Just curious as to the reason

  1. “Shitcoin” is not a reason
  2. Valid criticisms are

Shitcoin is a reason.

It's centralized and not really different than any fiat money as a result. They can and do hard fork regularly and if you don't install the new software, you are out of the "real" consensus like any other shitcoin. The "real" consensus is centrally controlled, full stop.

Monero hardforks to improve privacy and make it even stronger as a Cryptographic currency

So, that’s your reasoning? You want it NOT to be hardforked because …?

Again, these kind of reasons make you sound like an NPC who heard one bad thing about it and just immediately made up his mind. 🙃

Frequent hard forks = central management. I don't want my money to hard fork frequently because I don't want to do code review all the time to ensure I still have exclusive control over my money. Hard forks are an opportunity to insert coin stealing malware into the latest software. The moment you "just trust the devs" not to do that is the moment you lose your financial sovereignty.

Also, I don't like the dev tax. It's cointillionaire-ism, unequal distribution of the flow from the money spigot, not to those who worked for it, but to those who control the spigot.

Also, I don't like the perpetual subsidy. It penalizes people who just want to save their money.

Also, I don't like the inability to audit the supply. If there is a bug that lets someone print monero for free, there is no way to tell if they used it.

1057 sats \ 3 replies \ @anarkio 1 Aug

There is no dev tax in Monero. Development is funded by voluntary donations (https://ccs.getmonero.org/).

Monero development is discussed publicly (https://matrix.to/#/#monero-dev:monero.social, https://matrix.to/#/#monero-community:monero.social) and anyone can contribute. Hard forks are discussed, planned and tested and notice is given months in advance. If you don't like a planned feature in the hard fork, you can openly discuss it in a monero-dev or monero-community meeting. Wallet updates are also released weeks in advance.

The 0.6 XMR/block tail emission trends toward 0% inflation over time (disinflationary). Right now the annual inflation is around 0.87%, which is currently less than Bitcoin and gold, and far less than fiat. The tail emission incentivizes miners (less risk of a fee market, considering that the Bitcoin block reward will drop below 1 BTC in 2032 and to 0.01 BTC in 2056) and means that it will always be possible to acquire Monero via CPU mining, which is an accessible KYC-free on-ramp (you just need a regular computer to mine Monero). The tail emission was included in the original Monero code from 2014 and became active this year. More details in this infographic: https://i.ibb.co/G9YM10T/Monero-Supply.png

Monero's supply is verified via range-proofs (cryptography that ensures that inputs - outputs = 0, without disclosing exact amounts). Nodes verify range-proofs for every transaction and will reject invalid TXs. Block rewards from mining are transparent and can be viewed on any block explorer. In addition, a developer is writing a script to externally audit the supply via Python: https://ccs.getmonero.org/proposals/monero-inflation-checker.html

The 0.6 XMR/block tail emission trends toward 0% inflation over time (disinflationary).

Question: How does this differ from Bitcoin's emission schedule in practice? After a long enough time, it would seem as though both Bitcoin's and Monero's block rewards trend towards zero in terms of value / purchasing power. So while Monero will still have tail emission in the year 3000, the value of the token will be dilluted so much that 0.6 XMR won't be worth much regardless.

By the year 3000, the total monero ever mined would be roughly 178 Million.

Ethereum is 100 million + at $4000+ and expected to increase without privacy

Other coins like BNB are at 200 million +

By the year 3000 we will either have a collapse of civilisation or be star faring, 100s of billions of humans.

Do some quick math. :)

Thank you for a detailed answer 🙃

Montero also hard forks to change their monetary policy. Centralized control is the flaw. Someone controls the monetary policy. This is not different in principle from central banks. Privacy for centralized control is a bad trade. The central controller can change things at any time and you have no recourse.

Monero does not hard-fork to change monetary supply, that is false and yet another piece of FUD (intentional or unintentional) that you want to spread while it is entirely false. The monetary supply is entirely untouchable via social consensus, exactly the same way as Bitcoin's money supply is untouchable.

The social consensus was for a tail emission from the earliest days of Monero, and it was added in shortly after launch once the exact parameters were decided by the community. It was in the original Bitcoin Talk OP and was always the plan.

After it's inclusion in early 2015 the supply has been entirely untouchable and cannot be changed. There is no "central controller" here, and no one person or entity controls Monero's monetary supply or consensus.

Glad you can't block me here so I can actually reply :)

That was my understanding as well.

It seems there are a few people who idolize Bitcoin so much that they forget that it is an EXPRESSION of Freedom from Central Control of Money.

And thus, refuse to see its shortcomings, a problem that XMR does not yet have.

And yes, free speech is not for the weak so glad that people have to either defend their reasoning or agree to disagree. :)

Hard forks don’t work if the community does not support it.

See Bitcoin Cash 🙃

It’s not centrally controlled if community does not support it.

So, you need to do more research. Maybe ask some Monero guys on the subreddit

Typcial altcoins defense. And exactly what would you do if some hard fork wasn't "supported by the community"? You then have to depend on a decentralized consensus that doesn't exist. It's a centrally controlled coin and a non community supported hard fork likely means it's death. You keep wanting to deny this, but this is Monero and every altcoin's flaw. You're centralized and you're one black swan from death.

