monero network != Haveno P2P network
as in bisq
bitcoin network != Bisq P2P & DAO network
monero or bitcoin network is for wallet sync (Monero RPC wallet in Haveno & bitcoinj in Bisq)
Since every Haveno or Bisq peer is a hidden service, of course only a connection via Tor is possible.
All haveno-desktop options
Hi @boldsuck, thanks for your guide on running Haveno-reto (now renamed RetoSwap) in Whonix.
Could you please make the guide a lot simpler and explain every step from the beginning to the end in detail, with examples for each step? Please also state clearly if you are making changes on Whonix-Gateway or Whonix-Workstation for each step. Ideally I would like a guide to use for non-Qubes Whonix running in VirtualBox.
Please start you guide from after downloading the latest version of Haveno-reto from the GitHub website to Whonix-Workstation and installing it. I’ve already written the beginning of the guide:
/home/user/.tb/tor-browser/Browser/Downloads/./home/user/.tb/tor-browser/Browser/Downloads/haveno-linux-deb.zip), click “Extract Here”/home/user/.tb/tor-browser/Browser/Downloads/haveno-linux-deb/), and in a terminal window on Whonix-Workstation, type sudo dpkg -i (with a trailing space) and then drag the .deb installer from the folder into the terminal to complete the filepath (eg: for Haveno-reto v1.0.18, it should be sudo dpkg -i '/home/user/.tb/tor-browser/Browser/Downloads/haveno-linux-deb/haveno-v1.0.18-linux-x86_64-installer.deb'). Press enter, Haveno-reto should be installed to /opt/haveno/. If it fails because of missing dependencies, run the command sudo apt install -f to download and install the missing dependencies, and then try the original sudo dpkg -i '[...].deb' command again/opt/haveno/lib/haveno-Haveno.desktop to your desktopSome current issues with your guide are:
/etc/tor/torrc” but on your GitHub guide you say “Configure a HiddenService on the Whonix-Gateway: sudoedit /usr/local/etc/torrc.d/50_user.conf”--hiddenServiceAddress=Your_HiddenService_address.onion--nodePort=9999” but is that the literal text that should be typed or should “Your_HiddenService_address.onion” be replaced with some other text? Which text? Where should I find my hidden service onion address? Also please use the full command to start Haveno-reto so it’s clear what is meant, like: “on Whonix-Workstation, start Haveno-reto with the command /opt/haveno/bin/Haveno --hiddenServiceAddress=Your_HiddenService_address.onion --nodePort=9999”40_haveno.yml onion-grater pull request that was merged? Is that not necessary at all to use Haveno-reto?Thanks so much for taking the time to write this for newbies, hopefully more people will be able to follow it.
Hi, thanks. I will include your beginning of the guide in the Haveno docu.
Unfortunately I haven’t had time to install Whonix and test Haveno Setup yet.
Yes, I explained here how we (or I) use tor aka little-t-tor on Debian/Ubuntu with the Haveno DirectBindTor patch. The Whonix monerod tor configuration is almost 1:1 to ‘Haveno with DirectBindTor’ and I was hoping that a Whonix user would test it and give feedback on whether it works. I read Onion_Services#Setup_Overview later and was not able to edit here in the forum. Therefore I wrote the ‘Edit’ on GitHub for Whonix.
In general, Whonix looks like *BSD to me. All user config is in /usr/local/etc/
I referenced:
Step 2: Open Whonix-Workstation Firewall Port
that could be copied. Of course, the user must use the port he has configured in torrc, e.g: EXTERNAL_OPEN_PORTS+=" 9999 "
In general, there is nothing special about Haveno with TorDirctBind config. It is configured like any other (Onion) HiddenService on Whonix.
--hiddenServiceAddress=<String> as a cmdline option. In Haveno configuration file ~/.local/share/Haveno-reto/haveno.properties the -- is omitted from all options.
HiddenService onion address is, depending on what you have configured as HiddenServiceDirin torrc e.g:
(sys-whonix) $ sudo cat /var/lib/tor/YOUR-haveno-service/hostname
No, it’s not neccesary with DirectBindTor. The reason why the DirectBindTor patch was developed is that you no longer need all this stuff that you find in the old bisq guides:
ADD_ONION.Inexperienced users can test 40_haveno.yml or https://github.com/haveno-dex/haveno/pull/1583 and provide feedback so that it can be merged. Personally, I find the TorDirectBind way easier and safer.
So, Guys it works:
Haveno-Whonix-Direct-Bind-Tor
The first time I use Whonix. It took me about 2 hours. Install Whonix with KVM on a Debian host and running Haveno with DirectBindTor. Patrick and the other Whonix devs have integrated samples for Tor and Firewall and GUI tools for editing.
Sorry guys. How can it be that experienced Whonix users ask for months how to configure a custom Tor HiddenService on Whonix?
