Share this page!

Seth For Privacy Profile picture
Twitter logo
Apr 21 19 tweets 6 min read
1/ I'm really tired of responding to lots of comments from DERO people claiming they've solved the worlds problems and scamming people with false marketing, so here's a thread breaking down all of their grandiose claims 👇
2/ DERO claims to be using "fully-homomorphic encryption" to prevent nodes from being able to see transaction information.

Not only is this nonsensical (zk-proofs allow verification without revealing data simply) FHE is absolutely unusably inefficient:

anandtech.com/show/16533/int…
3/ For DERO to claim that they're using something that is thousands of times less efficient than more common encryption methods, and that has yet to be implemented in any other fashion due to this inefficiency should discount the rest of their claims off the bat.
4/ DERO also claims to solve all of the problems/tradeoffs with cryptocurrency without any tradeoffs.

*Immune* to 51% attacks and double spends?!? Do you really think this tiny project solved the hardest security problems today with no tradeoffs?
5/ DERO claims that smaller and more rapid block generation solves 51% attacks, something that makes absolutely no sense.

A miner with >51% of the hashrate will still be able to mine the same proportion of the blocks and rewrite history just as easily.
6/ Somehow preventing wallets from spending more than one transaction at a time prevents double spends, which is asinine as double-spends can (and are usually) performed via 51% attacks, not a wallet trying to spend the funds twice (consensus rejects double-spends)
7/ DERO has a 2mil/21mil pre-mine owned solely by the founding team.

This is an absolutely absurdly large pre-mine and gives massive financial incentive for the centralized dev team to inflate their claims and dump on new entrants to DERO.
8/ DERO either knowingly (or unknowingly) claims that transaction data must be decrypted to be verified, something that is absolutely false.

Monero, Zcash, etc. all do verification without revealing amounts or transaction details -- verification on encrypted data is quite easy.
9/ Maybe best of all as someone who has a networking background, DERO claims to do TLS over UDP instead of TCP, something that is literally impossible and pointless.

TLS (read: comms encryption) can only be done via TCP as you have to have a handshake and state for encryption.
10/ Side-note -- their code seems to just do TLS over TCP contrary to their claims.

There is a rarely used way to do a form of TLS via datagram packets, DTLS, but they do not mention DTLS in their repositories or docs.
11/ Their example of "TLS over UDP" shows a Wireshark screenshot of a TCP packet (one using TLS and one using regular HTTP over TCP), yet again showing they have no idea what they're talking about:
12/ Their whitepaper link 404s, so I couldn't even view it:

dero.io/attachment/Whi…
13/ They claim their network has no soft/hard-forks, but they are in the process of a "coin swap" to their new network, something far worse than a soft/hard-fork as it's an entirely new chain:

docs.dero.io/rtd_pages/basi…

(Also have to love the myriad misspellings and poor grammar)
14/14 Enough of my time wasted on this, but if you see projects claiming to solve all known issues with encryption, privacy, smart contracts, security, etc. you should run as fast you can.

Grandiose claims are *always* massive red flags and inevitably money grabs.
Fun extra tidbit -- all of their repos still say that their new "Stargate" FHE blockchain is in testnet, but they're simultaneously telling people to swap funds through centralized services to this new testnet today:

github.com/deroproject/de…

Make it make sense!
*most of their grandiose claims

They make far too many grandiose claims for me to spend to time refuting every one, but I covered the most obvious ones here.
Excellent additional details and tested aspects of the lies of DERO here, very helpful to get a picture of a few of the other outlandish claims (read: lies):



Thanks for digging in as well, @reubenyap!
One clarification -- the docs and website are misleading, and apparently DERO does not use FHE, but instead uses PHE, taken from AnonZether without credit or attribution:

github.com/ConsenSys/anon…

Thus their HE approach does seem viable in theory, though I can't validate impl.
Also:

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Seth For Privacy

Seth For Privacy Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @sethforprivacy

Seth For Privacy Profile picture
Apr 21
1/ As always, ransomware and DNM trends are a good litmus test for the usefulness of a technology, and especially the usefulness of a cryptocurrency.

