09:48:20 <mj-xmr[m]> Hi. Here's my dev report for August work packages: https://www.reddit.com/r/Monero/comments/pi93d8/dev_report_august_2021/ . Thanks :)
12:04:56 <nioc> as I understand it Sarang paused work on multisig for triptych and it had gotten to the point where it was found that yes it was possible but complicated.    
12:05:06 <nioc> At this point a decision needed to be made by the community and devs on how to proceed.   
12:05:15 <nioc> There was some discussion and then.......nothing, it been several weeks now.    
12:05:19 <nioc> What needs to be done for a decision to made so that sarang can continue working on his present CCS
12:25:38 <nioc> just checked MRL and it seems that a meeting about triptych was just brought up
12:32:04 <UkoeHB> Nothing has changed since the last time there was discussion - research is ongoing into alternatives.
12:39:32 <nioc> UkoeHB: thx, if you say so then I'm sure it's happening.  I just haven't seen that discussion recently
12:40:55 <UkoeHB> The new ideas are mostly stable, we are in the invisible 'finalizing research papers' stage.
12:41:48 <nioc> thx for the update and your work :)
13:21:01 <FrancisPretel[m]> What is the best exchange to buy monero? 
13:21:01 <FrancisPretel[m]> I am thinking of using Bisq.
13:22:25 <FrancisPretel[m]> I am looking for one that is safe and private.
13:26:55 <nioc> bisq works for that
13:27:02 <nioc> never used it myself
14:33:38 <lozbek[m]> > <@pydev56:matrix.org> What is the best exchange to buy monero? 
14:33:38 <lozbek[m]> > I am thinking of using Bisq.
14:33:38 <lozbek[m]> LocalMonero 
16:00:15 <mechanic41turk[m> Hey I didn't know Triptych was canceled.
16:00:38 <mechanic41turk[m> Justin's comments here suggest that: https://teddit.net/r/Monero/comments/pi83hw/if_you_were_wondering_why_triptych_is_taking_so/
16:00:38 <mechanic41turk[m> Bummer, really. I was really hoping for the increased ring size.
16:01:14 <mechanic41turk[m> With all the announcements that ciphertrace been pumping out, I think monero community needed some technical improvement to fire back at them.
16:01:28 <mechanic41turk[m> So, what's the next line of improvement for Monero, then?
16:01:49 <mechanic41turk[m> It is obvious that ciphertrace (and perhaps other chain analysis companies) are improving upon their PROBABILISTIC tracing techniques.
16:02:41 <mechanic41turk[m> Left to their improvement, those probabilistic tracing perhaps get to some high percentage of accuracy (tracing the monero transactions with 80 percent of accuracy, etc.)
16:02:58 <spackle[m]> I don't know that Triptych is at a hard stop, it is just going to be somewhat inconvenient and it seems worth looking for an alternative
16:03:17 <spackle[m]> Current options that have been mentioned are Lelantus and Seraphis
16:04:05 <mechanic41turk[m> Do Lelantus and Seaphis do away with decoy stuff? I know Firo is using Lelantus, right?
16:04:06 <mechanic41turk[m> and it doesn't use decoys to obfuscate the trail of funds.
16:04:08 <plowsof[m]> sgp_: "Look primarily into Lelantus Spark and Seraphis. #monero-research-lab is a largely drama-free zone to ask questions."
16:05:12 <mechanic41turk[m> It's a bummer that the scientific and mathematical tools that monero deploy are pretty difficult for the layman to understand and have an accurate opinion of.
16:05:42 <mechanic41turk[m> Me for example, have no idea whether Lelantus or Seraphis is better, or what do they add on top of the existing obfuscation methods.
16:14:48 <nioc> They also mean a change in address format which has its own issues 
16:18:29 <nioc> Nothing has been decided.  Others feel as justin does but from what was discussed in MRL today the direction is not clear to me 
16:19:43 <mechanic41turk[m> nioc: That sounds like a big change.
16:20:01 <mechanic41turk[m> Many online merchants, wallet apps, etc. will have to update their code.
16:20:21 <mechanic41turk[m> There was also something being discussed a few weeks ago regarding addresses.
