TOR hidden service address leakage - poses danger?

I’ve recently sent my TOR hidden service address accidentally to someone instead of the slatepack address, is this safe or do I need to perform some action?

This is the output of grin 5 wallet listen:

20210112 14:06:56.297 WARN grin_wallet_controller::controller - Starting TOR Hidden Service for API listener at address 52ux.....wsqd, binding to 127.0.0.1:3415
20210112 14:06:58.736 WARN grin_wallet_controller::controller - Starting HTTP Foreign listener API server at 127.0.0.1:3415.
20210112 14:06:58.736 WARN grin_wallet_controller::controller - HTTP Foreign listener started.
20210112 14:06:58.736 WARN grin_wallet_controller::controller - Slatepack Address is: grin1a65.....9qv5ft0h

So I’ve sent the person 52ux.....wsqd instead of grin1a65.....9qv5ft0h. Thank you! :slight_smile:

Not a problem. Anyone can derive the plain Tor address from your grin address - it has to be possible, otherwise wallets won’t know how to reach you over Tor.

We use the grin1... addresses instead of v3 tor addresses in order to include a public key so that the sender can encrypt the slates he exchanges with you (either via slatepack text or via tor). Only you are able to decrypt the slates and see the details of the transaction, incl. amount and outputs used.

So the transaction slates weren’t encrypted, and you do want them to be, but it’s not as bad as you initially thought. It doesn’t make the sender know more about you.

6 Likes