Breaking Monero Episode 13: Blockchain Explorer OpSec

This is a transcript of Breaking Monero Episode 13: Blockchain Explorer OpSec

Published under CC-BY RyoRU

Justin [00:00:00] Hello and welcome back to another episode of Breaking Monero. We have a really quick episode for you today on basics of blockchain explore opsec. So we talked about remote nodes in Episode 7 and some of the considerations you should have when using remote nodes. But a lot of people forget about their network connection when they’re using block explorer. So when they’re looking up to see if a transaction they made was sent or confirmed by the rest of the network they often will just do it without really considering what the impacts of those are. So today again you have me Justin you have Sarang on today to quickly remind you of some of the network limitations you have when talking to these block explorers. So I’m going to share my screen just to show you going to some of these explorers. So let’s say for example I am on Xmrchain which is one of the most common monero blockchain explorers. It doesn’t look pretty but it has all the nice info you want in there. If I would put information in about you know five of my random transactions here and search for them and go through them there is a good chance that since I’m looking up information about this transaction that I have some connection with it. Now of course in this case it was literally just the first one that appeared and I don’t have any connection with it. But if you were going through and doing this by yourself especially if you were searching for transactions especially if you’re searching for let’s say five of your own transactions over a certain time period that this Web site has is able to make a pretty strong association between these. So first this Web site gets my IP address and this Web site also knows that this specific IP address looked up these transactions over this time window. So they have a pretty good idea compared to anyone else in the network that I’m connected to these outputs. Similarly there are a nice front end for xmrchain that like explorer of monero where they have options where you can easily verify your transactions. You can say I sent monero and fill in the details here or you can say I received Monero and fill in the details here. And this is really usable and it’s really nice from that perspective. But just understand that if you say that you received Monero and fill in the details of receiving monero this Web site is going to strongly assume that your that you are associated with this transaction you put in here. So it will be able to associate with your IP and with the same IP address you’re going to request this several times let’s say again for five different transactions. If there’s a good chance that explorer of monero is going to assume that you are associated with all five of those transactions. So. This is basically a reminder of just simply stating that when you use block chain explores that you’re revealing a lot of this information and a lot of people in their haste to learn information about their transactions often forget about this as they’re looking about. So I’m going to toss it back to Sarang break and talk about what really you can do if you need sort of the information from a block explorer but don’t want to leak this information or want to use a block explorer in a way that better protection network metadata.

Sarang [00:03:11] Sure. I mean just to start with you know we’re not saying that these particular examples of block explores that we’re showing you actually do track or otherwise attempts to go out of the way to log this information. You know it’s just a reminder that anything you do on the Internet the receiving server knows your IP whether or not it’s actually your IP or whether you’re routing it through something else. And they know the details of the query you made. And this is no exception but of course a lot of folks who use monero attempts to do so privately. So it’s important keep that in mind some things you can do of course you can use Tor for example. You know it’s a rugged traffic elsewhere so your personal IP is not known to the receiving server if you use a VPN that you trust you can make a particular query you know using the VPN at that point of course you’re basically like offloading the trust of knowing your IP address and some information about the query to your right to your VPN provider. So it depends on your trust relationship with them. But as Justin was saying even using some of those solutions for example if I run through a VPN for example and I go on xmrchain.net or some other kind of blockexplorer and I make queries about five or 10 different transactions if that all happens in quick succession and you know the IP that they see for that is the exact same the person or entity running that block explorer might make an association between those transactions even if they don’t have particular information that would necessarily link it back to me individually since I’m running my traffic. And again I have no indication these sites actually do this but it’s important keep in mind that they could do that. So if you do want to do multiple queries you know one thing you could do is try to use different browser sessions from different IP routings if possible again depending on your situation and your particular network setup which would kind of reduce the amount of information that they’re receiving server would be able to get the best solution of course. You know as many things is to run your own node locally. So if you run your own node locally you have the entire synced blockchain and get new blocks and transactions as they come in and you can simply query locally and if you trust your own node in your own computer that you’re running to help you do then you’re going to be OK you’re not leaking that kind of information out. And it’s also worth noting that even if you don’t necessarily want to use a particular command line solutions or a particular local wallets that are running alongside your own node and the source code for many of these block explorers is available and on and typically open source. So you can always run your own locally web based block explorer that connects to and queries information from your own node. So if you like a particular kind of explorer and their source code is available you can always run it on your own node and get the same front end functionality you’re used to. But without leaving that information elsewhere.

Justin [00:06:06] All right thanks Sarang. This is basically just a nice reminder for you that blockchain and explorers are no exception when you are a leaky network meditated others and so we just wanted to have this really nice quick episode with you all to share this information with you. If your threat model covers these sort of situations you probably should be doing some local bearing rather than relying on someone else to do the query for you. All right. That’s all that’s Sarang and I have for you today. Thanks for watching this episode of Breaking Monero. Take care.