Bitcoin Cash was a Hard Fork that wasn't supported by the community, did Bitcoin die?

You are too emotionally involved in dying on this unreasonable hill to think through. That's ok, no one is forcing you to use Monero.

It was a question and you're clearly not ready to answer it reasonably.

Have a good day! :)

Monero is not Bitcoin and the communities are not the same. Again, if the Monero developers did something against the community's wishes, you don't have a recourse. What are you going to do, trust some other group of people to hard fork regularly?

I've answered your question honestly as I could because clearly, you don't want to deal with Monero's biggest flaw which is that it's a centralized altcoin. Continuing to pretend that it somehow doesn't matter that it's centralized is disingenuous and your shilling of Monero here is making this place worse. There's someone in this conversation emotionally invested in a particular outcome and it ain't me.

An asinine reason that help no one, but it is easier for you to say that than to explain your reasons against something that you don't understand.

Monero has not hard-forked in almost 2y, and does not have scheduled or regular hard-forks, and hasn't for a very long time. These hard-forks are entirely community-driven and are agreed upon through social consensus, are non-contentious, and only touch parts of the protocol that the community desires to change (and fit the ethos and core social consensus of Monero from the beginning).

All planning, decisions, and code for hard-forks is done publicly with plenty of chances, platforms, and ways for anyone in the community who wants to to get involve, have a say, PR code, or push back on specific changes.

For anyone who wants to see the lack of knowledge here by @jimmysong and his unwillingness to discuss Monero properly or learn how it actually works, you can see my point-by-point rebuttal of his remarks on WBD here:

https://nitter.sethforprivacy.com/sethforprivacy/status/1514372798113886210

'Non-contentious' is a scale. If one person has concerns about it, it could be considered contentious. This person may not make their case known for a number of valid reasons. The hard fork was then 'generally non-contentious' and had broad social consensus otherwise. However this person's status quo was changed against their will.

If the number of users of Monero increased, the number of people who would not want a given hard-fork would likely increase, and the number of people who had the protocol 'rugpulled' would increase.

This is far far less likely to happen with Bitcoin.

Lovin the nickname xD

Very true, and a good critique! So far I have seen literally 0 contention, but as Monero grows that will absolutely change. That is why we've already seen ossification (similar to Bitcoin) from 6mo hard-forks to multiple years between. We will see hard-forks more and more infrequently as we grow and that's a good thing, but the option does need to remain due to privacy being something that is quite fluid.

I also expect that there will be contentious changes proposed at some point in the future, and I'm sure the immune response of Monero will be strong and fight back against them (and I will gladly join forces if the proposed changes go against the core ethos and social consensus of Monero).

And this is why I hate having Monero fanbois here. This guy makes all sorts of accusations against me about having no knowledge of Monero and how I'm avoiding debating him. I avoid debating him because I know it's a waste of time and all he would do is just defame my character until the focus is off of the centralization of Monero. I have no interest in feeding this troll.

For the record, I understand Monero fine. I wrote a go-library implementing a lot of its interesting features years ago: https://twitter.com/jimmysong/status/867089878739283968?s=20&t=raee0obpmoJVkwe9zbv3qQ He wants to tell me I don't understand it when I've personally implemented Ring Signatures? He's coming after my character because he has no good answer for the fact that Monero is centralized.

He spouts idiocy like "we haven't hard forked in 2 years" as if it's relevant. The Fed also didn't raise interest rates for 2 years, does that mean it's never raising interest rates? It's such a stupid and disingenuous argument that it's not worth engaging. If you hard fork at all, it shows how centralized you are. You have to download the new software or you are not running Monero. That is the big flaw. You have no recourse to the hard fork. You are forced to do whatever they decide. This is unlike Bitcoin where you have the option of not upgrading. This is a big deal because it gives you sovereignty over your own coins. You don't have that with Monero.

Centralization is very relevant and it's idiotic for @sethforprivacy to act like it doesn't. That is the main issue and the one being avoided by the OP because he, too, is a Monero shill.

I write this here because I know there are a lot of people here that have a soft spot for Monero. It's another shitcoin and @sethforprivacy is another affinity scammer and I hate seeing him pollute this community. Sadly, he succeeds with some people by writing a few bitcoin privacy focused posts. But that's how affinity scamming works.

He seems way more calm and less emotional than you. Please take a step back and really assess whether your misgivings for Monero stem from the protocol or maybe the disagreements you had with some people in the core dev team as it seems like the latter.

