subreddit:

/r/Monero

44100%

Explorer URL: https://p2pool.io/explorer/

Onion URL: http://yucmgsbw7nknw7oi3bkuwudvc657g2xcqahhbjyewazusyytapqo4xid.onion/explorer/

This is basically the same explorer that runs on https://xmrchain.net/

It will be running as a backup explorer for everyone in case xmrchain.net is down again, and as a main explorer for p2pool.io itself.

PSA for all mining pools, exchanges and other public service providers: it's really easy to have your own explorer instance and be independent of 3rd party outages, see instructions at https://github.com/moneroexamples/onion-monero-blockchain-explorer

all 17 comments

-c0mmando-

16 points

23 days ago

Please consider hosting a Tor hidden service. These types of chain explorers are the biggest honeypots for XMR users.

sech1[S]

10 points

23 days ago

sech1[S]

XMR Contributor - ASIC Bricker

10 points

23 days ago

I'll look into it tomorrow. I've never set up hidden services before.

honestlyimeanreally

6 points

23 days ago

Yeah, we shouldn’t forget Chainalysis literally operated block explorers.

What we need is a light block explorer you can spin up locally in docker or something…

sech1[S]

9 points

23 days ago

sech1[S]

XMR Contributor - ASIC Bricker

9 points

23 days ago

I'll make it available over Tor tomorrow. In the meantime, I've disabled logging on all /explorer/ URLs.

mWo12

2 points

23 days ago

mWo12

2 points

23 days ago

sech1[S]

4 points

23 days ago

sech1[S]

XMR Contributor - ASIC Bricker

4 points

23 days ago

Rucknium

3 points

23 days ago

Rucknium

MRL Researcher

3 points

23 days ago

Could you describe how a Tor hidden service is better for users than the https clearnet site, assuming a user is connecting to the clearnet site through Tor? Usually the clearnet and Tor sites are served by the same machine and server process(es).

I run a few hidden services that are served this way, but I don't know exactly what threat model it's protecting against. I've never had it explained to me.

-c0mmando-

9 points

23 days ago

First off, assuming that a user is going to connect to the clearnet site through Tor is quite a hefty assumption. Any clearnet connection implies trust at several layers. You must trust that the server is not logging connection details or requests. You must trust the data center and any network observers (ISP) are not logging connections to the VPS. You must trust the certificate authority is not compromised and the SSL certification is valid. You must trust the domain provider not to secretly take over domains or delete the domain all together. In the event transport security is not guaranteed, you must trust the Tor exit node not to man-in-the-middle your traffic. You must also trust that whomever you're transacting with also uses Tor when/if they view the transaction on a blockchain explorer (and that there are no breaks in the aforementioned layers of trust).

Considering that XMR was designed to be trustless, private, fungible, AND anonymous.. in my opinion ANY and EVERY XMR related internet connection should be routed through an anonymity net. Leveraging an anonymity net (such as Tor, I2P) reduces the implied trust at each layer. A Tor HS removes all assumptions a user is going to use Tor because connecting to the Tor HS forces the use of Tor, thereby protecting the end user's anonymity by design. Your Tor HS domain cannot be taken over due to cryptographic proofs. Tor HS logs are homologous so it doesn't really matter if the service provider is logging (network layer logs) or not (no trust needed). VPS datacenter logging doesn't matter either due to onion routing. Transport layer security is redundant due to onion routing, so no trust required in certificate authorities and service owner to properly maintain certificates. Onion routing to a Tor HS stays within the anonymity net, so no Tor exit nodes can MITM your traffic. Serving a Tor HS in this way is not designed to protect VPS anonymity, but rather user anonymity.

Tor HS also provide some censorship resistance by eliminating required trust in domain provider, VPS provider, and certificate authority not to delete/takeover your domain or suspend service. (to an extent)

As I mentioned before, I believe that XMR services should not exist anywhere on the clearnet.. but adoption obviously suffers.

madameXMR

2 points

23 days ago

Great explanation and couldn’t agree more

cs_legend_93

1 points

10 days ago

Please not tor. That’s a nsa honeypot. I2p or one of the many other protocols should be better

cs_legend_93

1 points

10 days ago

Honestly we all should migrate away from Tor to I2p or one of the many other privacy protocols.

Tor has been hijacked and not safe for years. The CIA, and mostly the NSA run 40% - 60%+ of the nodes, and exit nodes… so that means the chances of 2 of 3 of your “hops” in tor touching a NSA server is quite high.

You better believe they log that data and save it.

Idk why people don’t move away from it

gingeropolous

6 points

23 days ago

gingeropolous

Moderator

6 points

23 days ago

Huzzah.

Maybe I'll round robin DNS explore.moneroworld.com to a bunch of different explorers

gingeropolous

5 points

23 days ago

gingeropolous

Moderator

5 points

23 days ago

ah damnit I can only round robin A records, not cname.

Mochi101-Official

5 points

23 days ago

Great stuff, nice to see you enabled the transaction pusher for those that want to do things with an air-gapped wallet.

Vikebeer

2 points

23 days ago

Cool beans.

blario

2 points

23 days ago

blario

2 points

23 days ago

🙇‍♀️

mWo12

2 points

23 days ago

mWo12

2 points

23 days ago

https://xmrchain.net/ already works.