04:44:36 4/9?! 04:44:59 4/8 04:45:16 Lol 04:45:26 Lol, thanks 04:45:42 Max decentralization 🤪 05:05:09 Well, quite in general the permissionless and fully decentralized oracle itself is something that looks impossible. 08:46:38 i need input 08:46:58 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/PddWnjwdBYKjUGVFoVgsbKOa 08:47:30 someone tried to be smart and save some money by abusing the guerrilla system ._. 08:48:06 bro i subsidize these packages myself ._. 08:49:21 what do i do here 08:50:47 im not grasping it yet, the totals add up (im assuming this is an attempt at using a discount ('fund a guerrilla") to obtain free product? 08:52:17 paying 50 cent - but forcing you to spend 30~ euros? 08:53:27 Is it cheaper then buying a regular package overall? 08:53:33 so regular price is about 32,5€ 08:53:58 the guy funded a package for 26,5 and then bought it 08:54:05 With shipping? 08:54:10 nah 08:54:43 Ship proportional fewer stickers for this customer 08:54:51 And you should fix the loophole 08:55:44 "Receive a subsidized package funded by a generous Monero Extremist. Please only pick this option when you really can not afford the regular options but are eager to place tons of stickers out in the streets. ONLY ORDER 1 subsidized package, DO NOT ORDER MORE. Any funds from ordering more than 1 package will be regarded as a donation!" 08:56:01 i mean the rules are kinda clear 08:56:24 You are already subsidizing the stickers by working for free, no need to subsidize shipping as well 08:56:37 a major exploit in the smart contract 08:56:49 well i gladly do for the real guerrilla packages 08:57:19 Unfortunately for the hacker its a dumb contract 08:57:25 ok ill do it like this 08:57:49 if the guy is from a "rich" country it gets confiscated 08:58:12 if the guy is from spain, he can get it with less stickers 08:58:28 or eastern germany 08:58:54 i guess ill offer a refund first 09:00:36 send them zcash merch as a punishment 09:02:57 That would get me sued for copyright 09:06:18 which ecommerce you handle? 09:39:29 monerosupplies.com 09:45:29 uhn 09:45:31 uhm 09:45:42 plowsof: why can i see amounts 09:47:50 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/VUcOHzIIOeNdpDhtwyJfGsvI 09:49:52 just kidding this is stagenet. i was still surprised though, thought stagenet is identical to mainnet, or is this a coinbase? 09:50:18 oh yeah its coinbase 10:23:39 man, you miss too many things in comparison with https://moneromerch.com/ 10:23:39 Any plan to upgrade? 10:35:57 <1​23bob123:matrix.org> Yeah but does border security steal there sticks from shipments :) 10:56:58 I'll bet 10 bucks i can get that monero flag in syria within the next 10 years 11:07:53 i dont see a point in trying to undercut them 11:08:54 id rather do special stuff like the standee or plushie 14:11:37 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/oRNCaLHhwRQXWlfWucgnOrnZ 14:11:44 Check out my swag 15:47:06 NicknameJohn: m-relay 16:39:15 anyone heard of shopinbit? just noticed this reddit thread https://www.reddit.com/r/Monero/comments/16vg00x/1_million_products_for_xmr_and_also_shipping_now/ (reminds me of what monero dot shopping but real(?)) 16:42:31 do we retroactively owe them 800 ish monero 😬 (if you want to see the monero shopping proposal.. seems they removed the amounts https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/360) 16:43:26 975 xmr* 17:50:03 Yes I did 17:51:37 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/GqMDMsAUNKWCHbDOvDClCVuB 17:51:52 Received my order yesterday 17:52:47 Had small issue with delivery but not because of them. I contacted them through telegram support channel and fixed quickly the issue 17:54:02 "easy shopping with bitcoin" > wants monero to fund them retroactively 🧐 17:54:43 I paid with monero and got 3% discount. Still too expensive though 17:56:26 Plenty of services accept multiple coins. 17:56:26 Is this already funded by BTC (or another supported coin's) community? 