I edited exactly 3 lines + Edited Launcher for Haveno
Hint: I have activated clipboard sharing in Workstation temporarily to copy the onion address.
sure, no problem!
I’m a very beginner user, but the RetoSwap app looks easy enough to use if I could get it working. I’m only familiar with Windows and macOS, and have barely used Linux or Whonix before. I just learned the basics, like how to use sudo apt update and sudo apt full-upgrade and had to look up how to install a .deb (now I know it’s using sudo dpkg -i), and then had to look up where it got installed (to /opt/)
That’s why I wrote my guide with basic info like where to download RetoSwap from and where it gets installed. Unfortunately, your guide is still very technical. Is there a way your could write it for a general non-technical user?
Have you seen The Nihilism Blog’s Haveno-reto guide? It’s much more beginner friendly, but for Whonix it just says to use Tor bridges to connect which doesn’t actually work (and could be an unwanted tor-over-tor scenario)
Could you explain when you use technical terms like “DirectBindTor patch” what that means?
I understand it takes longer to write a detailed guide for complete beginners, so I appreciate it.
In short: apt commands for everything you can get from the Whonix APT Repository. This is the preferred way to install software on Debian and derivatives like Whonix. You will love it on your first Distri upgrade. dpkg -i only in rare cases for 3rd party apps.
Yesterday I edited my GitHub comment again. Haveno-Docu: A first ugly draft, may still contain errors. tor_advanced Is on Github too, but they are Tor hostile. I’m currently traveling due to server upgrade. I’ll expand this in the next few days, maybe add pictures too. I don’t know yet if it will be haveno-docs or haveno-reto-docs later.
Yes of course Nihilist and I were among the first Haveno users. He made the Haveno-reto guides, but people also get XMR for some other docu in his Blog. Tor bridges, especially with Pluggable Transport such as obfs4, are used when providers or governments block Tor traffic. Bridges do not help Haveno run on Whonix. A plain bridge (without PT) is a Tor relay with guard flag but with a non-public IP. I have dozens of obfs4 bridges & relays
That’s what the Java dev called the function. DirectBindTor is the correct name
In chat or on Github I asked why we can’t use externalTor, system Tor,… without Netlayer java wrapper what Bisq and Haveno normally use. We called it externalTor internally for weeks.
thanks for your guide, after carefully studying it I was able to get RetoSwap to work, but I wanted to mention some issues. I’ll be updating my guide, and I asked to create a RetoSwap wiki page on the Whonix wiki
on the first try I got this error message:
! Warning
Could not create wallet ‘haveno_XMR’. Please close Haveno, stop all monero-wallet-rpc processes in your task manager, and restart Haveno.
on the second try this one:
! Warning
No connection to Monero daemon after error handling
finally I tried again and it worked, then there is this unhelpful message when the application launches (I am using v1.0.18):
! Important information!
PSA:
Please update to the newest version (1.0.17) if you are still on 1.0.15 or below.
Trading with versions below 1.0.16 has been disabled for better compatibility.
are you a developer of either Haveno (Haveno DEX) or RetoSwap? what is your connection to the project? could I make some design suggestions to you? Thanks again for the help
Yes, you had already started Haveno before without your own configured HiddenService. Then you have the tor-over-tor leftovers in the system. 
Close Haveno and delete the complete Folder: /home/user/.local/share/Haveno-reto/xmr_mainnet/tor Or the entire Haveno-reto folder if you haven’t set up any accounts yet.
If you don’t have a local monerod as recommended: You can also enter (HiddenService) onion RPC addresses of Monero nodes in the Haveno GUI later (at least 3-5). Then you won’t use them via Tor exits.
Haveno Settings → NETWORK INFO → Use custom Monero nodes
ditatompel remote-nodes
monero.fail
Or my
The arbs always write that when it is mandotary and versions below X have been disabled in the filter object. They do all this for free in their free time. (there are no fees until the end of 2025) With Haveno v1.0.19 this will be updated as .19 is mandatory.
No, I’m a simple user. Since I’ve been using Bisq for years and running Tor and Monero nodes, I’ve been following the development of a Bisq fork on the Monero blockchain for years. Anyone can contribute to open source projects. Design suggestions best as a Github Issue or in #haveno-development
The RetoSwap arbs are in the SimpleX chat.
I haven’t done any of that, the only thing I set in my
/home/user/.local/share/Haveno-reto/haveno.properties
was (example .onion address):
hiddenServiceAddress=exampleonionaddress52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion
useTorForXmr=ON
(port 9999 is already the default so wasn’t needed to be specified), and now in the Settings > Network Info tab it has the default setting “Monero nodes to connect to: Use public Monero network”, which seems to work fine (it shows that I’m connected to http://rucknium.de:18081, and list seven other nodes below that).
Why is having monerod recommended? I don’t want a full node on my computer (it takes a lot of storage space).
What is the benefit of specifying 3 to 5 specific custom Monero nodes over using the default public network setup?