16:20:43 <mechanic41turk[m> Doing away with some parameter, something integrated number--I can't remember what its called.
16:21:11 <mechanic41turk[m> Afaik, Seth and a few others supporting it believes that it is good for simplifying and unifying the addresses in monero.
16:21:57 <nioc> I believe that is just using subaddresses 
16:23:29 <DiegoSalazar[m]> mechanic41turk: the big issue is that the move to Triptych would mean that our multisig is messed up. At present, we have ecosystem projects, like Haveno, that are trying to utilize multisig.
16:23:39 <nioc> The new protocols mentioned above mean a new address format that is incompatible with the existing one
16:24:03 <DiegoSalazar[m]> So switching over to a different protocol at all wili have a big effect on the ecosystem. AND this Triptych multisig is much more complex, so implementation would be too.
16:24:28 <DiegoSalazar[m]> That, coupled with the fact that super exciting research is coming out that may be much better than Tripitcyh means that it may be wise to not swap over. 
16:24:52 <DiegoSalazar[m]> Because it'd be fairly difficult for the ecosystem to swap to one multisig and build for it, then swap to another not long after.
16:25:01 <nioc> Haveno woodser said that triptych would not be an issue for them 
16:25:22 <sethsimmons> nioc: They likely do, but there is a strong possibility (WIP) that they can work without address format change but with some minor drawbacks if that approach is taken.
16:25:27 <mechanic41turk[m> Diego Salazar: Thanks for explaining.
16:25:43 <nioc> But yes we need a long term plan weighing everything 
16:25:53 <DiegoSalazar[m]> But yes, I agree about the privacy increase. And I wonder if maybe, since Triptych is mostly done anyways, if it wouldn't be good to swap over for now, and then the ecosystem can suck it up when we swap over to another one.
16:26:08 <DiegoSalazar[m]> Holding privacy for the sake of fledgling ecosystem seems like the wrong way forward, but that's just my opinion.
16:26:30 <mechanic41turk[m> DiegoSalazar[m]: that would be painful for the ecosystem, the existing setups of the monero merchants, etc, no?
16:26:48 <mechanic41turk[m> Afaik, Tryptich will be a hardfork.
16:26:55 <mechanic41turk[m> So, the previous setups would be uncompatible.
16:27:06 <mechanic41turk[m> However, that's my uneducated opinion now.
16:37:25 <UkoeHB> DiegoSalazar[m]: I think the implementation timeline is the biggest issue. If multisig must be supported by every hardfork, then the Triptych hardfork will need working multisig. How long would it take to implement and validate a Triptych-friendly multisig? It seems like a lot of high-expertise work that has no enthusiasm. By the time it is ready, maybe an alternate protocol would have been ready anyway.
16:38:24 <DiegoSalazar[m]> Remember how long it took to get multsig for our current stuff? :D
16:55:57 <Rucknium[m]> mechanic41turk: I agree that probabilistic tracing is a major threat. One thing to keep in mind is that a rise in the ring size only helps insofar as the additional "camouflage" from having more decoys is put in the right places.
16:56:42 <mechanic41turk[m> Rucknium: When it comes to monero, we have no other choice of defence but increase the decoys.
16:56:52 <Rucknium[m]> The current decoy (mixin) selection algorithm does not do a great job of putting the camouflage where it is needed. See 
16:56:52 <Rucknium[m]> https://github.com/monero-project/research-lab/issues/86
16:56:54 <mechanic41turk[m> As far as I understand monero, that's the thing that obfuscates the sender.
16:56:59 <mechanic41turk[m> the only thing.
16:57:18 <mechanic41turk[m> > <@rucknium:monero.social> The current decoy (mixin) selection algorithm does not do a great job of putting the camouflage where it is needed. See 
16:57:18 <mechanic41turk[m> > https://github.com/monero-project/research-lab/issues/86
16:57:18 <mechanic41turk[m> Yeah, I heard that, too. I think jberman is currently working on fixing that.
16:57:48 <Rucknium[m]> Unfortunately, you only have it half right. The age of the decoy inputs constitutes metadata that cannot be eliminated.
16:58:55 <Rucknium[m]> I am working with jberman to fix it. I have a draft of a roadmap for a research plan to fix it.  I will submit  a CCS proposal in the next two weeks to fund the labor for executing the roadmap.
