AgoraDesk Overview C- : Monero Exchanger Assessment Pt. 1

Monero Exchange Jan 13, 2021

This is a large website that allows users to exchange cryptocurrencies via p2p transfers. In a lot of ways the mode of operation is really similar to what you can expect from a " darkweb" site.

Picture of the site (at the time of writing) can be found below:

At first glance, it really gives you a 'LiveBitcoins' feel, which could be considered good or bad by some.

In the screenshot above, its made explicitly clear in the first offer that there is "No ID required" to purchase the available.

Things like this (as well as the website's advertising) lean me in the direction of saying, 'This one might be worth a skip' for all those that are considering it.

That's not to say that there's something inherently untrustworthy about the site or its operators directly, but advertising that you don't do KYC is practically screaming for punitive measures to be taken by law enforcement (typically federal), sooner or later [and I mean  screaming at the top of one's lungs].

Another Negative: You Have to Trust AgoraDesk

This isn't stated explicitly anywhere on the site, but this is implicit via the introduction of an 'escrow' program  (also makes the website that much more likely to get shutdown at some point in the near future; by hosting an escrow on theiur site, they're directly facilitating the avoidance of KYC / AML laws).

Specifically, the text above states:

"All online trades are protected by escrow. When a trade is started the  amount of cryptocurrency for the trade is automatically reserved from  the relevant user's AgoraDesk Wallet. This means that if that user runs  away with your money and doesn't release your coins AgoraDesk staff can  release the coins to you from escrow. If you're selling cryptocurrency,  never release the escrow before you know that you've received the  payment. Please note, that local trades do not have escrow enabled by  default."

While the terms above are commendable (and we should encourage platforms to take measures to protect users however possible), this does put the user's fate squarely in the hands of AgoraDesk.

So, if AgoraDesk were to pull an "exit scam", then all user funds that were in escrow would effectively be gone as well.

This is not to state that this will happen or that there is even a likelihood of such, but we can't dictate the future and we certainly should trust no one over the internet, so a default position of paranoia will serve us well.

Let's assume that they will run an exit scam at some point in the future (also accompanied with the implicit assumption that the Feds aren't going to kick down their doors, making the continued functioning of their site untenable - essentially rendering the same result of inaccessible funds).

Word of Warning About Using Wallets on the Platform

This is not due to the nature of the platform, but the wallet implementation itself.

Specifically, they state:

"If you purchase cryptocurrency using AgoraDesk, the coins will  appear in your AgoraDesk Wallet. From there you can easily send them to  other addresses of that cryptocurrency. To use your AgoraDesk Wallet go  to the wallet page, open the relevant cryptocurrency, enter the receiving address,amount and confirm by entering your password."

There are a few additional risks that are created here:

  1. Based on the way that this setup is designed, it is assumed that AgoraDesk's servers / databases are keeping track of users' credits & debits on the platform. Again, if AgoraDesk were to be hacked / compromised / leaked etc., then that information would be liable to be "leaked"
  2. Comingling a bunch of different cryptocurrencies under one account in one wallet maximizes the chances of being positively identified / fingerprinted in a more comprehensive way than perhaps ever before. Again, if this information were to leak, then its very possible that all transfers a user has made with any to all of the cryptocurrencies that they also created wallets for could ultimately be traced from their source to their destination with trivial ease (even if the funds were swapped for others)

Shutdown Risk: Very High

Disclaimer: It has Monero on it (which puts it on the radar by default ; we know that the gov't is honing in on Monero very specifically and actively looking for a service provider with the capability of tracking Monero on the blockchain) ; to be honest, even if there were some sort of algorithm to de-mask Monero transactions, I doubt that it could be done in such a comprehensive manner to where it would be as easy to track Monero TXs as it would Bitcoin -- especially if someone were swapping from one currency to another with Monero (in theory, it would be wise for someone to utilize multiple intracurrency transfers - like from Monero to XEM / LTC / BCH ; then mix those back in to an exchange & back out elsewhere)

The domain of the website is on a '.com', which means that the registrar is an American provider ; so whatever information was given to that registrar when they initially signed up for the domain will (or likely 'has' been turned over at this point)

Depending on how extensive / independent they were in their setup, there are a slew of additional services that they may be relying on that will bend to the whim of the U.S. gov't if they come knocking on doors ; if they're doing things like hosting their own authoritative DNS servers / anycast for the domain (and covering that over with TLS) + perhaps transparently proxying the domain over top of the Onion network [or better yet i2P if that's possible] + utilizing a Shadow proxy of some sort (to encapsulate a VPN over top of UDP via direct wire bouncing through private servers for the connection + SOAP for the retrieval of certain content / information + XMPP for the communications between users on their servers, then there's a chance that they can remain sustainable for the time being (depends on how egregious / useful the U.S. finds their site ) /// there's always the non-zero chance that the entire site itself is a honeypot [trust no one]

Jurisdiction does matter (despite the U.S. threats to extradite any and everyone) ; they do need to cooperate w foreign entities still (granted, most of them will cooperate, there are certain jurisdictions that don't give a fuck and that won't - like perhaps a server over in France [OVH Hosting] ; the France exception is only under the assumption that there is not concrete evidence that you're doing something fucked up (i.e., like that sick fuck from Freedom Hosting was ; nobody cares about pedophiles anyway and if you're on that tip - you deserve to be given up [and you should expect it])

The site is extremely reachable and they're not really subtle about their marketing of anonymous transactions via Monero (which curiously...may not be illegal; not entirely sure). I think Monero is pissing the gov't off because there's technically no way to prove that one is violating certain laws without extracting concrete transaction amounts & history from the Monero blockchain (I'd imagine that this is causing significant issues for the federal gov't actually ; it is critical that Monero remain well-developed /// they're paying their main developer too much fucking money imo but it is what it is)

Tags

cryptomedication

Happy to serve and help wherever I'm needed in the blockchain space. #Education #EthicalContent #BringingLibretotheForefront

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.