--- Log opened Mon Sep 14 00:00:18 2020 00:17 -!- jonatack [~jon@109.232.227.133] has joined #joinmarket 00:17 -!- jonatack [~jon@109.232.227.133] has quit [Client Quit] 00:18 -!- jonatack [~jon@109.232.227.133] has joined #joinmarket 00:26 -!- tlo1337 [~tlo1337@2605:b100:e005:6b:ee0d:d1dc:54ae:dbb1] has quit [Ping timeout: 244 seconds] 02:06 -!- Evanito [~Evanito@cpe-76-87-174-228.socal.res.rr.com] has quit [Read error: Connection reset by peer] 02:45 -!- ghost43 [~daer@gateway/tor-sasl/daer] has quit [Quit: Leaving] 02:46 -!- ghost43 [~daer@gateway/tor-sasl/daer] has joined #joinmarket 02:51 -!- jonatack [~jon@109.232.227.133] has quit [Ping timeout: 256 seconds] 02:55 -!- waxwing__ [~waxwing@81-178-157-31.dsl.pipex.com] has joined #joinmarket 02:57 -!- waxwing_ [~waxwing@92.40.182.74.threembb.co.uk] has quit [Ping timeout: 240 seconds] 03:19 -!- Kasey14Bashirian [~Kasey14Ba@static.57.1.216.95.clients.your-server.de] has joined #joinmarket 03:28 -!- jonatack [~jon@37.164.23.29] has joined #joinmarket 04:14 -!- vrana [~mvranic@gateway/tor-sasl/vrana] has quit [Remote host closed the connection] 04:20 -!- vrana [~mvranic@gateway/tor-sasl/vrana] has joined #joinmarket 04:38 -!- rdymac [uid31665@gateway/web/irccloud.com/x-phocmcdvtzwijjdu] has joined #joinmarket 04:43 -!- jonatack [~jon@37.164.23.29] has quit [Ping timeout: 260 seconds] 04:56 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has joined #joinmarket 05:59 -!- waxwing__ is now known as waxwing 05:59 -!- waxwing [~waxwing@81-178-157-31.dsl.pipex.com] has quit [Changing host] 05:59 -!- waxwing [~waxwing@unaffiliated/waxwing] has joined #joinmarket 06:00 < waxwing> dave_uy, also if it's the test pit on darkscience, i'm currently seeing swreloffer not sw0reloffer from my log 07:01 < waxwing> it seems that the user runnng the hidden service has to be part of the `debian-tor` group in order to start the HS. That seems a bit shitty. 07:01 < waxwing> Or is that only if you use cookie authentication. is there another way i wonder. 07:01 < waxwing> i kind of hate telling users that not only do they need to edit the tor config file, they also need to add their user to another group, *and* restart the server/computer. 07:01 < waxwing> i mean it's a once-only thing but all the same. yuck. 07:05 -!- belcher_ [~belcher@unaffiliated/belcher] has joined #joinmarket 07:07 < waxwing> emzy, ping ^ do you have any thoughts or corrections on that? 07:08 -!- belcher [~belcher@unaffiliated/belcher] has quit [Ping timeout: 244 seconds] 07:46 < ongo> is it a good idea to run JoinMarket on Tor? 07:50 -!- Kasey14Bashirian [~Kasey14Ba@static.57.1.216.95.clients.your-server.de] has quit [Ping timeout: 264 seconds] 08:01 < waxwing> ongo, there's different aspects, it's logical/sensible to connect to the IRC servers over their hidden services. 08:01 < waxwing> it's also nice to have your bitcoin core be configured for Tor, but there's a question about whether it should be only Tor, (onlynet=onion isn't it?), i'll let the experts advise on that 08:02 -!- Evanito [~Evanito@cpe-76-87-174-228.socal.res.rr.com] has joined #joinmarket 08:11 < ongo> I have onlynet set already 08:11 < ongo> is it adviseable to run Joinmarket and core on the same machine, both over Tor? 08:41 < belcher_> if you run core over tor then it becomes a bit harder for your ISP to tell you're using bitcoin 08:41 < belcher_> so in certain threat models that is useful 08:41 < belcher_> however bitcoin has a easily-visible traffic signature, so bitcoin-over-tor can still be found... probably for max privacy you'd use blockstream satellite because its receive-only 08:42 < belcher_> joinmarket over tor is definitely a good idea 08:45 < ongo> belcher_: what about running jm and core on hte same machine on tor? Does it change anything privacy wise? 08:53 < belcher_> i dont think so 08:53 < belcher_> because they'd both use different tor circuits 09:00 -!- Dean_Guss [~dean@gateway/tor-sasl/deanguss] has joined #joinmarket 09:15 -!- asy [~asymptoti@gateway/tor-sasl/asymptotically] has joined #joinmarket 09:26 < emzy> waxwing: I think the question was. Do you need to be in the debain-tor group to use a hidden service. The answer will be no. 09:27 < emzy> Not sure I get the question right. 09:31 < waxwing> emzy, if you use cookieauthentication then it won't allow access to reading the file (control.authcookie) 09:31 < waxwing> 'is there another way' was my way of asking 'should i do something different than enable the controlport and then enable cookie authentication in the config file torrc?' 09:32 < waxwing> because that works but it requires read access to /var/run/tor/control.authcookie .. at least it does on Ubuntu 09:32 < belcher_> how does bitcoin core automatically create hidden services without the user needing to add groups? 09:32 < waxwing> right good question but i'm not making a persistent hidden service with its own directory, maybe there's a difference there? 09:33 < waxwing> or no more likely it's to do with cookie authentication .. hmm i'm not sure now 09:34 < emzy> I think cookie authentication is optional. 