The biggest struggle for non-techie users of Grin has always been the need to setup port forwarding in order to receive via http(s).
The fix, released in grin-wallet 3.0.0 and Grin++ 0.7.x, is to use TOR addresses, which don’t require trusting a centralized service or configuring routers, and don’t leak your IP addresses to the sender or the proxy. Hopefully, exchanges and mining pools will support this as the default payment method soon, but this hasn’t happened yet.
As a stopgap measure, I’ve setup a server to allow any wallet that supports TOR to receive via https. This currently means Grin++ and grin-wallet, but I expect others to support it as well. The service is simple to use, just start your wallet listener (on grin-wallet), or login (on Grin++), and retrieve your tor address. Then just simply have exchanges/mining pools send to:
For example, when I login to Grin++ and go to “Receive”, I see that my tor address is 3ngg5chiucyvjxaymy46fypqbr3nfskj2lluygnz6hqys5lwxrcpqzad. Without taking any additional steps, I can have exchanges & pools send to
https://3ngg5chiucyvjxaymy46fypqbr3nfskj2lluygnz6hqys5lwxrcpqzad.grinplusplus.com, and I’ll receive my funds via TOR. Similarly, for grin-wallet, I can run
grin-wallet listen, retrieve my TOR address, and receive the same way.
These addresses are now permanent, and do not regenerate every few hours like ngrok, localtunnel, and hedwig, making them perfect for long-running listeners as required by many mining pools.
Caution: Just as with ngrok, hedwig, and locatunnel, use of this service requires trusting that the server will not steal coins you are trying to receive. I host the service myself, which means trusting that I keep it secure, which I will work hard to do. Fortunately, this is just a temporary stopgap, and can be done away with once everyone starts supporting TOR.
Caution 2: The server also receives enough data to rebuild the transaction graph, and identify which IP addresses are sending to which tor addresses. I do not log this data, but there’s no way for you to verify that, so you must trust the service to not log or leak that info.