00:32:27 How can I fight ordinals in monero? 00:41:43 Hm? 00:43:05 I saw MentalOutlaws video 00:43:22 Old 00:43:29 its ok they dont exist anymore 00:43:44 Ok 00:43:46 cool 00:43:58 But, how to fight them? Update your node to 18.2.2 or later 01:05:52 Also, I have a question about network updates. I am hosting a node via a GUI wallet, I heard that if a wallet is outdated or the node is that it is connected to (in my case they would obviously be the same version so I am not sure) but monero sent on an old wallet version (or network, still not sure) will not go through unless the block it is a part of is mined by a monero minine 01:05:52 r running an older version of the network (or wallet) version. 01:05:52 Is my understanding correct? Also how do I know when i need to update my wallet? 01:06:41 Can an outdated wallet/node also have problems receiving monero? 01:08:36 <123bob123:matrix.org> p2p mining? 01:09:18 What about it? 01:11:49 Well all I guess. P2P solo and pool 01:13:20 the monero gui itself will notify you of any new updates if your version is outdated. you can also subscribe to getmoneros blog RSS feed where releases and other things are announced https://www.getmonero.org/feed.xml 01:13:57 the only time an outdated wallet would have trouble receving/sending funds if it is on a pre-hardfork version 01:14:57 so pre v0.18.1.2 , you wont be able to send monteros 01:16:00 often, new updates are marked as being "highly recommended" (not mandatory) because they fix bugs 01:16:47 we are currently on network v16 https://github.com/monero-project/monero#scheduled-softwarenetwork-upgrades 01:17:11 sorry, fork version* 02:46:47 <123bob123:matrix.org> Fork you! 02:59:33 Does monero.social support password recovery via email? 02:59:50 I never receive any email 03:11:02 Yes, just did it to validate 03:12:13 huh.. yeah I'm not receiving anything, thankfully I just remembered my password lol 09:46:09 what's the word on this CCS fund hack? was it an inside job, or is the code really fubar? 09:47:35 As far as I know nobody really has a clue yet. Thus, "no word". 09:55:19 <123bob123:matrix.org> word 09:59:51 word 11:26:01 :D 12:35:24 Monero meetup in Buenos Aires , Argentina here today at 11am local time: 12:35:24 https://maps.app.goo.gl/9tu7S21yD9WLL5ho9?g_st=ic 12:41:44 with more and more storries i see on twitter on how people are loosing their coins, i would like to generate a bip39 or monero seed phrase by dice rolling. 12:41:44 are there any tutorials for this out there which are valid? 12:41:44 are there any out there specifically for monero which we know are statistically sound? Rucknium 12:46:40 discussion on this happened here atomfried https://libera.monerologs.net/monero/20231026#c293528 12:48:30 oh thank you 12:48:51 creating an offline securely is easy, the hard part is using it to send/receive funds 12:54:55 i just want to create a bip39 and put it on my hardware wallet 12:55:30 i just want to rule out the possibility of a flawed random number generation 12:58:27 atomfried: With BIP39, the annoying part is the checksum word. With a 12-word seed, the checksum can be found by trying 4 or 8 (need to check) different possibilities. With 24 words, you need to run a Python script on an airgapped computer to find it. 12:59:18 ok i see, but this also would rule our flawed random number generation, so i am fine with that 12:59:39 With Monero's 25 word seed phrase, the checksum will be one of the words of the first 24 words. 13:01:06 if you have 24 words without checksum, thats also fine, monero-wallet-cli will accept it .. you can use your monero address as your own checksum - if it doesnt match, then a word is wrong 13:01:39 thats nice! 13:01:58 Cryptographic randomness is not something I understand well, especially pseudo-random (computer-generated) randomness. For statistics, usually random number generators that would not be cryptographically valid are used. 13:03:27 it is not that i do not trust the theoretical foundations of cryptographic random generators, i just dont realy trust the implementation or lets say i just want to rule out this attack vector 13:04:07 I don't necessarily trust it either. 13:05:13 given i have a list of words 1 to n. 13:05:13 and i role 6 dices and concat the numbers to generate a number x. 13:05:14 if x > n i reroll the dices, otherwise i pick the word which is associated with the number i rolled. 13:05:14 will this pick words uniformly random? 13:05:15 or will there be a bias in the words i selected because if the reroll? 13:05:34 For example, the Milk Sad insufficient entropy vulnerability used the Mersenne Twister random number generation algorithm. Mersenne Twister isn't adequate for cryptography, but it _is_ R's default random number generator. Different standards for different purposes. 13:06:10 if i avoid calculating modulo to force finding a pick and just reroll is this valid? 13:07:06 MT is also pretty much the goto PRNG for c++ with the header 13:09:22 Uh, I don't really want to endorse a specific seed word generation method right now since it's important to get it right. There are many methods published online. Of course, you want to verify that the published methods have no problems. 13:10:00 i understand that 13:10:18 I think that the "just has it" method that plowsof posted would not work directly for seed words. It would get the private key. You would have to have a method for mapping the output of the hash onto the list of seed words 13:10:51 *just hash it 13:13:12 I think kayabanerve has opinions on dice as the source of entropy 13:13:29 I don't mind them as a supplement 13:14:24 atomfried: You can't concat the numbers in base 10, you'd need to convert from a base 6 number to a base 10 number. 13:15:13 You can reject if x > n to achieve numbers without bias. 13:15:48 Though you need to understand every single signature you make presumably uses RNG 13:16:30 So either ensure your signing program doesn't use RNG, and instead uses hashes of the private key + message for its nonce, or get the dice out whenever you want to make a transaction 13:16:44 hahaha 13:17:04 I'd recommend `H-512(rand(32 bytes) + "142325624625142365243516...)" to make a new private key if you want to incorporate dice 13:17:29 No math re: the dice itself, dice is solely additional entropy. 13:18:30 so rolling my bip39 seed would not give me extra security? 13:19:03 You fully trust PRNG / TRNG? kayabanerve? 14:02:14 i think i will just get some d16 and a d8 dice and then i can easily roll the d16 two times and the d8 one time to pick a random bip39 word. 14:02:14 since there are 2048 words this fits perfect 14:02:29 just for your interest 14:07:48 atomfried: Do you plan to take the sum of the d16*2 and d8 to choose the word? 14:08:03 I have calculated my 24 words in bitcoin with a coin.... By flipping 256 times. I calculated the checksum using https://iancoleman.io/bip39/ offline or any hww that allows you to do it like SpecterDIY. 14:08:03 But I would love to be able to do this with polyseed. But i dont undertant how to do it 14:08:47 checksum is word 1 and all 11bits. them you have more information not randomly. so, i odnt know ho to do it 14:08:47 yes, now that i think about i am not 100 sure that is a good idea 14:09:24 It's not. The sum would not be uniform. (Sorry IRC people): 14:09:30 ```R 14:09:30 n.sims <- 10000 14:09:31 results <- vector("numeric", n.sims) 14:09:31 set.seed(314) 14:09:32 for (i in seq_along(results)) { 14:09:32 results[i] <- sample(16, 1) + sample(16, 1) + sample(8, 1) 14:09:33 } 14:09:33 100 * prop.table(table(results)) 14:09:34 ``` 14:10:16 Sums of random variables tend to converge to the Normal distribution 14:10:50 yes, ofc stupid me ... i was just thinking about using 2^11 rolls with a coin per word to select it and thought i could just take a short path by using higher dices 14:27:32 so when i use two D8s and a D4 i could do: 14:27:32 idx = (D4 -1) * 64 + (D8_1 -1) * 8 + (D8_2 - 1) 14:27:32 to select the index of the 2048 words i want to choose from i guess thats more of what i thought of before i was bamboozled by the multiplication idea 18:28:36