Logical differences can be resolved but personal differences are poison. :)

  1. Not a "fanboi", have shown that dozens of ways over the years. I view Monero as an immensely valuable tool, but I'm not a maximalist, am open and honest about shortcomings, etc.
  2. Glad you finally deemed me worthy of a reply instead of just honing your echo chamber!
  3. I rebutted your poorly informed claims about Monero and Lightning privacy point-by-point here and offered to discuss it further, and you never replied. Care to now? https://twitter.com/sethforprivacy/status/1514372798113886210
  4. Writing one Go library 5y ago certainly does not tell me anything about your understanding of Monero today, and if anything explains why your knowledge of Monero seems to be archaic and dated.
  5. If you had taken the time to read before rage-replying you'd realize I was saying that as a point against "Monero hard-forks regularly" and against the normal "Monero hard-forks every 6mo" FUD that you spread usually. Neither of those are true, and Monero's lack of regular hard-forks for years shows that.
  6. Yes, you have to update software (gasp) every few years or you can't use Monero. That's both a good thing for an improving tool in the ever-evolving race for privacy, and ensures all users adopt critical bug fixes etc. over time. If you don't like that you can use another chain that lacks privacy and doesn't iterate like Bitcoin. You also completely overlook the whole "social consensus" and "non-contentious" aspects of my response, as no Monero hard-fork has been contentious as the upgrades proposed are just continuing to improve on the things that are core to Monero's ethos. Similarly to most bitcoin changes, people approve and so they choose to run them. You also (of course) left out the whole "the entire community has a say in hard-forks and can propose/review code, participate in meetings (all are open), and give feedback through every step of the process". But you don't seem to want people to know the truth.
  7. There is no "they" deciding everything. I have no idea where you get this idea that there is some person pulling all the strings in Monero, but it's a decentralized grassroots community just like Bitcoin, and all community members can (and many do) contribute to the planning, code, and process of hard-forking to upgrade the network.
  8. I have never said that centralization isn't a problem, I am always very clear about that. My claim is that Monero is decentralized and it's one I will 100% stand by. It's in some ways more decentralized than Bitcoin, in some ways less, but is absolutely more decentralized than almost all cryptocurrencies and decentralization is a core aspect of its ethos.
  9. LOL at affinity scammer, I have contributed without recompense to both Bitcoin and Monero thousands of hours worth of effort. A ridiculous claim, and one you'd know was false if you didn't just block me and anyone else you don't want to hear dissenting responses from. You love your echo chamber, and I don't fit in it. That is fine, but leave the insults and egregious claims about my character out of this.

-1) You may not be a "fanboi" but it is clear that you have an agenda. -2) Nobody owes you a reply, whether they started the conversation or not they are free to leave it. -7) If it can be hard forked (and has been hard forked) then there is a 'they'. The 'they' definition is fuzzier, but it is something like: Those who support and promote and use the hard fork, vs those who do not. -9) People have different uses for blocking. You assume the use-case that he is using the block feature for. Is it not similar to personal privacy? It is possible he doesn't want his time involuntarily taken by those on his block list, and it is also possible that he blocks people with dissenting responses. You can make your assumption, but you can't know that your assumption is correct.

Fixed formatting in above comment, thank god for timed edits.

  1. Yes, that people have access to the truth about tradeoffs and get to choose for themselves, instead of being mislead by people who either don't understand on-chain privacy or are willfully ignoring it for some ulterior motive.
  2. Of course not! Doesn't change that it's rather poor etiquette to ignore + block someone who over and over tries to engage with you and provides point-by-point rebuttals in as kind a way as possible, and then block literally everyone who disagrees with you in obvious bait posts.
  3. (Confusing me with this numbering
    ) Yes, the "they" is the entire active community. There is no "those who do not" and has never been AFAIK. When hard-forks perfectly align with the ethos and social consensus set in place from the beginning they just make sense.
  4. He blocks out of "compassion" apparently. Doesn't change the effects of broadly blocking anyone you disagree with or who doesn't worship your hot takes on Twitter.

The numbering was meant to match to the number I was replying to on your post. Probably more confusing that way.

The only thing I will add is that I think that you are underestimating the effect that number 3/7 (number confusion) has. I don't think that the argument that there has never been 'those who do not' yet is a strong one. You preach that Monero is a good tool for private payments, and you try to promote adoption. Currently I would argue that the people who use Monero are in-the-know and commit time to keeping up with the current state. The wider the adoption comes, the less people with be willing to do that. The less people willing to do that in the future, the harder a non-contentious hard fork will become. There will likely come a time where a hard fork is needed to implement something and there will be less consensus on the decision. This will likely lead to a split. ' Decisions that are obvious and have a clear line to follow on the 'ethos' are not a good example to throw out there as to why hard-forking is not a problem. There may come a time where the hard-fork hard-decision times comes and it makes your argument stronger and not weaker, but only time will tell.

I forgot about the frequent hard forks and I agree it add centralization pressure and limits the "rights" it's holders have which is why I don't invest in XMR.

However, BTC sidechains like Liquid add even more centralization to achieve confidential transactions. Similarly with Fedimint. And to some extent, LN has centralizing effects as well since we're all reliant on whatever features the major implemtations decide to add. The difference is that the "asset" in these systems is redeemable 1:1 with BTC (LBTC, ecash tokens, and millisats in a channel)

If Monero was somehow implemented as a privacy layer for BTC without a token, or you could use it via atomic swaps in such a way that never exposed you to XMR volatility or it's consensus rules, would you consider it a shitcoin? Assuming it provides useful privacy in areas where it would take more work or be more expensive to achieve comparable privacy on BTC?

Great point!

And they are working on atomic swaps wirh BTC as we speak 🙃

Now that I think about it, it's possible to use monero right now without exposing yourself to its volatility. If you use an exchange where you can short monero on the xmr<->btc pair, just do a 1x short.