Let's dive into some interesting info in the latest CipherTrace ransomware report 👇
2/ First off, no mentions of tracing Monero or tracking it's usage, despite Ciphertrace having used social-engineering to collect XMR addresses from known ransomware entities.
3/ Monero's acceptance (either only-XMR or XMR and BTC) has rapidly risen, and those who accept Bitcoin generally charge a 10-25% premium due to it being "easily traceable".

CipherTrace throwing punches 😅
Read 10 tweets
Seth For Privacy Profile picture
Apr 17
1/ Get ready for the #Monerorun tomorrow by reading up and taking control of your $XMR:

localmonero.co/knowledge/hold…

Here are some excellent wallets depending on your preference to start using today 👇
2/ First off, no matter what wallet you use *save your seed*!!!

Always do so in multiple locations, in ways that you can find and recover, and inform your family or loved ones of how to recover funds as well, just in case.
3/ The first wallet recommendation is @cakewallet (or @MoneroCom), both of which are very simple to use and beautiful, work on both Android and iOS, and have native exchange functionality.

I personally use @MoneroCom.

More at cakewallet.com and monero.com:
Read 7 tweets
Seth For Privacy Profile picture
Apr 15
While this is "just" the front-end, this continues the trend of "privacy tools" preempting regulatory pressure to kiss the boot of our benevolent overlords.

#Monero cannot do this by design, and that's what makes it such a powerful tool.

Permission-less or GTFO.
P.S. -- "privacy tools" like @wasabiwallet and @TornadoCash using your fees to pay @chainalysis is the irony of ironies.

Quit giving these people your funds and just use Monero.

It's that easy.
Oh god, I missed the @TornadoCash tweet:



"Privacy should not come at the cost of non-compliance"...

Run away from this garbage as fast as you can 🤮
Read 11 tweets
Seth For Privacy Profile picture
Apr 14
Glad to see some more nuanced discussion of privacy issues in #Lightning at #Bitcoin2022!

The keys are:

1) Receive privacy is poor
2) Routing cross-network makes privacy of channels poor
3) L1 privacy issues cascade onto L2 to great detrimental effect

invidious.sethforprivacy.com/watch?app=desk…
One of the biggest paradoxes of Lightning is that cross-network routing *requires* public knowledge of nodes, channels, and channel UTXOs/balances, but LN is being relied upon to "fix" all of the privacy issues of L1.

These problems are not easy to solve, maybe impossible.
If you reduce the information available about nodes/channels/UTXOs, you necessarily exacerbate an already serious issue -- routing payments gets much harder or even impossible without routing hubs.

Do you want to "easily" route payments, or do you want privacy?
Read 13 tweets
Seth For Privacy Profile picture
Apr 14
Looking more and more like exchanges are paper trading #Monero and lying about how much they have to customers.

Opt out, get those keys off exchanges and actually own your $XMR:

localmonero.co/knowledge/hold…
To be clear here, there is no reason multiple exchanges would need to maintenance their wallets at the same time.

No network outage, no bugs, nothing.

This is happening with @binance and several others.
Quick clarification thanks to others pointing it out -- I'm not accusing @FixedFloat of anything, but exchanges like them usually rely on liquidity providers like Binance that are currently undergoing "maintenance" that smells of fractional reserves or paper trading.
Read 5 tweets
Seth For Privacy Profile picture
Apr 13
1/ I have thoroughly been enjoying WBD lately, but the #Monero mentions here are absolutely not based in reality.

That is on @jimmysong and not on @PeterMcCormack, Jimmy misuses his authority in the space and is either intentionally misleading or woefully lacking technicals.
2/ First off, Jimmy mentions that Monero's anon set is small because of large transactions.

Anon sets are not a very useful single way to measure real-world privacy, but if he wants to use that number, let's.
3/ Monero's default anon set *at the lower bound* is 11, compared to the 1 of Bitcoin.

This anon set is really much larger as each decoy/input has a branching tree of possible paths, so none can be deterministically ruled out.
Read 23 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(