This might be of assistance for you 18:28:36

https://github.com/Monero-HackerIndustrial/MoneroDice-WalletGen 18:29:27

I need other people to take a look to make sure I didn't overlook something 18:29:33

```The script generates 100 dice rolls for a little bit over 256 bit entropy. 18:29:33

Based on some Math from coldcard, a d6 dice provides 2.585 bits of additional entropy per roll This means: 50 rolls for 128 bit 99 rolls for 256 bit``` 18:29:53

```` 18:29:53

The script generates 100 dice rolls for a little bit over 256 bit entropy. 18:29:53

Based on some Math from coldcard, a d6 dice provides 2.585 bits of additional entropy per roll This means: 50 rolls for 128 bit 99 rolls for 256 bit``` 18:29:54

```` 18:31:05

the kdf on bip39 is 18:31:05

https://github.com/diybitcoinhardware/embit/blob/2bf81739eb5f01f8ad59d23c492fd9d9564eed48/src/embit/bip39.py#L86 18:33:47

here is an issue I had made on polyseed to ask about the kdf and the entropy involved. I linked the existing bitcoin bip39 kdf functions along with what polyseed uses etc. 18:33:47

https://github.com/tevador/polyseed/issues/8 18:35:23

My diceroll generator vs polyseed differences: 18:35:23

```` 18:35:24

My version and Polyseed use similar key derivations except for 2 differences. 18:35:24

sha256 vs sha512 18:35:25

#of iterations 18:35:25

10000 vs 2048 18:35:26

The salt being the reserved/feature bits. 18:35:26

``` 18:35:27

That is the only difference and should be a couple of line changes for the kdf function 18:37:20

If you are going to diceroll you need a KDF function to "stretch" the entropy into a uniform string but also beyond just "simple hash on brain wallet" since those are insecure 18:40:07

You can put the diceroll into a variable then generate the hash of it. Then feed the hash into a kdf function. Bip39 uses 2048 iterations of sha512. Here is a slight modification to work with monero python client to generate seeds: 18:40:07

``` 18:40:08

PBKDF2_ROUNDS = 2048 18:40:08

#password used for the salt (a sha256sum ) 18:40:09

password = hashlib.sha256(dice_rolls.encode()).digest() 18:40:09

entropy_bytes = hashlib.pbkdf2_hmac( 18:40:10

"sha512", 18:40:10

dice_rolls.encode("utf-8"), 18:40:11

password, 18:40:11

PBKDF2_ROUNDS, 18:40:12

32, 18:40:12

) 18:40:13

hex = entropy_bytes 18:40:13

hex = hex.hex() 18:40:14

s = Seed(hex) 18:40:14

phrase = s.phrase 18:40:15

public_address = s.public_address() 18:40:15

``` 18:59:54 rip irc 18:59:54 but interesting stuff 19:05:08 Rip 19:08:59 F 19:35:48 uyfougpohij[] 19:37:51

Yeah I forget about the irc bridge. Shoot me a PM if you want to talk more about it 22:20:58 <123bob123:matrix.org> Rip nioc 22:21:58 F