As monero falls to lower and lower prices in satoshi terms, your bitcoin stash on that exchange will grow by an equivalent amount. Conversely, if monero grows in value in satoshi terms, your bitcoin stash will go down, but your monero stash will increase proportionally to equal out the difference. Whenever you want to cash out of monero you can sell your xmr tokens for bitcoins, putting you at the same amount of bitcoins you had when you started (minus some exchange fees).

So if you want to buy and use -- say -- $300 of xmr, first put up a 1x short on monero using $300 of your bitcoin as collateral. As you spend it, reduce your collateral til you're all out of both monero and collateral, then if you want to you can put up collateral again to repeat the procedure.

This does mean you have counterparty risk on the exchange as well as slippage risk due to trading fees and low liquidity on that trading pair. But for some people who want to treat monero like a sidechain, this is a way to do it that should work today. But the "peg" is secured by a centralized entity (the exchange), so there is that.

Monero's proposed hard forks are always broadly discussed publicly with the whole community having the chance to participate and only decided when there broad consensus for the changes, pretty similar to Bitcoin's soft forks. Those soft forks make you also be out, since if you receive e.g. a SegWit output, without updating you will not able to use it.

Exactly :)

Why store value in something that inflates forever?

It can't scale to compete with legacy payment systems because ring signatures use more block space than BTC transactions and XMR can't use LN.

It's only useful as a privacy layer for payments.

Most are valid criticisms but don’t understand the last point “if everyone uses it, it gets worse”

Iirc fees go down with more usage and privacy increases as well due to bigger set of UTXOs to use in anonymity 🤔

Edited OP to remove last point. But I'll support it here:

XMR has adaptive block size. If massively adopted, the chain will bloat to ridiculous levels and it will become more difficult to run a full node. This hurts decentralization of the project. Currently, chain size is way smaller than BTC but that's because it's barely used. Thus the anonymity set is currently small.

Another critique: mining with general purpose hardware is a decentralization gain at the expense of a security weakness.

CPU/GPU mining is good for decentralization because more people have access to the hardware.

However, ASICs are good for security because almost every ASIC in existence is currently utilized to defend the network. There isn't a lot of "spare hashpower" to devote towards a coordinated attack.

Whereas, every CPU in the planet not currently mining XMR (probably +98% of all CPU cycles) could be persuaded to attack. I've heard XMR shills say that it's a good thing because in the event of an attack, people will magically decide to defend XMR and start hashing cooperatively. But it could go either way.

Whereas, every CPU in the planet not currently mining XMR (probably +98% of all CPU cycles) could be persuaded to attack.

Botnets are a risk to any CPU/GPU mined crypto.

Blockchain size is absolutely an issue, agreed.

As to the attack angle, that’s well thought out. Instead of attacking, maybe honestly analyzing the pros and cons of both ASIC and ASIC-resistance would benefit both ecosystems. 🙃

What about my analysis of pros and cons was dishonest?

I meant that more for the XMR community, instead of criticizing you, they should be addressing the valid concerns you raised.

Agree. XMR is great. I don't even "dislike" it. When privacy is priority, it's a great option to have. It's just a different set of tradeoffs that's competing for a different kind of use case.

Yes!

We lean the same way. It’s each tool for its purpose.

0 sats \ 9 replies \ @m4 31 Jul

Why mix your coins with drug dealers?

There is no coin mixing in Monero as there is no way to trace coins 🙃

It is perfectly fungible. No one knows where they came from, where they’re going and which coins are going in what amount.

Mixing with dirty coins is only a problem with transparent ledgers. 🙂

There is no coin mixing in Monero as there is no way to trace coins

No mixing but every transaction is technically a big coinjoin.

...With confidential amounts. BTC can't do that part.

You litteraly talking about Coinjoins, where u can potentially spend with a terrorist or drug dealer or any bad guy.

Again….If your rulers make it illegal to send money to your mom, you’re a bad guy too.

This is naive and childish.

Also, how will anyone know who you are spending with?

Monero transactions don’t show

  1. Where they are coming from
  2. Where they are going
  3. What amount is being spent
  4. And there are 11 decoy transactions mixed with the real one

Again, do your research because you sound like an NPC just parroting what you see on TV. 🙃

0 sats \ 3 replies \ @m4 31 Jul

Monero was delisted from many exchanges if someone is navie definitely not me ¯\_(ツ)_/¯

You are just proving the point. 🙃

102 sats \ 1 replies \ @nout 31 Jul

That would be argument for monero actually. Check why was it delisted.

Exactly 🙃

These same people would happily KYC till the day they are led to the gulag because “we don’t have anything to hide”…right then why don’t you poop with the toilet door open in public. 😅

A lot to cover here, and thankfully I have already responded to all of these points in a blog post:

https://sethforprivacy.com/posts/dispelling-monero-fud/

It's important people understand that Monero is more scalable when used privately than Bitcoin and can support Lightning Network-like layer two's, I even gave a presentation on some of the approaches that have been proposed at Monerokon this year.

Thanks for never giving up on the good fight. :)

101 sats \ 0 replies \ @anarkio 1 Aug

It's only useful as a privacy layer for payments.

