Actions

Monero (XMR): A Reasonably Private Digital Currency

From Whonix



Monero
Monero Logo

What is Monero?[edit]

Monero is a private-centric cryptocurrency launched in 2014 to allow direct and anonymous digital payments without being dependent on a central authority.

Installation[edit]

Info If you are a user of Debian (or Kicksecure) you should not follow the instructions on this page. Debian (based) users (non-Whonix) should use the Monero GUI Debian Package instructions [archive] instead. [1]

Monero GUI (graphical user interface) and Monero CLI (command line interface) is installed by default in Whonix ™. The monero-gui package [archive] is installed by default. No manual installation required. This goes for Monero programs, monero-wallet-gui, monero-wallet-cli, monerod and less frequently used utilities; see footnote. [2]

Apart from these hints, installation and usage of Monero in Whonix ™ does not differ from installing Monero on any Linux based distribution.

Advanced Qubes users could look into CLI Wallet/Daemon Isolation with Qubes + Whonix ™ [archive] [3]

Version Numbers[edit]

The monero-gui package [archive] is maintained similar to Debian stable frozen packages. monero-gui package updates will only include updates which are major releases or releases that fix security or network issues. [4] This is to reduce the maintenance load of the package maintainer.

Should the user wish to use a newer version of Monero than available in the package, it is possible to uninstall the monero-gui package. (Uninstallation is optional if Monero is manually installed in home folder. [5]) Since Whonix ™ is based on Debian, the user can optionally install Monero using the usual instructions from the Monero website. Recommendations from the safely installing software wiki page such as Verifying Software Signatures applies. See also Install Newer Software Versions.

Monero Operations[edit]

Start Monero GUI[edit]

Open a terminal.

If you are using Qubes-Whonix ™, complete the following steps.

Qubes App Launcher (blue/grey "Q")Whonix-Workstation ™ AppVM (commonly named anon-whonix)Xfce Terminal

If you are using a graphical Whonix with XFCE, run.

Start MenuXfce Terminal

monero-wallet-gui

For detailed instructions on how to use Monero, please refer to the official Monero documentation [archive].

Figure: Monero GUI in Whonix ™

Monerogui.png

Start Monero CLI[edit]

Alternatively, you could also use Monero on the command line.

monero-wallet-cli

Remote Node Security and Privacy Considerations[edit]

Using a remote node provides a quick way to set up your Monero wallet. You will not have to download the entire blockchain.

It is important to note that the remote node:

  • cannot spend your XMR (you hold the keys);
  • does not know your IP address (we are connecting to it over Tor);
  • does not know your XMR address; and
  • does not know your balance or private view key.

However, using a remote node is not without risk. To learn more about the possible attacks, see: https://moneroworld.com/ [archive]

In general, if the wallet warns you about the node misbehaving, then immediately exit the wallet and connect to a different node.

Stream Isolation[edit]

Info Advanced users only!

Stream Isolation for Monero has not yet been considered. Refer to the Stream Isolation page and search for torsocks IsolatePID 1.

To enforce stream isolation, you could experiment with the following commands.

When using Monero from monero-gui pacakge you can use the following command below as is. Otherwise replace monerod, monero-wallet-gui, monero-wallet-cli with the actual path to monerod, for example /home/user/monero-gui/monerod or ./monerod.

DNS_PUBLIC=tcp TORSOCKS_ALLOW_INBOUND=1 torsocks monerod --p2p-bind-ip 127.0.0.1 --no-igd --hide-my-port

torsocks monero-wallet-gui

torsocks monero-wallet-cli

For more inspiration, refer to the related forum discussion: Monero in Whonix ™ with torsocks for better stream isolation [archive].

Uninstallation[edit]

To avoid any issues with Whonix ™ meta package removal, first install the dummy-dependency package.

Install dummy-dependency.

1. Update the package lists.

sudo apt-get update

2. Upgrade the system.

sudo apt-get dist-upgrade

3. Install the dummy-dependency package.

Using apt-get command line parameter --no-install-recommends is in most cases optional.

sudo apt-get install --no-install-recommends dummy-dependency

The procedure of installing dummy-dependency is complete.

Remove the monero-gui package.

sudo apt purge monero-gui

Done, removal of the monero-gui package is complete.