09:35 < waxwing> i see, but is there an issue with not using any authentication? the comments seemed to suggest you should 09:37 < emzy> I think you sould use it, because otherwise all that can access the port on localhost have full control over tor. 09:38 < emzy> But it is enough to have a copy of the control.authcookie 09:39 < waxwing> to copy it you have to read it though .. seems like there'll be an extra step anyway. but .. yeah that would be better to not mess around with user groups. 09:41 < emzy> giving the user the additional group feels cleaner to me. 09:42 < waxwing> yeah i don't know. i mean, right now, i am using the python package txtorcon and it "just works" as long as this authentication part is sorted out. i wouldn't want to have to modify those functions. 09:43 < waxwing> i put it in the documentation in the PR here: https://github.com/JoinMarket-Org/joinmarket-clientserver/blob/73c38c4f5ff40b19b616aeb36558e8a4d65bfe82/docs/PAYJOIN.md#configuring-tor-to-setup-a-hidden-service 09:44 < emzy> It's a one line command "sudo usermod -a -G debian-tor username" 09:44 < emzy> ok already there :) 09:44 < waxwing> it's not quite though - you have to restart 09:46 < emzy> not necessary. You need a new shell. 09:46 < waxwing> that's what i thought but .. it didn't seem to be the case. 09:46 < emzy> for example logout of ssh and relogin is enoug. 09:46 < waxwing> also online searches revealed the same. maybe i missed something. 09:46 < emzy> forking a new shell is not enough. 09:47 < waxwing> well, anyway, let them restart, it's good for the soul :) 09:48 < emzy> you need a new "login shell" 09:49 < emzy> the internet says "exec su - " is a good option. 09:51 < waxwing> emzy, oh interesting. i wonder if just logout/login on the desktop would do? i can experiment a bit. but it isn't the most important thing to me. 09:51 < emzy> yes will do. 09:51 < waxwing> my only real concern right now is if i tell people to add the user to debian-tor and that is something that people *shouldn't* do. 09:52 < waxwing> i feel like even if it's the easiest way, it probably isn't the correct way. 09:53 < emzy> no that is the normal way. Same for sudo access or on the old times modem access. 09:53 < waxwing> ok 09:53 < emzy> s/on/in/ 09:55 < emzy> using old unix ways. With ACL you can give a list of users access to a file, without groups. 09:57 < waxwing> belcher_, according to section 3 here: https://github.com/bitcoin/bitcoin/blob/6ea73481222e9365f47492ef1be9b4870f70428b/doc/tor.md#3-automatically-listen-on-tor 09:57 < waxwing> it's basically the same thing; "Connecting to Tor's control socket API requires one of two authentication methods to be configured. It also requires the control socket to be enabled, e.g. put ControlPort 9051 in torrc config file. For cookie authentication the user running bitcoind must have read access to the CookieAuthFile specified in Tor configuration." 09:58 < waxwing> and that section 3 is for ephemeral while section 2 is for persistent. i think i have the version in section 2 on my node. 09:58 < emzy> setfacl -m u:USERNAME:r /var/run/tor/control.authcookie 09:59 < emzy> that's a modern alternativ. untested. 09:59 -!- DeanWeen [~dean@gateway/tor-sasl/deanguss] has joined #joinmarket 10:00 -!- Dean_Guss [~dean@gateway/tor-sasl/deanguss] has quit [Remote host closed the connection] 10:00 < emzy> Normaly every linux suld now have a filesystem that supports it. 10:42 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has quit [Remote host closed the connection] 10:53 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has joined #joinmarket 12:23 -!- waxwing_ [~waxwing@92.40.183.39.threembb.co.uk] has joined #joinmarket 12:25 -!- waxwing [~waxwing@unaffiliated/waxwing] has quit [Ping timeout: 240 seconds] 15:07 -!- asy [~asymptoti@gateway/tor-sasl/asymptotically] has quit [Quit: Leaving] 15:11 -!- coconutanna [~coconutan@gateway/tor-sasl/coconutanna] has quit [Ping timeout: 240 seconds] 15:11 -!- coconutanna- [~coconutan@gateway/tor-sasl/coconutanna] has joined #joinmarket 17:32 -!- waxwing__ [~waxwing@81-178-157-31.dsl.pipex.com] has joined #joinmarket 17:35 -!- waxwing_ [~waxwing@92.40.183.39.threembb.co.uk] has quit [Ping timeout: 264 seconds] 17:57 -!- DSRelBot [~DSRelBot@p5486686d.dip0.t-ipconnect.de] has quit [Ping timeout: 260 seconds] 17:58 -!- HackRelay [~jmrelayha@p5486686d.dip0.t-ipconnect.de] has quit [Ping timeout: 244 seconds] 18:09 -!- DSRelBot [~DSRelBot@p5486692d.dip0.t-ipconnect.de] has joined #joinmarket 18:12 < grubles> huh TIL about gettimelockaddress 18:12 -!- HackRelay [~jmrelayha@p5486692d.dip0.t-ipconnect.de] has joined #joinmarket 18:13 < grubles> oh that's for fidelity bond wallets only? 21:31 -!- tomo_ [tomo@ctrl-c.club] has joined #joinmarket 23:20 < belcher_> grubles yep 23:31 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has quit [Ping timeout: 240 seconds] 23:40 -!- belcher_ [~belcher@unaffiliated/belcher] has quit [Ping timeout: 244 seconds] 23:53 -!- belcher_ [~belcher@unaffiliated/belcher] has joined #joinmarket --- Log closed Tue Sep 15 00:00:19 2020