Monero's exact use case is private digital cash. Send, receive, earn and spend money worldwide and without restrictions. No bank account, government ID or permission required. As private as a physical cash transaction.

Monero's inflation rate is currently 0.87% (currently less than Bitcoin and gold, and much lower than fiat) and will trend toward 0% over time (disinflationary). More info here: https://i.ibb.co/G9YM10T/Monero-Supply.png

In addition, some Layer 2 implementations for Monero are being discussed, but right now, it isn't necessary because TX fees are less than 1 cent, blocktimes are 2 minutes and 0-conf TXs are relatively safe (there is no replace-by-fee in Monero).

Why store value in something that inflates forever?

I think Monero isn't meant to be a means of storing purchasing power.

How do you exchange value with monero if you don't hold value in monero? The idea of being a medium of exchange without being a store of value is nonsense. It must have value stored in it if you want people to give you goods and services in exchange for it.

Back when Bitcoin started people had the same question.

Then darknet markets started using it: it had value and was exchanged for things with Value

Then it started being exchanged for real stuff

Now we’re here.

Bitcoin has been replaced on darknet markets by Monero.

Even Satoshi himself said he wished he could implement the features but lacked the knowledge and also Schnorr Sigs were under a patent while he was already developing Bitcoin.

Again, if you wanna see the macro view, your answer for Monero’s value will be obvious.

Or you could be like the people who denied Bitcoin in its early days, me included, and repeat the mistake.

That’s all. 🙃

"x will grow in value" does not make x a good money. Lots of bad things capture value. Monero is another centrally managed money which unfairly rewards the people who control it. Bitcoin exists to set people free from centrally managed unfair money like monero.

Monero is what Bitcoin wants to be.

You are very very misinformed. 🙃

Who are the people that control XMR? And how do they unfairly benefit?

XMR has nodes and miners that follow a set of consensus rules just like BTC does. It's not just another smart contract token with a pre-mine where the contract is loosely defined or able to be changed by a privileged few.

50 sats \ 7 replies \ @v4v 31 Jul

Montero can't be audited. That means it is fundamentally untrustworthy, because you can't verify the inflation peomises. Bitcoin fixed that already.

It can be. Please see XMR sub for how. 🙃

It CAN be audited. However, an inflation bug could exist without being detected. If an inflation bug was exploited in BTC it would be obvious.

As posted in a different comment, Monero uses cryptographic range-proofs to verify supply (nodes verify the range-proofs of each TX). In addition, a Python script to externally audit supply is under development: https://ccs.getmonero.org/proposals/monero-inflation-checker.html

150 sats \ 3 replies \ @v4v 31 Jul

Auditing that can't detect an inflation "bug" isn't auditing you can trust.

view replies

How do you exchange value with monero if you don't hold value in monero?

How do you exchange value with a credit card if you don't hold value in a credit card? Is your question serious?

You hold and exchange value in whatever you want to and when you need the anonymity of Monero you exchange it for Monero, make the Monero transaction and the receiver exchanges it back. It's a tool like a screwdriver.

That being sad, all of Moneros usecases have been solved in Lightning.

You can't receive an LN payment without disclosing your node pubkey (and by extension, all your channels which can be probed to reveal how much money you have). Meanwhile, you can receive XMR and nobody can see your wallet balance. So XMR still has a use case not solved in LN.

That is a well reasoned and accurate statement 🙃

Well, send Lightning to custodial BlueWallet or someting and forward to the actual destination

26 sats \ 0 replies \ @v4v 31 Jul

Or send money to ln.cash and give out the link.

Or send it via swap like fixedfloat.com

Sure, there's ways to avoid leaking privacy when using BTC. But this requires a deep understanding of the tradeoffs. Meanwhile XMR does privacy by default which is great for people just seeking privacy without a desire to understand tradeoffs.

26 sats \ 0 replies \ @v4v 31 Jul

Avoiding leaking privacy requires a deep understanding, period.

Someone else said it too! 🙃

Yes. The Monero community really wants it to be used as a currency and not a store of value.

Will it be a decentralized currency but only for a tiny market size? Or will it become less decentralized as market demand approaches BTC?

I feel like it's the former. I often hear XMR people say "mass adoption isn't the be-all-end-all". I see it as a tool for the relatively few occasions where value transactional privacy is very important.

Kind of like a Swiss Bank Account in your pocket 🙃

Just want to say thanks to everyone who provided strong critiques and points here, always welcome open and honest discussion around the pros/cons/benefits/tradeoffs of Monero, and a huge thanks to @allark for sparking this convo!

I obviously view it as an immensely useful tool, even for "Bitcoiners", as Monero provides very strong privacy to all users, no matter how tech-savvy or "n00b" you are. I really do think that all Bitcoiners can benefit from at least using Monero for spending, as I went into depth here on What Bitcoin Did:

https://www.whatbitcoindid.com/podcast/privacy-on-monero-vs-bitcoin

As for the points discussed in this thread, I replied to many of them but just wanted to link to a blog post I wrote that goes into detail answering many of the concerns and criticisms people have around Monero, both true and false:

https://sethforprivacy.com/posts/dispelling-monero-fud/

Always welcome to feedback on it, but I do think it's a nuanced and fair set of responses -- all I really want is people to have a proper grasp on the benefits and tradeoffs of the tools available (i.e. Bitcoin and Monero) and that they are able to choose what fits their needs best.

