-
Notifications
You must be signed in to change notification settings - Fork 155
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add toggle for disabling service bulletin #1347
Conversation
Note that this is a privacy leak (calling home), and is specific to cakes node. The info being served has nothing to do with me, my node, or any other remote nodes i may be using. its a "service status" that monitors the status if cakes nodes. as such, it should only apply to cake nodes, and opt-in, and at that point.. its overengineering. A solution in search of a problem. i don't see a need to call home no an unrelated server, to do a connectivity check in the node. App not syncing reliably? Show a popup and tell user to switch node. = generic connectivity tests that can work for all nodes, and can enable "favorite"/"auto select". calling home putting toxic makeup on a pic. Nothing good comes from it. its also the same reason monero.com didnt get listen on getmonero.org, and what instigated a 400k hostile takeover attempt of the domain. tldr: calling home is not a feature or a solution for connectivity checks |
This is a general bulletin board. This isn't JUST for info about cake nodes. There has been various service changes recently and the matter of the fact is that most users who don't know to check the status pages for service information, and will instead open a support ticket for ANY service related issue and support gets flooded very quickly, like when our XMR nodes are down. We added this as an attempt to notify users in the app of various service changes, like our nodes being down, but also for other things like our fiat API being updated, or being down aswell (which happened recently). This is no different than us providing other first party connections like or fiat API, and isn't just for node status. Another example is recently an exchange provider was down and people were having trouble getting price estimates due to the service taking forever to time out. Stuff like this. There was an oversight adding this service status feature where there should have already been a way to disable it before we added it, so I am doing that now, as you can see. Being on by default is same for fiat API and connection to cake node, which are first party services, but can all be disabled before a connection is even made. With that being said, IIRC a node connection popup was already considered, but I'll check to see |
If im not using your node or fiat api, i dont need a fkn service.cakewallet.com connection
Opt in
very different. Fiar api is a tool (but without historical pricing, not a very good one).
i have exchanges disabled. Fiat either disabled or tor only. Markets disabled. Even cakepay wouldnt make any connections unless you used a service. Why is cake literally calling home to tell users info they dont care about? this is totally wrong, tux. User has tor fiat apt + local node? Why is this checking over clearnet? And why is it checking cakes node status? user has fiat disabled + local node + exchanges over clearnet.
no, the oversight was being lazy and adding a call home instead of a local, non centralized check
First party, third party, whatever. Those are both external services. This feature isnt a service, its a tracker of services, and again again again, it can be done PROPERLY, internally, where jt works for all nodes, and smartly for cake services. also, is this garbage in the privacy policy?
Thats what i said about why monero.com is still not listed on getmonero. Fiat api was clearnet, and couldnt be disabled. have node issues? Did feather add some bs call home to tobby feature? No. He added more community nodes and has feather use them in a smart manner.
|
Well I will once again refer to the node issue, for several days from a week ago, pretty much all the nodes in our list were unusable and simply "adding more" wouldn't necessarily help, most public nodes were struggling to keep up, only private/small ones were working well with the exception of a few. (And we have a lot listed already). Adding some more nodes is something that can be looked into, but we don't want to just start adding nodes willy-nilly, that is also a security/privacy concern, we only want ones that are run by known good parties, and ones who are accepting of us adding our node to the list in the wallet. And besides that, the issue wasn't just with our nodes specifically, it was also because of monerod due to the P2P traffic. Connection checks is something we can probably improve, especially once we release our own Tor implementation coming out soon (Since the needed response time for clearnet vs tor is vastly different). However we have to be very careful with any auto node selection (in the case of an "auto-switch") because our infrastructure is massive and our userbase could easily DDOS a single one of the extra nodes. A popup after said time of stuck connecting or "attempting sync" may be reasonable, with pressing "OK" just simply goes to the node list, OR selects a random node already in the list (would be bad if every user selected the 2nd node on the list if our infrastructure is down again). And of course if an entire network is having problem with slowness or high fees (Like how Solana was literally down for hours a couple months ago) that's entirely out of our control, and this is where something like the bulletin board is helpful. Support gets absolutely flooded with tickets because of issues like this which makes it hard to provide good support, and support and user-friendliness is one of the main reasons it makes our app great. Will add an onion for the bulletin board status also. (Of course if you are using Orbot normally in the the VPN mode it won't go "outside of Tor" but will connect over clearnet through Tor) With that being said I will formally apologize on behalf of the team, for the addition of this feature without a way to turn it off, as that was a very bad oversight on our part, and I totally understand your frustration with that. |
its a security and 0 conf concern if users are, by default, all using the same node.
Feather added a few
p2p traffic slows down nodes proportionally, but it is rpc traffic that kills them.
Hence, favorites. I wouldnt be autoswitching to cakes nodes.
aka manual/prompt mode
again, auto + favorites vs manual prompt
and i nuanced it more than that :)
solana is a bad example. They literally turn off their blockchain repeatedly. monero has has 0 downtime and public nodes were under attack.
Right. So implement a solution that is better than "try again later" (see: auto select)
|
@OmarHatem28 remove this feature or ill ensure cake is ptomptly removed from getmonero 💯 |
The majority of the space is unaware. |
Not happening. 4.15.3 you can disable it. EDIT: We're already adding a settings migration for users who have Fiat API disabled will have bulletin disabled also. Literally nothing to be upset about anymore |
👌 bye |
No description provided.