Forum Discussion[edit]

Donations[edit]

After installing Monero, please consider making a donation to Whonix ™ to help keep it running for many years to come.

Monero accepted here Donate Monero (XMR) to Whonix ™.

49sP9cMQ5jvhzKW477TH6NJJ2z3pqD8pYRqCyCAqN1Y7QYQMxKf7SPq356BBiNcRwzagpcjqkK66LG4wwr37YjSS3kY3x5P

Monero donate Whonix.png

See Also[edit]

It is recommended to read the Money wiki page as it contains a lot of related information on how to make anonymous payments.

Credits[edit]

Gratitude is expressed to the donors of Monero who funded the proposal Monero Debian Package Repository for 2 years [archive], to @rehrar [archive] for helping the creator of the package (Whonix developer Patrick Schleizer) with writing the proposal, everyone else who supported the proposal, and the community of Monero developers and users at large for creating Monero. [6]

Major updates will be posted here: https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/130 [archive]

Development blog: https://forums.whonix.org/t/monero-and-whonix-sitting-in-a-tree/5949 [archive]

Appendix[edit]

Monero Architecture[edit]

Monero works by having contributors host large files which are equivalent to a public ledger. Any time someone broadcasts a transaction, every ledger maintainer updates their copy of the ledger and ensures no cheating or fraud has occurred. As with most cryptocurrencies, transactions are sent to Public Addresses which are derived from personally created private keys.

Since transactions could otherwise be traced by watching which addresses are sending to each-other, Monero uses a Diffie-Hellman key exchange using the transaction information on the sender's side and the public address on the receiver's end of a transaction to encrypt the recipients address on the ledger. To protect the sender, spending Monero is equivalent to forwarding the output of the previous transaction, so a users address is never stored on the ledger at all - this technique is called Stealth Addressing.

Since this solution is imperfect, and allows EABE attacks and is dependent on ECC for the key exchange, Monero uses a second layer of anonymity called Ring Signatures. When signing a transaction and broadcasting it to the network, Ring Signatures take signers from previous transactions and forge a new signature with Ring Size = N, where you cannot tell which entity in the group N actually authorized a transaction. This further obfuscates the blockchain and reduces the available attack vectors on the cryptocurrency as a whole, as well as introduces several zero knowledge proofs which prevent absolute analysis of the ledger.

Ring Signatures combined with Stealth Addressing prevent many attack vectors, but since new transactions are forwarded outputs from previous ones you can still perform analysis by viewing the amounts spent on-chain. To address this potential issue, a solution called RingCT was introduced which obfuscates the amount spent in a transaction.

Further attack vectors including cross-referencing an address posted in multiple places and IP leaks when connecting to the network are further developments sought out by the Monero community. These potential issues are addressed with Subaddresses and Kovri respectively.

Footnotes[edit]

The former Manual Monero Instructions have been archived for historic reasons.

    • monero-blockchain-ancestry
    • monero-blockchain-usage
    • monero-blockchain-mark-spent-outputs
    • monero-blockchain-export
    • monero-blockchain-import
    • monero-wallet-gui
    • monero-blockchain-depth
    • monero-blockchain-prune
    • monero-wallet-cli
    • monerod
    • monero-blockchain-stats
    • monero-blockchain-prune-known-spent-data
    • monero-gen-ssl-cert
    • monero-wallet-rpc
    • monero-gen-trusted-multisig
    The list is also here: https://gitlab.com/Whonix/monero-gui/tree/master/usr/bin [archive]
  1. qubes-users - Guide: Monero wallet/daemon isolation w/qubes+whonix [archive]
  2. Such as fixes required if the Monero network is under denial of service (DOS) attacks.
  3. A manually installed Monero won't interfere with the monero-gui package. That is, unless the user installs Monero to folder /usr/bin. (Files in that folder would be replaced when the monero-gui package gets updated. However, the Monero start menu entry might be confusing since the start menu entry would start Monero from the monero-gui package (from folder /usr/bin), and not the manually installed Monero.


text=Jobs in USA
Jobs in USA


Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki


Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Share: Twitter | Facebook

Love Whonix ™ and want to help spread the word? You can start by telling your friends or posting news about Whonix ™ on your website, blog or social media.

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.