Our pleasure! :)

I personally am a big fan of homomorphic ring signatures. I think they should be more widespread in Bitcoin (Coinjoins are still a niche instead of 50% of all transactions).

However, due to the one time public keys of monero they need a unique tag to prevent double spent. I don't like this because the crypto becomes really complicated (Bitcoins beauty lies in its simplicity) and it makes L2 solutions impossible.

L2 solves the two advantages that Monero offers (unlinkability of two transactions of same user, unlinkability of a transaction within a set) while also being so fast and elegant.

Ring signatures have no effect on L2 usage, and key images are also not a problem at all here.

Monero can support L2 networks, it's just a bit more complex than Bitcoin:

https://sethforprivacy.com/posts/dispelling-monero-fud/#monero-cant-support-layer-two-networks-like-lightning

But it is possible, and there are two new approaches I need to add there that will be very simple to implement after Monero implements the Seraphis upgrade that is being planned right now.

Monero with lightning will be unstoppable. :)

Same. Big fan of the ring signatures.

AFAIK Monero is private out of the box while Lightning needs a bit of tinkering to be fully private.

Lightning is just amazing btw.

10 sats \ 3 replies \ @om 31 Jul

I'm not a fan of ring signatures because they depend on good decoy selection. Monero failed at it once before. Maybe it fails at it again right now but we just don't know it.

There is ongoing research into decoy selection: https://ccs.getmonero.org/proposals/Rucknium-OSPEAD-Fortifying-Monero-Against-Statistical-Attack.html Also in the next release, the ring size will be increased from 11 to 16.

You can also churn (send your funds to yourself) to increase plausible deniability (churn TXs look the same as regular TXs on-chain, and can create distance between the true sender and recipient).

Complicated cryptography is sometimes necessary for advanced features, such as strong on-chain privacy-by-default. Monero is open source and people are welcome to audit the code or improve it.

Yes! 🙃

Valid concern 🤔

153 sats \ 9 replies \ @om 31 Jul

A Monero mobile wallet has to do work proportional to the size of the blockchain (starting at the moment the wallet was created). The amount of a Bitcoin wallet's work doesn't depend on the size of the chain.

That and the inevitable dilemma of increasing either fees or the chain size means something like LN is necessary. Sethforprivacy sees it too.

If all Monero fans were more like Seth I would be a lot more optimistic for Monero's future. But I'm afraid that there's a deep-settled irrational anti-LNism in the community.

This one is indeed a valid criticism and any user will face these problems once they play a bit with it. I think Monero has its place and offers some important things that Bitcoin lacks, but no project is perfect and Monero has a lot of room for improvement.

Agreed. any project that stays humble and open minded will always provide value. 🙃

Looks like Feather Wallet will develop a "skip sync" feature. This is useful if you know you haven't received any TXs since the last time you opened the wallet (e.g. you didn't buy any Monero recently): https://ccs.getmonero.org/proposals/tobtoht-feather-dev-2022-1.html If this is successful, maybe it could be ported to mobile wallets (Feather Wallet is open source). If you receive TXs regularly (e.g. online store or donations) you would still need to fully sync, but upcoming "view tags" will make this faster.

Sync times is a trade-off for strong cryptographic on-chain privacy, that hides senders, recipients, amounts, balances and TX history from third party observers (by default and for all transactions).

0 sats \ 0 replies \ @om 1 Aug

Sync times is a trade-off for strong cryptographic on-chain privacy

Indeed, and that's why I'm excited for Fedimint's off-chain privacy.

True 🙃

That’s actually a fair point

There are some deep-seated and irrational reactions on both sides but we try to ignore the irrational and pay attention to rational criticisms as both are awesome in their own way 🙃

Thanks for the kind words :)

You're right on about sync requirements, this is an unfortunate trade-off to gaining perfect address-based privacy in Monero via stealth addresses.

It can be mitigated by running a lightwallet server like monero-lws and connecting with a wallet that supports it, allowing you to retain privacy while negating all sync drawbacks. I'm currently testing this out and it's very promising, and is very easy to use for anyone who already runs a Monero node.

50 sats \ 1 replies \ @om 2 Aug

Oh! Hello Seth :)

I've listened to your Fedimint episode. Do you think Monero-enabled mints could take off?

Hey :)

The biggest issue facing Monero-enabled FediMints is the exchange rate differences, as the "MSP" (Monero Service Provider, in place of LSP) has to be willing to take on exchange rate differences between Bitcoin and Monero.

On the "Monero-only" side, thankfully we don't need any of the "easy Lightning" or "strong privacy" offered by FediMints natively, so I only really see Monero being applicable in the MSP sense for Bitcoin-based FediMints in the future.

309 sats \ 4 replies \ @f321x 31 Jul

Please don't shill your shitcoin trash on this platform.

low effort trash comment.

