Monero and Whonix 15.0.1.5.1 bug (possibly actually non-bug)
Upgraded to 0.17.1.4 just now.
Upgraded to 0.17.1.6 just now.
Upgraded to 0.17.1.7 just now.
Upgraded to 0.17.1.9 just now.
1 Like
Upgraded to 0.17.2.1 just now.
2 Likes
monero-gui directly stored binaries in git is awful since git cloning over Tor (even just the current revision without history) times out when cloning from gitlab.
(And github rejects the repository size.)
du -sh usr/bin/*
16M usr/bin/monero-blockchain-ancestry
14M usr/bin/monero-blockchain-depth
14M usr/bin/monero-blockchain-export
14M usr/bin/monero-blockchain-import
11M usr/bin/monero-blockchain-mark-spent-outputs
14M usr/bin/monero-blockchain-prune
14M usr/bin/monero-blockchain-prune-known-spent-data
14M usr/bin/monero-blockchain-stats
14M usr/bin/monero-blockchain-usage
25M usr/bin/monerod
9.5M usr/bin/monero-gen-ssl-cert
31M usr/bin/monero-gen-trusted-multisig
32M usr/bin/monero-wallet-cli
107M usr/bin/monero-wallet-gui
4.0K usr/bin/monero-wallet-gui.AppImage
33M usr/bin/monero-wallet-rpc
Even if just shipping the compressed file would be too much.
121M monero-gui-linux-x64-v0.17.2.1.tar.bz2
If monero-gui was removed from source folder ~/Whonix/packages/monero-gui, it would be no longer installed by default inside Whonix, also bad.
Whonix builds using Whonixâs build script could build using Whonix binary APT repository but that wouldnât be a real build from Whonix source code where Whonix Debian packages are build from and installed from source. Seems awful to change the Whonix build design just for that.
A build script command line option --monero-gui true|false would be feasible but that would also be very messy.
âIf you want monero-gui, you additionally need to clone that repository. That will probably only work if cloning over clearnet. Otherwise your build will differ from original build. Oh, and after the build youâre also free to install the binary package from Whonix repository.â Messy.
Keeping monero-gui pre-installed is pretty important.
git LFS perhaps? Not free on github. And a 1 GB quota for downloads per month is nothing. Paying per GB would be a DOS opportunity.
gitlab has 10 GB for LFS but thatâs also not much.
git LFS is in Debian.
Self-hosting a git LFS server seems overkill. That would add all the complexities of git LFS + a git LFS server. Instead, it might be easier to install a simple git server on whonix.org. Not a fully featued gitlab CE. Perhaps something simpler such as gitweb.
Then git clone over Tor wouldnât be blocked obviously and no timeouts.
Existing git locations (gitlab, github) would be kept but when git cloning Whonix, it would be by default cloned from whonix.org.
(pull requests would still be welcome on gitlab, github. No changes. This isnât an issue since git is federated.)
Perhaps gitweb.
1 Like
Anonymous edit Monero: Difference between revisions - Whonix
Advanced {{q_project_name}} users can investigate [monero-site/_i18n/ar/resources/user-guides/wallet_daemon_isolation_qubes_whonix.md at 6c25a8714b5f7c3863e91dac3fe48472c6b4b253 ¡ 0xB44EFD8751077F97/monero-site ¡ GitHub Wallet/Daemon Isolation]. In this configuration the Monero wallet does not have a network connection and is run on system that is virtually isolated from the daemon, which has all its traffic routed over Tor. This is untested by {{project_name}} maintainers.
Qubes gives the flexibility to easily create separate VMs for different purposes. First you will create a Whonix workstation for the daemon which will use a Whonix gateway for networking. Next, another Whonix workstation for the wallet with no connection to the network. For communication between the wallet and daemon you can make use of Qubes qrexec.
+
+
This is safer than other approaches which route the walletâs rpc over a Tor hidden service, or that use physical isolation but still have networking to connect to the daemon. In this way you donât need any network connection on the wallet, you preserve resources of the Tor network, and you incur less latency.
I am not sure that is correct:
In this configuration the Monero wallet does not have a network connection and is run on system that is virtually isolated from the daemon, which has all its traffic routed over Tor.
For communication between the wallet and daemon you can make use of Qubes
qrexec.
That qrexec connection is as good as a network connection. Different from a split (offline + watch-only) wallet Contents/docs/security/split-bitcoin.md at master ¡ Qubes-Community/Contents ¡ GitHub
Found that on the qubes-os forum where users talk about using it and it working.
Also - we already mention that link in the Intro on that wiki page. So if itâs wrong, it should be removed from both sections.
Personally I donât put much faith in cryptocoin vaporware, so I donât mind either way.
1 Like
Alright. Too complex to get into as a sideline. Could you remove both mentions please?
Fixed.
1 Like
Advanced [[Qubes]] users could look into [CLI Wallet/Daemon Isolation with Qubes + Whonix | Monero - secure, private, untraceable CLI Wallet/Daemon Isolation with Qubes + {{project_name}}]
â
[Redirecting to Google Groups qubes-users - Guide: Monero wallet/daemon isolation w/qubes+whonix]â
Or we could keep this as an honorable mention, let advanced users look into it but otherwise stay out of it since complex, unspecific to Whonix?
Was 0.17.2.3 previously. (Forgot to post.)
Upgraded to 0.17.3.0 just now.
Dependencies issues according to ticket creator.
1 Like
Answered in above ticket.
1 Like