago

In hindsight, maybe something very simple—using Feather on Tails, and this USB stick is only physically connected when necessary—could have prevented this from happening. Maybe.

[–] jet@hackertalks.com 1 points 10 months ago (1 children)

I think anonero has something like this, but they don't have a clearnet url to link to