17:02:17 <Rucknium[m]> If the distribution that the mixin selection algorithm uses to draw mixins from does not closely resemble the distribution of real spends, the danger to user privacy is high. This was made clear in Moser et al. (2018) 
17:02:17 <Rucknium[m]> https://www.sciendo.com/article/10.1515/popets-2018-0025 
17:03:23 <mechanic41turk[m> ouch
17:04:56 <mechanic41turk[m> sounds scary.
17:04:56 <mechanic41turk[m> " First, about 62% of transaction inputs with one or more mixins are vulnerable to “chain-reaction” analysis - that is, the real input can be deduced by elimination. Second, Monero mixins are sampled in such a way that they can be easily distinguished from the real coins by their age distribution; in short, the real input is usually the “newest” input."
17:04:56 <mechanic41turk[m> " We estimate that this heuristic can be used to guess the real input with 80% accuracy over all transactions with 1 or more mixins. "
17:05:09 <midipoet> Rucknium[m]: I am sure that one of the last things that surae was working on was that problem. isthmus also has interest in it as well.
17:06:14 <mechanic41turk[m> Rucknium: What can I do NOW to mitigate that probabilistic tracing?
17:07:48 <Rucknium[m]> mechanic41turk: Moser et al. proposed a fix (see the countermeasures section). It was implemented in 2018 I believe and is still the algorithm that is used. The fix has shortcomings that must be rectified, however
17:07:49 <mechanic41turk[m> Rucknium: Got it.
17:07:56 <Rucknium[m]> midipoet: isthmus and I are in communication about this
17:08:07 <luigi1111w> yeah that 80% number is surely wrong (today)
17:08:11 <tobtoht> mechanic41turk[m]: You may also want to read: https://www.getmonero.org/2018/03/29/response-to-an-empirical-analysis-of-traceability.html
17:08:24 <mechanic41turk[m> tobtoht: Nice. Thanks.
17:08:31 <midipoet> Rucknium[m]: great :-)
17:09:02 <Rucknium[m]> mechanic41turk: I am hesitant to issue a specific recommendation since rumors can spread, the message distorted, etc. I am super new to the Monero community so I do not know how things should proceed.
17:09:15 <mechanic41turk[m> Alright.
17:33:15 <xmrscott[m]> wehn ringsize 100
17:44:47 <nioc> done
20:37:26 <bestsec> /join #grapheneos and meet the most secure mobile OS ever existed. Its developer strcat aka Daniel Micay is the best hacker ever existed challenges Linus Torvalds himself for linux kernel security debate.
20:55:36 <siren[m]> <bestsec> "/join #grapheneos and meet the..." <- The best hacker ever existed just like Terry, the smartest programmer who has ever lived.
22:00:14 <sgp_[m]> <nioc> "At this point a decision..." <- This is a conversation for MRL. No need to have cryptography discussions in this channel imo. Only discussions as necessary. Frankly doing it here would invite a waaaaay to high noise to signal ratio
22:01:09 <sgp_[m]> Fwiw, it's totally fair though to share and ask questions about what will change and why
22:01:32 <sgp_[m]> But it's just too difficult to talk in full detail here about everything. That's what MRL is for, which anyone can join of course :)
22:02:04 <sgp_[m]> Triptych has severe multisig drawbacks, which is unfortunate, but luckily new options have arisen
22:02:35 <nioc> I didn't feel like bringing my ignorant noise there
22:02:43 <sgp_[m]> So the takeaway imo is to take the BP+ and ringsize bump win ASAP, and then move to whatever ends up making the most sense late 2022 / early 2023
22:04:33 <nioc> love how matrix cuts off your quote, now I get to scroll back
22:06:33 <nioc> and yes there has been little discussion there for weeks and not many that are in this channel are there
22:07:37 <nioc> is the discussion happening on github sgp_[m] ?
22:08:22 <sgp_[m]> I think it was mostly at the last MRL meeting
22:08:51 <sgp_[m]> That said, I think the whole process there is shaky and should be improved for easy following. I've advocated for that for years also :)
22:09:15 <sgp_[m]> That was my entire Defcon 2019 talk
22:09:38 <nioc> that feels like a lifetime ago
22:10:31 <Rucknium[m]> sgp_[m]: Whole process where?