17:56:36 If not, why not? 17:56:53 If it is, why do they need us? were poor 17:57:21 975 doesnt sound like monero integration 17:57:25 Sounds like fully funded 17:57:38 tried once, item wasn't in stock despite listed as such, got my monero back *shrug* 17:58:51 Tbh that is the most complete shop I ve seen online where paying in xmr is possible. There is some decent variety 18:00:39 I'd love to see a site that pulls listings from all stores that support monero, and displays them in a single, searchable marketplace 18:02:04 because nobody is gonna check 100 different stores just to see if they have a specific item 18:54:38 ofrnxmr ah sorry, i was joking about the retro funding stuff (totlaly unrelated to monero shopping / not asking for funding) 19:58:44 I have a question about change outputs. When you broadcast, let's just say a 1-in-2-out from wallet2, does the change address always occupy a static positional order in the transaction? In other words, is it knowable for an outside observer which output was the spend, and which one was the change? 20:05:38 BawdyAnarchist: If it's not randomized, it would be a major mistake IMHO. Usually wallet2 makes the right choice with those types of issues. Check the source code or ask in #monero-dev:monero.social 20:12:02 BIP 69 for bitcoin is supposed to reduce guessibility of the bitcoin change output FWIW: https://github.com/bitcoin/bips/blob/master/bip-0069.mediawiki 20:12:24 It's a wallet-level BIP. Wallets don't have to implement it. 20:16:52 BawdyAnarchist: "Outputs are randomly shuffled by the core implementation before getting assigned an index, so observers can’t 20:16:52 build heuristics around their order. Inputs are sorted by key image within transaction data." 20:17:30 Footnote 4 on pp. 50 of _Zero to Monero 2.0_ 20:18:27 Thanks Ruck! I just read your research on classifying spends with fungibility defects, which is what made me think of the question 20:19:22 Thanks for reading it. What did you think about it? I titled it "Discussion Note" for a reason :) 20:47:33 I thought it was great that you used Monte Carlo to validate the results after calculating a specific solution. I didnt dig into the equations though. Table 1 and 2 were interesting. PPV is significantly worse when a small percentage of outputs have a defect, but much alleviated as you pass 25% of defective outputs. I assume those tables are for "single puddle defects?" So hypoth etically, multiple types (droplets) of defects makes the situation much worse? 21:03:05 Ruckniumare you still planning on doing an analysis on pocketchange's affect on transactional privacy? 21:03:54 <1​23bob123:matrix.org> Do you have a donate address? 21:04:16 <1​23bob123:matrix.org> Stuff like this css should help with 21:08:30 <1​23bob123:matrix.org> Stuff like this ccs should help with 21:09:49 BawdyAnarchist: Right. We can take an empirical example. 21:10:16 I estimated the PPV for several nonstandard fee levels I found on the blockchain in Table "Estimated PPV, beta, and mu_C, in percent" of https://github.com/Rucknium/misc-research/tree/main/Monero-Nonstandard-Fees#tabulated-data 21:10:36 If you take beta as the prevalence of transactions that have a certain nonstandard fee level, then you can do a weighted average of PPV for the four nonstandard fee levels I identified. They add up to about 10% of recent transactions. Having those four levels is worse than having just a single larger category that composed 10% of transactions. 21:10:48 The weighted average PPV is 29.8% 21:12:00 Go to Table 1 in https://github.com/Rucknium/misc-research/blob/main/Monero-Fungibility-Defect-Classifier/pdf 21:12:14 (We also need the probability of spending change to use the table. We can take the weighted average for that, too. It is 32%.) 21:13:28 If we have beta (% blockchain outputs with defect) at 10% in one large category and mu_C (% rings of defective txs with change output as the real spend) at 30%, the closest value to the weighted average I calculated above, then that PPV is only 19.7%. 21:15:06 To summarize, the fact that there are multiple small anonymity droplets with nonstandard fee levels means that the average probability of guessing the real spend is 29.8%. If it were one big nonstandard fee category, then that probability would be 19.7%. That's a 10 percentage point difference. 21:20:25 r4v3r23: In the Feather Wallet channel I said "I might put up a "wish" on my wishlist-as-a-service page to create a formal model and classification rule for an attack on PocketChange." 21:21:07 I want to do it, but it's a matter of prioritization. 