Not really, don't need to provide arguments against scams. Monero is the same class of shitcoin like Cumrocket

The trolls prove themselves 🙃

The shitcoiners prove themselves

101 sats \ 4 replies \ @nout 31 Jul
  1. It's not clear how centralized is the team of developers (by seeing all the forks and code updates go by, Monero seems to be quite easily changeable at this point - "move fast, break things" vs Bitcoin's "move slow, fix things")
  2. We have a chance that we never had before to create a truly unifying monetary network for everyone around the world based on single set of time-hardened rules.
  3. There's always syncing happening when you open the app, which can be annoying UX in some cases.
  4. The user base is smaller compared to Bitcoin, so your anonymity set is smaller ("oh, so you are the guy that uses Monero for transactions in US timezone, runs Tails on Lenovo laptop, signs his messages with pgp, is only one in his ISP's network running on Tor ... and tags all his friends in a picture taken with his iPhone")

To note - I think in short to medium term Monero has its place. The thing I'm waiting for is an app ("wallet") that has my BTC balance and can seamlessly in the background atomic swap for Monero and back when I'm paying or receiving (ideally it would automatically also do things to prevent timing analysis). This way in practice Monero would just become privacy sidechain to Bitcoin.

  1. Monero has the third-most devs of all cryptocurrency projects, behind only Bitcoin and Ethereum. It's consensus is not easy to change, but when the proposed changes are well-reviewed, audited, and align with the core ethos of Monero (privacy for all users, ASIC-resistance, etc.) and social consensus aligns the Monero community is open to hard-forks to improve the protocol.
  2. Good point, and one reason that I'm still hopeful Bitcoin can iterate and improve and make Monero unnecessary.
  3. It can be mitigated by running a lightwallet server like monero-lws and connecting with a wallet that supports it, allowing you to retain privacy while negating all sync drawbacks. I'm currently testing this out and it's very promising, and is very easy to use for anyone who already runs a Monero node.
  4. This is a common misunderstanding, the anonymity set for Monero transactions is much higher than even that of privacy-preserving Bitcoin transactions, as far more people use Monero than use Bitcoin privately. Your anonymity set in Bitcoin is 0 if you don't use it properly, and most users have 0 privacy on Bitcoin.

I haven't checked in on Monero for a few years. Is it still the case that the project has a consistent schedule of a hard fork every 6 months in order to combat ASICs? If so, a concern I'd have with that is that it then REQUIRES competent, trustworthy devs to keep pace and never let up. Whereas Bitcoin Core could completely stop releasing code for 5 years and bitcoin would be fine.

It does not :)

Reasonable and well articulated answer. All good points. 🙃

211 sats \ 1 replies \ @gs 1 Aug

I am bitcoin maxi and I like monero. I don't store any wealth in it, but I use it for dark markets when I need it.

The main difference between shitcoins and Monero is that Monero really solves the problem that bitcoin does not. And it is true PoW coin with no premine. Will monero overtake bitcoin? Unlikely. Does it have it's place? For sure.

If my friend wants to buy something from dark market, I'd rather have him use monero than explain how to use bitcoin privately via coinjoin.

Privacy is important. Privacy by default is what we need for cash. Gold had silver as it's satellite. Bitcoin might have Monero.

This is such a perfect and accurate answer.

Most people do not have to choose, each tool for its purpose. :)

125 sats \ 0 replies \ @v4v 1 Aug

If you are selling stuff, then your lightning node is receiving funds and none of the privacy benefits of lightning apply. It's actually worse than receiving on chain bitcoin, which can at least be thrown into a mixer. Receiving momento through fixedfloat is not the solution though, since in that case it's really fixedfloat that is providing the privacy. You could have your lightning pass through fixedfloat for that matter.

25 sats \ 0 replies \ @v4v 31 Jul

@allark why don't you build a site like this based on xmr. Ever notice your "soon to flippen bitcoin" alt-coin dujour is riding the coat tails of bitcoin? At some point if you keep promoting it, you become a spammer.

What is this site's policy on spam?

You cannot audit the total supply of monero, that’s a killer for me

I believe you can @sethforprivacy can chime in. It’s just slightly technical. 🙃

202 sats \ 2 replies \ @iguano 31 Jul

I mean, you can use Monero, you are free to do it, But what convince me that bitcoin was the solution to so many human problems, was not the privacy, but the total clarity of it. What makes us slaves in the actual system, is that the population can't audit governments. Monero is not the right tool to solve this issue.

Bitcoin, Monero and agorism help you to avoid the state entirely: https://anarkio.codeberg.page/agorism https://anarkio.codeberg.page/monero

This is fair

You can audit the supply, it requires slightly more complex cryptography than Bitcoin but is auditable. Lots more nuance and resources here:

https://sethforprivacy.com/posts/dispelling-monero-fud/#you-cant-audit-the-monero-supply

Shitcoin is a valid reason

Many, many more services accept bitcoin and many, many more people want to buy bitcoin. Monero still suffers and probably always will suffer from having a much smaller network of participants than bitcoin.

0 sats \ 0 replies \ @R 2 Aug

I think we are going to learn why having a bitcoin forum like this won't really work for discussing anything else. Most people will return to twitter where they can block people who discuss anything other than Bitcoin.

