https://xmrhost.io/notes Long-form essays, post-incident write-ups, and threat-model deep dives from the XMRHost operator. RFC-cited, code-block-heavy, technical-cypherpunk register. en-us Wed, 06 May 2026 00:00:00 GMT xmrhost-rss/1 https://xmrhost.io/notes/matrix-homeserver-threat-model https://xmrhost.io/notes/matrix-homeserver-threat-model Wed, 06 May 2026 00:00:00 GMT A walk-through of the threat model for a self-hosted Synapse / Dendrite / Conduit homeserver: who you are protecting against, what they can actually do at the federation layer, the registration-spam economy that nobody warned you about, the AS-level interception risk for federation traffic, and the operational controls (registration policies, federation allow-lists, room-version pinning, per-room access-token rotation) that meaningfully change the attacker's surface. Synapse-flavoured but the threat model applies to any homeserver implementation. matrix synapse federation threat-model hardening https://xmrhost.io/notes/monero-subaddresses-for-hosting https://xmrhost.io/notes/monero-subaddresses-for-hosting Sun, 03 May 2026 00:00:00 GMT A primer on the subaddress mechanism (BIP44-equivalent wallet hierarchy plus stealth addresses), the practical wallet workflows for receiving recurring payments, the view-key transparency story for refunds, and the operational gotchas — sweep behaviour, output-set sizes, and the kinds of mistakes that turn an unlinkable receiving address into a correlation marker. Aimed at anyone building a Monero-only payment surface for a subscription product. monero wallets payments privacy subaddresses https://xmrhost.io/notes/lokinet-exits-and-oxen-staking https://xmrhost.io/notes/lokinet-exits-and-oxen-staking Sun, 26 Apr 2026 00:00:00 GMT Lokinet differs from Tor and I2P in one structural way: every routing node also stakes Oxen. Operating a Lokinet exit therefore is simultaneously a hosting decision, a staking decision, and a uptime-SLA decision — drop the staking, drop the node. This note covers the wallet workflow for the staking transaction, the `oxenmq` configuration for the service node, the exit-mode pieces specific to Lokinet (vs being a regular routing-only service node), and the operational discipline that keeps the stake intact. lokinet oxen vps exit staking https://xmrhost.io/notes/i2p-floodfill-vs-router https://xmrhost.io/notes/i2p-floodfill-vs-router Sun, 19 Apr 2026 00:00:00 GMT The two distinct things you can run on an I2P-capable VPS are a regular *router* (carries other people's tunnels) and a *floodfill* (additionally participates in the network database). Both are useful contributions; the trade-offs are not the same. This note walks through the i2pd configuration for each role, the bandwidth-share decision, the firewall posture, the reseed-server question, and the systemd / monitoring shape that lets you forget the box is running until something actually goes wrong. i2p vps i2pd hardening monitoring https://xmrhost.io/notes/tor-relay-on-offshore-vps https://xmrhost.io/notes/tor-relay-on-offshore-vps Sun, 12 Apr 2026 00:00:00 GMT A walk-through of what it takes to run a non-exit middle relay, then a reduced-exit relay, on a Monero-paid offshore VPS. Covers the hardened `torrc`, the systemd unit, sysctl tuning for the network stack, the ContactInfo / MyFamily fields the directory authorities will look at, and the abuse-handling mailbox that keeps the upstream provider from null-routing you in week three. RFC- and Tor-spec-cited; assumes you already know what `iptables -A` does. tor vps hardening iceland abuse-handling