As we ramp up to celebrate Monero’s 10th birthday, here’s an opportunity to get acquainted with Monero ID’s - easy and free!
TL;DR: Fill out the form at get.xmr.id/form.html to get your very own stagenet OpenAlias.
OpenAlias is great: You hand someone a simple domain name and their Monero client resolves it to a destination. No copy-paste, no QR-code scanning - just ready to send!
To make your life easier, XMR.ID provides this as a service.
Now with faster activation
Previously, setting up your “XMR ID” required significant manual intervention, that delayed the process more than necessary.
After a broad set of optimizations, new aliases are now typically ready-to-use within 15 minutes.
The new automations repect XMR.ID’s design goal of avoiding web-based self-service, thus maintaining the previous level of security.
Wanna play?
Before enabling this new method in production, we will test in on STAGENET - a parallel Monero network that works just like the real deal, but with its funds considered worthless.
If you haven’t used stagenet before, this may be a great opportunity for you to not only get acquainted with XMR ID’s, but create a risk-free playground for your own experiments!
It takes about 5 minutes. At the end you will have an account that can receive funds at <yourname>.stagenet.xmr.id
, filled with some zero-value Monero, ready to be sent around.
To try it, simply fill in the blanks at https://get.xmr.id/form.html (onion). No ninja-skills required - and you may contact me about any issues or inconveniences you encounter.
Hackers welcome
Put your white-hat abilities to the test, fool around a bit, probe and report any faults or security flaws if you want to help harden this part of the Monero ecosystem - or just do a speed-run and get your alias.
Your stagenet-alias
This test is set to run for a week, starting today, but your alias will remain active afterwards.
Contact
Let’s chat in our Matrix room #xmr.id:monero.social or message me directly at @f:monero.social.
c/XMRID is our place in town. There’s also an email address. You’ll probably run into it as you go.
Talk soon, f
You might be providing this service with the best intentions, but, what prevents you from one day changing all of the records to your own address? Or changing a record whenever it is requested from “a-company-that-is-known-to-do-big-monero-payouts.domain”?
Again I am not saying this is your intention, but Monero’s purpose is decentralized digital cash and I personally would not use such service for anything except maybe a convenient donation address that you don’t expect to get big payout to.Manipulation of any record would immediately trigger a notification to all affected users, leaving me with nothing but a destroyed reputation.
The most granular use I can think of is telling someone in-person to load your XMR ID on their device and then confirming what you see.
Coupled with a client that stores the result in a local address book - and compares it with the current DNS responses every time - even senders can be sure that they are still working with valid information.
(An extension to the official Monero client supporting this is in the works.)
I set my OpenAlias up on my own by following instructions online, and it cost me nothing. Why would one pay you, an unknown centralized entity, for something that can be done in 15 minutes for free?
The time required depends on where you start. Someone who knows how to register a domain but has yet to read up on OpenAlias will probably need about an hour or two (if we do not take into account the hassles associated with DNSSEC with many registrars).
Then the cost of a privately registered domain starts at around 15 dollars per year, whereas the same is roughly the one-time price of a permanent XMR ID with two domains secured against each other (meaning that both,
DUKETHORION.xmr.id
andDUKETHORION.xmrid.com
will return the same Monero destination). Wallets can opt to verify this.
No event will make monero greater we do?
It’s from monero.graphics. It could use an extra dot, I agree :)
The theme resonated - especially in the context of OpenAliases - as I consider more personal and memorable Monero destinations an important factor in the context of building parallel economies, human to human, thus making Monero “greater” through use.
Question. Does this somehow generate a new subaddress for every request? I ask because address reuse is dangerous for the privacy of monero. While most people don’t know this, I assume you do.
Address reuse NOT being a problem in Monero is the reason this service can be provided in good faith.
Why is Monero address reuse not discouraged?
You can find further details in this Monero Stackexchange thread.
FTA:
The key thing to note is that no observer can link two addresses together. However, it is possible for the sender to link payments together if the receiver re-uses addresses.
For example, if you withdraw from ExchangeA using AddressA, and then go on to issue another withdrawal from ExchangeA using AddressA, the exchange will easily be able to link these two withdrawals together by simply comparing the withdrawal addresses (even if you used different accounts). Furthermore, if ExchangeA is cooperating with ExchangeB, it would be possible for both exchanges to link address-reusing withdrawals together.
Additionally, even if the sender is not cooperating with other entities in order to link transactions together, it is still possible for the sender to unwittingly link transactions together if their software is poorly implemented and erroneously re-uses the same random data for multiple transactions. Basically, the receiver is relying on the sender to generate good random data in order to generate a one-time key. If the sender fails to use good random data, then the “one-time” key isn’t “one-time”, and transactions can possibly be linked.
So, for maximum protection against linkability, it’s a good idea to generate a new addresses for transactions that you don’t want linked.
Further reading: https://localmonero.co/knowledge/monero-subaddresses?language=en
I think this can easily be achieved by generating a new subaddress for every request. ( I don’t know how OpenAlias works, maybe it already does this.)