22:11:06 <sgp_[m]> More MRL regular meetings, easier roadmaps, easier summaries
22:11:24 <sgp_[m]> One of those things that needs buy-in though from the contributors, and needs a champion
22:11:37 <nioc> cue song
22:12:02 <sgp_[m]> I can champion for MRL but there's some skepticism of worthiness, at least in my observation
22:26:49 <geonic> https://youtu.be/KPhqU--Mq1A
23:00:41 <carrington[m]> It's simple, we just need a genius c++ coder cryptographer community organizer who can chair regular meetings while producing digestible summaries of the merits of various transaction models and doing daily AMAs on Reddit.
23:00:41 <carrington[m]> Surely the field of candidates is vast 😭
23:03:37 <bevanoff[m]> Hit the nail on the head lmao
23:32:10 <sgp_[m]> I hope geonic is banned on Matrix/IRC/Reddit. It's obvious he is nothing but destructive https://www.reddit.com/r/Monero/comments/pi83hw/slug/hbquf2y
23:32:45 <geonic> them's fightin' words sgp. that song really pumped you up.
23:33:43 <sgp_[m]> They are. I'm not holding back anymore. Your actions today were completely terrible and you deserve to not have a voice here
23:34:00 <geonic> haha. ok, Champion.
23:36:00 <sethsimmons> I've shared similar thoughts: https://www.reddit.com/r/Monero/comments/pi83hw/if_you_were_wondering_why_triptych_is_taking_so/hbpkdrv/
23:36:35 <sethsimmons> The post was blatantly false and used to be the means to an end at any cost, a regularly recurring theme with geonic across Matrix, Reddit, and Twitter.
23:36:37 <selsta> +1000
23:36:47 <selsta> it's insane how much drama a single person can cause
23:44:42 <geonic> let's see how many Diego fans can pile on to retaliate for having their friend fired.. genuinely curious.
23:46:22 <DiegoSalazar[m]> Fan club meetings are on Tuesdays. 
23:46:26 <selsta> sarang won't be the last person to quit if geonic continues with his games
23:46:35 <sethsimmons> DiegoSalazar[m]: Honestly, stfu.
23:46:50 <geonic> selsta: maybe you forgot your comment? "sarang hasn't worked for monero for a year"
23:47:03 <sethsimmons> geonic: Honestly, stfu. This has nothing to do with Diego, and everything to do with your continued hostility towards the people who do real work around Monero.
23:47:05 <geonic> I'm done with the "sarang will quit if" threats tbh. that was half of what this thread was about
23:47:25 <sethsimmons> Your supposed reason is asinine.
23:47:38 <sethsimmons> If you have researchers begging to work on Monero for CCS funds, then stfu and bring them in.
23:47:55 <sgp_[m]> Sarang is a victim but it's not just that either (though it is part of it)
23:48:03 <sethsimmons> Using lies and slander and misinformation to "create discussion" is insane and a massive cause of division and hostility in the community where none should be.
23:48:19 <geonic> sgp: I know you like playing the victim, but don't assume everyone does
23:48:21 <DiegoSalazar[m]> Geonic it's really strange how you use the nuclear option every time. You could have asked for and scheduled a meeting. And no, it doesn't take anyone who's a part of the "in crowd" to do that. 
23:48:47 <DiegoSalazar[m]> If your only way of getting things done is swinging a hammer wildly around, then it's a net negative for the community, regardless of what little good it does in the short term. 
23:49:13 <sgp_[m]> TIL that me as a 19 yo responding as MRL to the Monerolink paper was me being carefully selected by the powers that be
23:49:27 <sethsimmons> 100% agreed.
23:49:36 <sethsimmons> So many simple and useful ways to contribute and drive positive change.
23:49:51 <geonic> if one sentence and a screenshot gets your panties in bunch so much... I can't imagine how you'd deal with a real threat
23:50:07 <sethsimmons> Aggressive and hostile lies, entrapment, and witch hunting is something that should not be tolerated.