  1. Monero is a shitcoin. You have no right to tell me what a valid reason is or not.
  2. Monero has infinite inflation.
  3. Monero doesn't work, it has major privacy flaws that researchers have sounded the alarm on for over 6 years now.
  4. Monero has an agressive, willfully ignorant and childish community.
  5. There's no way to validate the supply in Monero.
  6. The Monero community pretends to be otherwise, but they're very sensitive and defensive about any criticisms, which ensures that nothing ever changes.
0 sats \ 0 replies \ @beb0 1 Aug

I can use bitcoin privately.

All of these have been commented on before.

  • Variable block size. If adoption grows it will cause the blockchain to grow really quickly. Over time, you'll end up with the same centralization problem that Bitcoin would have had if it increased the block size.
  • Not a criticism of Monero itself, but I dislike the community's lack of interest in sound economic principles (aka Austrian economics). That will affect Monero's future monetary policy.
  • The tail emission. Yes, its disinflationary over time. However due to the second problem, I can easily see the tail emission being increased. I think that its better to have a totally fixed supply and no tail emission so that the temptation isn't there.

Reasonable concerns :)

Trying to talk about monero in here is odd imo.

IMO Monero has a big problem with scaling transactions. Sure, it's small and it works for now. Even Bitcoin can have a big problem with this despite transactions being on average 10 times smaller (size-wise), and there is work on scaling it down even more (in Monero probably too).

Valid and reasonable take 🙃

0 sats \ 0 replies \ @Ge 31 Jul

Gross...

If you were living under a dictatorship and police stops you, what would you prefer to hold:

  • Bitcoin
  • Monero

Yep, bitcoin, why?, because can be tracked so there's nothing to hide, but if you were holding monero, a money that can't be tracked. Hidden at plain sight is the way to go.

Holding monero is a privacy leak, you will catch attention inmediately.

🤔

And how would they know what you hold? 😂

Also, there is no mercy in such a scenario.

In for a penny, in for a pound.

It seems there are a lot of people without real world experience of how the law works. 🙃

🙃

The community seems a bit immature and not into austrian economics for lack of a better term. It seems to be an experiment "can we create privacy on-chain" and they can. This privacy probably won't be affordable for many people in the end tho. So what is the point? Genuinely curious

Austrian economics was great when it was invented….hundreds of years ago.

I’m sure someone more knowledgeable can chime in on why, but having privacy and anonymity in personal finance should be a right not a privilege. 🙃

Austrian economics was great when it was invented….hundreds of years ago.

Austrian economics is just economics, those principles don't change over time. Keynesian economics is just a spinoff of the Austrian school with excuses to print money built in. MMT is a spinoff of Keynesian economics with even more excuses to print money built in. Those "schools" of economics are more favorable for people in power so that is what's taught in schools now.

0 sats \ 0 replies \ @om 1 Aug

Austrian economics was great when it was invented….hundreds of years ago.

Whoa! The entire crypto is a project of Hayek basically. See his "Denationalization of Money".

Monero hasn't solved the blockchain trilemma so ultimately it's privacy will be a privilege not a right. So why are you acting otherwise?

While their push for privacy is admirable and it's great for people who want to have some privacy I don't see the point in holding it unless I just want to obscure a certain payment, of which I don't have much use for that.

Since we don't have much oversight on supply and issuance, it's hardly something I would want to hold. Can monero be a layer people could use to swap in and out of sure, but as more privacy tech comes to bitcoin it erodes the use case for it,

I am not against people creating privacy innovation, just not about to fund it with my labour

Monero’s use as a privacy layer is indeed unparalleled and one of the best use cases for it.

Monero community focuses more on using it than its number go up.

And that’s quite a reasonable viewpoint you have!

Out of interest, have you tried running a monero node? I have not yet, would like someones take on the experience vs bitcoin

Yes :)

It’s pretty simple. Downloaded official Monero GUI and then just let it do its thing.

Takes a while to sync but if you’re low on storage can run pruned.

Also can mine on a decentralized pool on your PC, option is there in the GUI wallet. Not gonna be making any bank but maybe like a $1-$4 per month on a standard PC.

As simple as Bitcoin but here’s the noticeable differences

  1. Can mine with a click of a button
  2. Way more options to configure
  3. Better UI but that’s neither here nor there.

Pretty much

Except we can't verify supply, it appears that to enjoy the privacy features u have to run your own monero full node. If you don't, privacy and anonimity set are bad. This is what I've heard from someone more technical than me, could you confirm ? @allark

You can use a remote node without problems. Feather Wallet is a good wallet that includes a list of trusted remote nodes (including onion nodes over Tor). AFAIK Cake Wallet and Monerujo (mobile wallets) also include lists of trusted remote nodes. Otherwise you can host your own node and connect your wallet to it.

To enjoy full privacy it’s always best to run your own node both for Bitcoin and Monero.

Supply CAN be audited, just need the person to learn a little bit technical skills iirc 🙃

You do not know the actual XMR supply. The supply is calculated based on the sum of Coinbase transactions. So in case of an inflation bug that makes e.g. a double spend possible, nobody knows until it is probably too late.

0 sats \ 1 replies \ @m4 31 Jul

Strongly connected with illegal activities.

So was BTC when it launched 🙃

Illegal activities are whatever the people who rule you define as illegal. If tomorrow they make it illegal for you to send money to your family will you be a bad person for breaking that law?