An easier way to receive grins

The biggest struggle for non-techie users of Grin has always been the need to setup port forwarding in order to receive via http(s).

The fix, released in grin-wallet 3.0.0 and Grin++ 0.7.x, is to use TOR addresses, which don’t require trusting a centralized service or configuring routers, and don’t leak your IP addresses to the sender or the proxy. Hopefully, exchanges and mining pools will support this as the default payment method soon, but this hasn’t happened yet.

As a stopgap measure, I’ve setup a server to allow any wallet that supports TOR to receive via https. This currently means Grin++ and grin-wallet, but I expect others to support it as well. The service is simple to use, just start your wallet listener (on grin-wallet), or login (on Grin++), and retrieve your tor address. Then just simply have exchanges/mining pools send to:

https://<your_tor_address>.grinplusplus.com

For example, when I login to Grin++ and go to “Receive”, I see that my tor address is 3ngg5chiucyvjxaymy46fypqbr3nfskj2lluygnz6hqys5lwxrcpqzad. Without taking any additional steps, I can have exchanges & pools send to https://3ngg5chiucyvjxaymy46fypqbr3nfskj2lluygnz6hqys5lwxrcpqzad.grinplusplus.com, and I’ll receive my funds via TOR. Similarly, for grin-wallet, I can run grin-wallet listen, retrieve my TOR address, and receive the same way.

These addresses are now permanent, and do not regenerate every few hours like ngrok, localtunnel, and hedwig, making them perfect for long-running listeners as required by many mining pools.

Caution: Just as with ngrok, hedwig, and locatunnel, use of this service requires trusting that the server will not steal coins you are trying to receive. I host the service myself, which means trusting that I keep it secure, which I will work hard to do. Fortunately, this is just a temporary stopgap, and can be done away with once everyone starts supporting TOR.

Caution 2: The server also receives enough data to rebuild the transaction graph, and identify which IP addresses are sending to which tor addresses. I do not log this data, but there’s no way for you to verify that, so you must trust the service to not log or leak that info.

8 Likes

This method is good, but it is still expected that the exchange can directly support TOR.

No, it’s precisely for the case where an exchange does not support tor. It’s for when your wallet supports receiving via tor, but the exchange only supports sending via https

Since @David mentioned this option to me a few days ago, I switched to using this and thus completely eliminating the need for exchanges to receive my mining pool payouts – it now goes directly to my Grin++ wallet. Have had 100% success using this method over 5 payments now.

Thanks @David.

5 Likes