21:23:01 I need to finish the OSPEAD improvements to the decoy selection algorithm (DSA). The analysis of using fungibility defects is indirectly related to OSPEAD since it can help answer the question of how safe it is to change the DSA at a point in time that is not a hard fork. 21:23:45 The formula can be used to directly compare the privacy benefit of OSPEAD compared with the "cost" of having multiple wallet2 DSAs on the blockchain at the same time. 21:24:46 Dan r/dark (Is not the man & Braxman Tomsparks Advocate ): My PGP-signed XMR address is at https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/255#note_18750 21:25:32 I also have a page for specific projects. Right now the only unfunded project is server costs: https://rucknium.me/donate/ 21:27:45 After I finish OSPEAD I will probably try to transition to part-time 3 month CCS proposals for research like some of the devs do. I would of course take input from the community on which research projects should be prioritized. 21:28:34 <1​23bob123:matrix.org> I was thinking that ccs should at least help 21:28:43 <1​23bob123:matrix.org> Worthy cause 21:34:46 <1​23bob123:matrix.org> https://www.reddit.com/r/Monero/comments/16uxj28/upcoming_jamtis_dynamic_view_tag_design/ 21:51:55 I think I understand a bit better now. You calculated non-standard fee defect puddles, but there are other defects which an adversary could use, and/or combine, to improve PPV. Could including abnormal fee levels as part of the DSA, reduce PPV? Altho, even if true, it does seem a bit inelegant to start expanding the DSA to new parameters like that. 21:52:05 I think I understand a bit better now. You calculated non-standard fee defect puddles, but there are other defect categories which an adversary could use, and/or combine, to improve PPV. Could including abnormal fee levels as part of the DSA, reduce PPV? Altho, even if true, it does seem a bit inelegant to start expanding the DSA to new parameters like that. 21:52:22 I think I understand a bit better now. You calculated non-standard fee defect puddles, but there are other defect categories which an adversary could use, and/or combine, to improve PPV. Could including abnormal fee levels as part of the DSA, reduce PPV? Altho, even if so, it does seem a bit inelegant to start expanding the DSA to new parameters like that. 21:52:49 Oh crap. Sorry, I forgot we're not supposed to edit messages due to the bridge. My bad. 22:42:45 BawdyAnarchist: IMHO, abnormal fee levels are an implementation "mistake" by wallet developers. Same with nonstandard DSAs and nonstandard tx_extra contents. It's better to fix the mistake. 22:43:05 In theory a wallet developer that committed a "mistake" could decide to only select decoys (when the user is spending change) that also have the same fungibility defect. It would probably be much easier for the developer to fix the original mistake than to expect them to implement a complicated fix like that. 22:43:29 Furthermore, the monerod node doesn't tell wallets much info about the characteristics of each output when it is giving the wallets information about the outputs that can be used as decoys. Only age (timing) information is given now through get_output_distribution RPC call IIRC. 22:44:25 For example, the Mordinals creator suggested that wallets just avoid the Mordinals outputs: https://nitter.net/m0rdinals/status/1639220577662795776 22:46:11 A long time ago when Monero had optional ring sizes (including ring size 1!) there were a lot of outputs that were known to be spent. The blackball tool was created to avoid including those outputs: https://monero.stackexchange.com/questions/8225/how-can-i-use-monero-blockchain-blackball-to-improve-my-privacy 22:47:44 We don't want to complicate the DSA too much. And we don't want to change it many times when users could be using the old version(s) of the DSA between hard fork dates. 22:49:14 One exception is coinbase outputs. We will always have coinbase outputs. It's not something that will go out of popularity like Mordinals. With P2Pool outputs, there are a lot of coinbase outputs now. Here is my suggestion for avoiding coinbase outputs in the DSA: https://github.com/monero-project/research-lab/issues/109 22:49:48 We could implement that at the same time as OSPEAD (once we figure out how safe it is to implement a new DSA outside of a hard fork). 22:51:08 The ideal solution to transaction fungibility defects is to set protocol rules to not give wallet developers the "choice" to reduce their users' privacy. 22:51:51 Monero has done that before. Setting mandatory ring size and making the 10 block lock part of consensus rules are two examples.