23:50:15 <sgp_[m]> geonic: You are a pest and I want to get rid of it
23:50:21 <geonic> DiegoSalazar[m]: it seems to me that others are reaching for the nuclear option :)
23:50:31 <geonic> sgp_[m]: I'm waiting for the verdict.
23:50:31 <sethsimmons> No, you did.
23:50:37 <sethsimmons> You chose this, like you always do.
23:50:47 <sethsimmons> You could have been a civilized human being and chosen to engage in a reasonable way.
23:50:54 <geonic> sethsimmons: you've become the witch hunter you despise
23:51:03 <sethsimmons> LOL
23:51:06 <sethsimmons> Sure thing bud
23:51:14 <sgp_[m]> Yeah that's so stupid
23:51:23 <sethsimmons> You're the first person I've actively supported getting banned.
23:51:32 <sethsimmons> And I have tried countless times to reason with you in DMs and publicly.
23:51:53 <geonic> reason with me by asking me to delete my thread? if my thread broke any rules you would've deleted it
23:51:54 <sethsimmons> Everyone else I have had conflicts with I have been able to resolve it quite easily via DMs.
23:52:11 <sethsimmons> You use a talent for purely hostile and negative reasons.
23:52:12 <geonic> so no I won't self-censor because you don't like what I'm saying, Seth.
23:52:19 <sethsimmons> geonic: I asked instead of deleting it.
23:52:21 <sethsimmons> That is reason.
23:52:26 <sethsimmons> I have the power and mod support to delete it.
23:52:36 <sethsimmons> Because it's a blatant lie and an attempt to mislead redditors.
23:52:46 <sethsimmons> I chose instead to attempt to reason with you in DMs and explain my thinking.
23:53:12 <carrington[m]> "No lying" isn't a subreddit rule, and retracting provably inaccurate statements is not self censorship
23:53:34 <sethsimmons> >As a fellow community member and someone who knows you mean well, you should really delete this.
23:53:34 <sethsimmons> > I obviously will not as a mod, but this is blatantly false and just stirring up unnecessary drama.
23:53:34 <sethsimmons> This is all I said for those interested in DMs.
23:53:43 <geonic> let me know when the lynching is so I can be there on time
23:53:46 <selsta> his goal of baiting everyone into discussions is working again
23:54:03 <sethsimmons> Then lets get this over with and move to action.
23:54:08 <sethsimmons> Enough is enough.
23:54:10 <geonic> hahaha
23:54:46 <sethsimmons> There is nothing to be gained with further discussion with geonic, as he has made clear over the years I have tried to reason with him.
23:54:59 <sethsimmons> He has some good intentions but using a malicious and hostile approach to accomplish them.
23:55:06 <DiegoSalazar[m]> Mods, if blatant lies are now on the table and not reason to be banned, I won't be surprised if people come in and accuse others of being plants, FBI, or aliens, and the precedent set here is that the voices should be allowed to stand. 
23:55:19 <sethsimmons> It's unfortunate, but he has made it clear he will not stop or change both privately and publicly.
23:55:44 <geonic> DiegoSalazar[m]: I was accused of being an FBI agent today. https://www.reddit.com/r/Monero/comments/pi83hw/if_you_were_wondering_why_triptych_is_taking_so/hbqfbxo
23:55:46 <geonic> impending ban?
23:57:34 <DiegoSalazar[m]> Geonic, we can have someone talk to him and explain its not appropriate. He may remove after being talked to. You, absolutely still not.
23:58:35 <nioc> geonic: "there is nothing like a friend who can tell you you're just pissin in the wind"
23:58:38 <carrington[m]> I am basically no one, but I support a temporary ban for no other reason than to improve the signal to noise ratio across reddit and matrix
23:58:54 <sethsimmons> I normally would say temp as well.
23:59:07 <sethsimmons> But over the years I have engaged with geonic he has made it clear he has no intention to change.
23:59:20 <sgp_[m]> Temp until genuine apology tbh
23:59:23 <sethsimmons> If others are for a temp ban I am fine with that, but I would prefer perm.
23:59:29 <sgp_[m]> If that never comes so be it
23:59:35 <sethsimmons> sgp_[m]: That would be fine with me.