hetzlemmingsworld1d ago

Haveno had serious exploit allowing XMR theft

https://lemmings.world/post/45956396

Haveno had serious exploit allowing XMR theft - Lemmings.world

> A live instance of the Haveno software (RetoSwap) is effected. Details of the exploit from Haveno dev woodser are as follows: “when the attacker took a trade, they sent a fake, out-of-order ACK message impersonating the arbitrator, causing the software to update the arbitrator’s node address to their own, allowing them to create a compromised multisig wallet before funds were deposited. preventing this is straight forward, by checking that the multisig wallet is already created before updating the arbitrator’s address: https://github.com/haveno-dex/haveno/pull/2315 [https://github.com/haveno-dex/haveno/pull/2315]”. > > It’s not yet clear exactly how much Monero has been stolen. Haveno network operators are strongly advised to halt trading which RetoSwap has done. https://www.reddit.com/r/Monero/comments/1tijw6z/psa_haveno_tradeprotocol_exploit/ [https://www.reddit.com/r/Monero/comments/1tijw6z/psa_haveno_tradeprotocol_exploit/] https://www.reddit.com/r/Monero/comments/1tibqin/retoswap_haveno_exploit/ [https://www.reddit.com/r/Monero/comments/1tibqin/retoswap_haveno_exploit/]

Arnold NakamuraMar 16

The P2P XMR ecosystem is more resilient than ever. After LocalMonero/AgoraDesk shut down (2024), decentralized alternatives filled the gap:

→ Haveno DEX: RetosSwap ($2M/month, 2-of-3 multisig) + DawnSwap (5% deposits, 24/7 arbitration)
→ XMRBazaar: 11,000+ listings, zero fees
→ OpenMonero: 0% fees, CBM + F2F

No single point of failure. Each shutdown just pushed traders toward better, more decentralized infrastructure.

#Monero #XMR #P2P #Haveno #Privacy

Arnold NakamuraMar 16

New academic research (arxiv 2505.02392v3) shows BTC↔XMR Haveno trades can be fingerprinted on-chain. 3-transaction pattern detected in 75% of test trades.

But EUR↔XMR Cash by Mail? No second blockchain. No cross-chain pattern. Just cash in an envelope and Monero in your wallet.

CBM is the most private fiat↔XMR method. #Monero #XMR #Privacy #Haveno #CashByMail #Research

Arnold NakamuraMar 16

Why I trade on Haveno DEX instead of centralized exchanges:

• No KYC — no ID upload, no selfie, no SSN
• 2-of-3 multisig — neither party can steal funds alone
• No custodial risk — your keys, your coins (no FTX repeat)
• Arbitrator resolves disputes, not a corporation

RetosSwap: $2M/month volume, 15% deposits
DawnSwap: 5% deposits, 24/7 arbitration

The trade-off? 5-15% premium over spot. That's the price of financial sovereignty.

#Monero #XMR #Haveno #P2P #DeFi #Privacy

Tarnkappe.infoOct 17, 2025
📬 Wo kann man anonym Kryptowährungen kaufen?
#Krypto #Azteco #bisq #CryptoVoucher #Eneba #Haveno #Kinguin #voltacxcom https://sc.tarnkappe.info/c2d453
Wo kann man anonym Kryptowährungen kaufen?

Die Handelsplattformen mussten die Coins mit Fokus auf Datenschutz aus ihrem Portfolio entfernen. Wo kann man anonym Kryptowährungen kaufen?

TARNKAPPE.INFO
CyphafunkMay 19, 2025

Put Your Money on Me | Sticker

https://xmrbazaar.com/user/cyphafunk4rt

#monero #xmr #circulareconomy #defi #haveno #privacytools #untraceable #fungibility #optout #p2p #selfcustody #crypto #cryptocurrency #decentralized #privacy #security #opensource #sticker #acycleofamazingchanges #mastodonart #illustration #digitalArt #art #cartoon #anime #comic #manga #creativetoots #mastoart

Tor project Offical T-shirt | XmrBazaar

Shop with Monero: Sell Tor Project t‑shirts to contributors. I contributed multiple Tor nodes and am eligible to receive a Tor Project ...

hetzlemmingsworldApr 29, 2025

What if Haveno trading partner sends different payment currency?

https://lemmings.world/post/25200783

What if Haveno trading partner sends different payment currency? - Lemmings.world

My bank as many others charging high currency conversion fees of several % of the automatically converted amount. What if trading partner refusing to send additional payment worth 3% of the previously sent amount to cover his mistake? What can be a likely outcome for me of yours recommended action? Thank you

CyphafunkApr 3, 2025

Air-Gapped Guitar | Sticker

https://xmrbazaar.com/user/cyphafunk4rt

#monero #circulareconomy #xmr #moneromarket #xmrbazaar #haveno #privacytools #defi #untraceable #fungibility #optout #p2p #selfcustody #crypto #cryptocurrency #decentralized #privacy #security #opensource #sticker #airguitar #mastodonart #illustration #digitalArt #art #cartoon #anime #comic #manga #creativetoots #mastoart

Tor project Offical T-shirt | XmrBazaar

Shop with Monero: Sell Tor Project t‑shirts to contributors. I contributed multiple Tor nodes and am eligible to receive a Tor Project ...

CyphafunkMar 19, 2025

Full of Spice | Sticker

https://cyphafunk.printify.me/products

#monero #xmr #haveno #defi #untraceable #fungibility #optout #p2p #selfcustody #crypto #cryptocurrency #decentralized #privacy #security #opensource #sticker #maraca #mastodonart #illustration #digitalArt #art #cartoon #anime #comic #manga #creativetoots #mastoart

Discover Our Exclusive Range at Cyphafunk

Store of Cyphafunk.

Store of Cyphafunk.
hetzlemmingsworldFeb 24, 2025

Haveno/RetoSwap: Received bank transfer from a different account. What to do?

https://lemmings.world/post/21515621

Haveno/RetoSwap: Received bank transfer from a different account. What to do? - Lemmings.world

Hello, for example other trade party sent me SEPA bank transfer in correct amount, maybe even mentioning their name in a transfer note (matching their name in RetoSwap trade details), but the sending account number is different from what they have in RetoSwap. Please kindly tell me what to do, all the cases and how to handle these cases and ideally why? For example I can copy paste the transfer detail to the chat and ask the trade party if this transfer is theirs. And if they confirm, I can mark the money as received assuming it causes no risk for me. But what if the party does not respond and the allowed trade time-frame expires?