[popol12]

TLDR: no

Your own node is connected to other nodes to get latest blocks and publish transactions to the network. These peers are selected randomly among the pool of available nodes. If the attacker has enough nodes, there is a good probability that your node's peers are partly controlled by the attacker. When you publish a new transaction and broadcast it to your peers, the attacker can detect that it is indeed a new transaction (since it is the first time it's seen by the attacker nodes) and that the IP address of your node is the IP address of the transaction sender. It's not going to work 100% of the time (except if _all_ your node's peers are controlled by the attacker) but with a few transactions it's eventually going to lead the attacker to your IP address.

It's the same kind of attacks that are used to deanonymize people on TOR.

If you want to protect yourself from that, you need to add a few layers of trusted no-logs VPN in front of your node, so that the attacker is lead to a dead end.

[tromp]

> When you publish a new transaction and broadcast it to your peers, the attacker can detect that it is indeed a new transaction (since it is the first time it's seen by the attacker nodes) and that the IP address of your node is the IP address of the transaction sender.

You're assuming that peers will relay new transactions to all their peers, but that is not the case with the Dandelion protocol that Monero adopted [1].

[1] https://resilience365.com/dandelion-for-monero/

[popol12]

Yes, you're right However, even if Dandelion makes this task harder, the task remains essentially the same: controlling a significant amount of node

[zigararu]

What proportion of nodes? There are papers that analyse it but I haven't read closely or found a clear answer.

I suppose even if they controlled all but 2 nodes - the extreme case - even then they couldn't know with certainty which of the 2 nodes sent the transaction, so it could be argued that there is always plausible deniability.

[popol12]

Let’s call these 2 nodes N1 and N2. The case you mention only works if N1 is connected to the network only through N2, in which case when the attacker’s nodes receive a new transaction from N2 there is plausible deniability for both N1 and N2. In any other network topology, N1 and N2 are broadcasting their transactions to attackers node, which can then link then directly to N1 or N2. So no, this attack doesn’t require to own all the network.

I don’t know which threshold makes the attack practical though. I guess there is probably no threshold: the bigger the share of the network you own, the bigger your percentage of successful IP tagging is.

[zigararu]

I dont think that's how dandelion++ works; one of us is mistaken. In any network topology, I think it is possible that in the first step of the stem phase the transaction is propagated only from N1 to N2. It will be impossible for the other nodes to know if that happened or not, so they can't know whether N1 or N2 transmitted the transaction first. I could be mistaken but this is how i understand it.

I agree with what you say about the threshold.

[redrove]

It seems we can combat this kind of attack as a community by just running more nodes.

[swinglock]

It seems an attacker can combat that defense by just running more nodes.

[greener_grass]

Are there still websites where you can submit transactions as text via a web form?

You could craft your transaction and then submit it using a browser on Tor.