What do you mean by “Then you won’t use them via Tor exits.”?
edit: you mean I will be using custom .onion nodes and not the default clearnet nodes, do you think there’s a privacy benefit to it?
By “the arbs” do you mean the RetoSwap arbitrators? Are they the same people as the GitHub RetoSwap developers (retoaccess1 on GitHub)?
Thanks again
I would not recommend it, public Monero network = Port: 18089. There were a lot of reports 2 month ago that chainanalysis runs many 18089 public nodes. mrl recommendation ban spy nodes
Stay with default: --useTorForXmr=<AFTER_SYNC> that means:
Using this nodes for first wallet sync and after that if you have, your nodelist.
Configurable in GUI or haveno.properties e.g:
# RPC nodes
xmrNodes=i4jsfwmw22yjzzmzkoc7aahiaqlyhnykn5wxel43u3o5ibz2k4275jqd.onion:18081,6dsdenp6vjkvqzy4wzsnzn6wixkdzihx3khiumyzieauxuxslmcaeiad.onion:18081,ip4zpbps7unk6xhlanqtw24f75akfbl3upeckfjqjks7ftfnk4i73oid.onion:18081,xmr-in-berlin.boldsuck.org:18081,xmr-in-berlin-2.boldsuck.org:18081,crypto-01.boldsuck.org:18081
Mainly because the connection from your RPC wallet to monerod is more stable. Connections to onion services are sometimes flaky, hence the recommendation configure 3-5
If a service is accessible via .onion address, you remain in the Tor network. Clearnet addresses leave via Tor exits into the clearnet.
Yes. Haveno-Dex is the code for stagenet. If you want to run a mainnet you can fork it and follow the mainnet or deployment guide. Practically anyone can do it, the reto arbs did it the night woodser released the code for mainnet.
doesn’t the recommendation to ban spy nodes only apply to public node operators (they need to add -ban-list=/home/monero/ban_list.txt)
If I have monerod, doesn’t that mean I have to download and store the whole Monero blockain (~200GB) on my computer?
What is privacy tradeoff of connecting via clearnet or not? My IP is hidden in both cases
I’ve also finished setting up the RetoSwap guide on the Whonix wiki. It could still use more info, like the signature verification, and the adding custom nodes. Some changes from your guide I made were:
/var/lib/tor/haveno/ instead of /var/lib/tor/haveno_service/ (simpler and less likely to cause typos with the underscore)./home/user/.local/share/Haveno-reto/haveno.properties (it’s easier for beginner users not to use launch arguments, and this way it works no matter how you launch RetoSwap).It wouldn’t have been possible without your help, so thank you!
thank you!
Especially from your wallet’s monerod you don’t want connect to nodes of Chainalysis
Yes, or pruned blockchain is approx. 1/3 of it.
Note: Different HiddenServices should be created in different HiddenService directories, e.g: (Of course, adjust localhost IP for Whonix or Qubes.)
# Haveno incoming anonymity connections
HiddenServiceDir /var/lib/tor/haveno/
HiddenServicePort 9999 127.0.0.1:9999
# Monero incoming P2P anonymity connections
HiddenServiceDir /var/lib/tor/monero-node/
HiddenServicePort 18083 127.0.0.1:18083
# Monero incoming RPC anonymity connections
HiddenServiceDir /var/lib/tor/monero-service/
HiddenServicePort 18081 127.0.0.1:18081
Why leave the darknet when you’re already in it? Besides, there aren’t many Tor exits left that have a policy as free as mine and allow almost all ports. (Monero RPC port is mostly 18081 or 18089)
I entered a mix of DNS and .onion addresses from my nodes.
Hint:
--xmrNode=<value> [--xmrNodeUsername=<value> --xmrNodePassword=<value>]
disables automatic switching. Preferred for your monerod on localhost or localnet.
--xmrNodes=<ip[,...]>
Custom nodes used for Monero as comma separated IP, DNS, .onion addresses. Preferred for users who don’t want to use the built-in remote nodes and want custom remote nodes.
I’ve now shortened it to the essentials. It’s important to load the reto public key from the right site and check the fingerprint. And then verify the installation file with signatures.
Signing and trusting with your own key is not absolutely necessary. This is an advanced task for which GnuPG and Whonix docu are available.
You can usually leave out the default, even for SSH and HTTP commands. In Docu you usually specify the required cmdline. A user may be using port 9999 for something else or may want to install Haveno multiple times.
The entire folder ~/.local/share/Haveno-reto/ does not exist during the first installation
Yes, I have to write the docu twice, separately for each project. And a new Haveno mainnet can also emerge at any time.
Using Haveno DirectBindTor means that users can use all default Whonix tools. (on Gateway)
Anon Connection Wizard not Haveno AppStupidly written (Sorry, don’t speak EN natively)
Using this nodes (Whonix uses Tor by default) and if you have --xmrNodes=<IP,DNS,.onion> use this/your nodelist.