Monero has excellent transaction-level privacy, and things should get even better soon with FCMP++s. But these innovations aren't sufficient if you have deanonymization vectors on the network level. Tor gives you network privacy in theory — but how do you know your Monero wallet isn't leaking some network traffic outside of Tor? Proxy leaks are a surprisingly common class of security vulnerability, and they've historically been difficult to audit for.

SocksTrace is a tool designed to detect proxy leaks by intercepting network syscalls using seccomp. SocksTrace is suitable for usage in CI testing as well as manual QA testing, and it can also SOCKSify connections if used with applications that don’t support Tor. This talk will cover the technical design of SocksTrace, how our approach compares to existing tools like Whonix and torsocks, and how Monero application developers can integrate SocksTrace into their workflows.