[yieldcrv]

Correct, I don't find these to be limitations for any user of Monero, its just a way not to use it.

> repeatedly withdraw money from one exchange and then deposit it to another

right, don't do that. Withdraw to your wallet. Wait several days. Transfer elsewhere in different denominations.

Problem solved for everything you wrote, and its been nearly the same for the entire lifespan of Monero, 11 years now.

> Breaks will not always be public.

There are court cases that give the confidence necessary. It is also something to stay abreast of. Always just ask yourself who the transaction is intended to be hidden from.

[beeflet]

>right, don't do that. Withdraw to your wallet. Wait several days. Transfer elsewhere in different denominations.

Unfortunately, it doesn't work like that. The EAE attacks only require that the end destination is colluding with the start destination.

Like everything with decoys, privacy is stochastic. So I wouldn't go around making absolute claims about the privacy as many proponents of monero like to do. The developers advise against making these sorts of claims. Monero makes privacy a lot easier, but it's not perfect.

>There are court cases that give the confidence necessary. It is also something to stay abreast of. Always just ask yourself who the transaction is intended to be hidden from.

In the free world, we have the concept of innocent-until-proven-guilty and evidence-beyond-a-reasonable-doubt. Decoy-based approaches give you plausible deniability, but this often isn't enough for more domains where a lower standard of proof is needed.

Fortunately, all this and more will be fixed in FCMP++ upgrade.

[yieldcrv]

Thats good FCMP++ will fix it

Right now it seems Eve just needs to do a dust attack and addresses she’s seen before

And wallets like Featherwallet just need to segregate dust from the pool of outputs, and that kind of attack is totally thwarted

Fortunately Eve doesnt know if an address is part of the same wallet and Featherwallet hides the ability to reuse addresses, although users are lazy and may rely on old addresses being accepted destinations for anyone sending them funds. It would be great if wallets notified of dust, or asked you to recognize transactions in.

[bcoates]

"right, don't do that."

As a non-user of Monero, how do I find out what the security properties are and what information is leaked when various actions are taken? The OP's analysis is deeply lacking in this and the apparent rule against repeated transactions is non-obvious

[yieldcrv]

At this point I’m not sure

there would be the monero subreddit where you could ask these questions

LLMs would be trained on them by now

Books like Mastering Monero exist, and will become obsolete if the proposed upgrades go through

Annual DNM OPSEC GUIDE will likely cover it (darknet market operational security guide)

[Calwestjobs]

"There are court cases that give the confidence necessary. " NO!

many times police will made up "plausible way" how they uncovered something, but this "plausible way" was constructed after the "secret" or illegal way was employed to do it.

rephrase : police will do illegal thing to obtain info where you stash your drugs. for example installing NGO Pegasus to your phone, gps tracker under car... so they already have that info. then they call anonymously 911 saying there is smell of gas on street. (maybe they even spray some of mercaptan to make it even more plausible) firefighters, etc will come investigate gas leak and police will say that they uncovered drug stash in investigation of gas leak... illegal way to obtain info, then brainstorming how to make that data available "lawfully". they will not tell in front of judge/court about first part... so no your assumption is not correct.

in computer world it is million time easier.

99% of youtube videos about criminals failing at operational security is intentionally bad information.

IF you are believed to be criminal / "bad person" police(men) will justify doing almost anything, because you are bad person IN THEIR EYES.

also they are trained to and expected to disinform :

For example, Ross Ulbricht. every news paper said that "closing his laptop lid will lock his computer and police will be unable to decrypt it" they pushed it and said it so many times that researchers jumped on LUKS and in 1.5 years there was almost complete rewrite of LUKS.... (not even talking about constant TOR effort)

Whole not closing his notebook also proves that they obtain data legally. It does not say they did not have that data already.

One info can mean multiple things to multitude of people.

[yieldcrv]

Parallel construction is possible and I agree that Ross got railroaded with some unanswered and questionable and paradoxical evidence gathering tactics

My confidence in Monero comes from following what the administrative state has said in court cases

Often times they don’t know the balance, location, and are unable to seize it. As designed