Lumo – A Node JS server that allows you to host a semi transparent and auditable Monero (XMR) wallet for donation and charity purposes.

Hey all, I'm re-posting this from my original post of it here: https://www.reddit.com/r/Monero/comments/10j8pdf/update_merchant_a_foss_desktop_point_of_sale_app/. Not sure if it went overlooked among the other updates but I really didn't receive any thoughts, feedback, opinions, security concerns, etc etc about it in that post. Maybe I should've just made a standalone post for it? Anyways, this shall be it's standalone post


Preface

Inspired by this post here: https://old.reddit.com/r/Monero/comments/100kkbu/creating_a_totally_public_view_only_xmr_wallet/. OP was asking:

Hello everyone, I’m asking this question here because I haven’t found the answer nowhere else.

So, what I need to do is create a XMR address that’s open and verifiable by anyone. Just like a Bitcoin address would be. The idea would be to have something like a fundraising and all the donations would be XMR donations. The thing is: I want everybody to be able to verify the already donated amount.

I’ve read about view-only wallets generated in the GUI wallet but I couldn’t find information on sharing this view only wallet to everybody else.

Is it possible? If so, how could I do it?

Thanks.

I read the comments and understand the difference between view only wallets, private view keys, etc etc. But you have to send whoever that information and explain to them how to verify said information on a block explorer. For many "normie" people, they ain't got any time for that. They just want a quick way to verify that their donation was received. So, how could this be achieved in a user friendly way? Well, I was off to the races in my weekend downtime from developing Kasejo to see what is and isn't possible. This is what I came up with:

Lumo

Lumo (loo-mo) , Esperanto for "Light", is a Node JS server that allows you to self host a semi transparent and auditable Monero (XMR) wallet for donation and charity purposes. It was created as a way to bridge transparency with Monero's unique privacy features. The use case is if you would like to accept Monero donations transparently while still providing your donors with privacy. This allows donors to verify their donation(s) and amount(s) easily in an anonymous way online. It also allows donors to monitor funds in and out (there is a caveat to the out transactions though. See the limitations section below).

Think of it as turning a Monero wallet into a Bitcoin-esque wallet that is viewable on a blockchain explorer, albeit yours is self-hosted and done voluntarily. All of this is achieved while donor/receiver information is still kept private. Got to love Monero!

Screen shots


Features

  • Standalone Node JS server for hosting a public semi auditable Monero wallet
  • Easy install
  • Choose your own node
  • Your keys, your coins. No third parties.
  • Full featured front end baked in for plug and play (you can turn it off though for just API)
  • API baked in so if you wish to use the API with another front end technology you can
    • type: 'GET',
    • wallet: '/api/wallet',
    • walletProof: '/api/wallet/proof',
    • transaction: '/api/transaction/:hash',
    • transactionProof: '/api/transaction/proof/:hash',
    • node: '/api/node',
    • price: '/api/price'
  • Allow donors to quickly and easily verify their donations
  • Volunteer yourself to be transparent in donations you receive and the proportions of inputs and outputs
  • Display current price in which ever currency you wish to display
  • Help spread awareness and adoption of Monero
  • More to come!

Technologies

  • bootstrap
  • bootstrap-icons
  • cors
  • ejs
  • express
  • monero-javascript
  • qrcode

Limitations

Due to Monero's rock solid security and unique privacy features, the output amounts of the lumo wallet cannot be 100% trustless. Some trust is involved believing that the API is telling the donors or whoever is viewing the truth about the amounts being spent. The wallet owning the transaction can be proven but the amounts technically cannot nor can a receiver address be obtained. For more information about this, please read the following below:

Spend Proof

If you see a string beginning with "SpendProofV1", this means that the transaction private key (txkey) was not available. This could be because you had made the transaction from a different wallet. If you don't preserve knowledge of a txkey after making a transaction, it is lost forever and cannot be recovered by scanning the blockchain. It also means you will be unable to recover the per-output shared secret for the output sent to the other person in the transaction.

The SpendProofV1 string contains a second, newly created ring signature that proves exactly the same input ownership again, but using different random initialization data. Only someone that owned the inputs of the transaction would be able to create this second valid ring signature. That is all the SpendProofV1 string contains. There is no key derivation communicated, because it is unknown by the wallet in this scenario.

Since the ring signature(s) in the SpendProofV1 string will be valid for one of the transactions on the blockchain, it would be possible to identify the transaction from this SpendProofV1 string.

Source & Credit: https://monero.stackexchange.com/a/8131


Disclaimer

This is experimental software and should be considered as a proof-of-concept. It creates a full mirror of your Monero wallet and displays certain aspects to the public. This means that after wallet creation it can technically be used to send, receive, view transaction in and out, etc etc. Lumo itself only retrieves specific wallet information (balances and transactions) and outputs it to the built in API. However, a bad actor with access, could manipulate the code to spend funds. While it does work on mainnet, it is highly advised as of now to use stagenet for testing purposes. To mitigate risk, Lumo requires the password you set at install to unlock the wallet file every time you run it. Therefore, if someone did alter code they would need the password to re-run the app. So make your password a strong one. There will also most likely be bugs so please notify me of them. Once testing period is done we can hopefully transition to mainnet!

With that explained, use it at your own risk.

License

This project is licensed under MIT.


If you made it through the whole post then thank you for your time! I'm really looking forward to hearing the community's thoughts, opinions and feedback. Also, if you have any ideas for features to include then feel free to let me know!

As I've stated, lumo should be considered experimental software and a proof of concept only to be used on stagenet for now (If you need stagenet moneroj, send me your stagenet address and I'll send you some for testing). I created it to give a better user experience in verifying transactions for donation/charity purposes and to open the door for people who think Monero is a scary thing only criminals use.

It's not, it's digital money plain and simple! Monero can be transparent however the ethos is it should be done voluntarily. Privacy by default, transparent by choice. Hence, lumo (you turn on the light)! The UX should also be friendly and not intimidating for newcomers.

If you do decide to test the code, please be sure to let me know of any bugs. I'd also love to hear thoughts, opinions, feedback, and security/vulnerability concerns with hosting something like this on mainnet. I tried my best to mitigate certain risks, but I do not know what I do not know. Let me know!

If you find any of this beneficial, useful and/or educational then please consider donating Monero to the address below. All donations will go to continued development and funding of the Rezisto ecosystem (https://git.rezisto.net/).

  • qr code
  • 86DgQQ12SJk26rnK5LPv9cfdmQwxDCkYXTN9ff7refGSSottZnR3tjk2bhVymtzmnq6hFheeWy22pePnxdNfB26nQH6oLbk

submitted by /u/Ora_pro_vivis
[link] [comments]

Leave a Reply

Your email address will not be published. Required fields are marked *