01:09:20 <luigi1111> Probably only obvious things like monerokon
13:08:04 <m-relay> <n​ickyviki:matrix.org> Townforge game based on monero Blockchain
13:08:04 <m-relay> <n​ickyviki:matrix.org> Overview
13:08:05 <m-relay> <n​ickyviki:matrix.org> Townforge is a blockchain based game where you create buildings which will provide you with income.
13:08:05 <m-relay> <n​ickyviki:matrix.org> Buildings and land cost a one off sum as well as regular maintenance costs. Payout is earned at every game tick, which happens every 720 blocks. A portion of the block rewards go to the game, to be redistributed to players. A research "tech tree" allows players to improve their buildings' efficiency. Peer to peer trade allows players to exchange goods and money. A 3D world view al<clipped message>
13:08:06 <m-relay> <n​ickyviki:matrix.org> lows players to bring their buildings to life, and a decentralized chat is available in game.
13:08:06 <m-relay> <n​ickyviki:matrix.org> Every game action is stored on a blockchain, ensuring that what you own cannot be taken away from you unless the game rules allow it. No exit scam, no central database corruption, no rules change at a whim without notice. The game state is stored on every game user's copy of the blockchain.
13:08:07 <m-relay> <n​ickyviki:matrix.org> In game currency is gold and its mined. Not issued my the developer 
13:08:07 <m-relay> <n​ickyviki:matrix.org> www.townforge.net
13:08:08 <m-relay> <n​ickyviki:matrix.org> https://t.me/townforge
13:10:04 <m-relay> <a​tomfried:matrix.org> monero-hackerindustrial: https://bitbox.swiss/blog/roll-the-dice-generate-your-own-seed/ what about this?
13:40:34 <m-relay> <m​onerobull:matrix.org> why is there a townforge ad lol
13:54:31 <m-relay> <k​illercat103:matrix.org> why even run a game on a blockchain?
13:55:09 <m-relay> <k​illercat103:matrix.org> I feel like thats just some cryptobro/cryptobloat thing
14:30:08 <m-relay> <r​ucknium:monero.social> Killercat103: If on blockchain, a central server cannot change the rules, shut down, take player resources, or cheat. That question should be added to the FAQ I guess.
14:30:42 <m-relay> <r​ucknium:monero.social> Has anyone considered possible entropy issues when generating the CCS wallet on Qubes? https://github.com/QubesOS/qubes-issues/issues/673
14:31:06 <m-relay> <r​ucknium:monero.social> Virtual machines can have entropy issues.
14:48:19 <m-relay> <h​into.janaiyo:matrix.org> oh wow that is probably it - i'm not sure why i didn't think of this immediately when hearing fluffy used qubes
14:51:36 <m-relay> <r​ucknium:monero.social> AFAIK it would be easier to tell if your brute force attack hit the CCS wallet's private key since its view key was public.
14:52:35 <m-relay> <h​into.janaiyo:matrix.org> this would mean that someone was aware of this and bruteforced whatever set of keys are possible with the lower entropy, then scanned the chain for each key (probably skipped to known tx's)
14:53:02 <m-relay> <h​into.janaiyo:matrix.org> maybe it just took 7~ years to find the right key :)
14:54:34 <m-relay> <h​into.janaiyo:matrix.org> i propose the new wallet's spend key should be created via physical entropy
14:57:03 <m-relay> <r​ucknium:monero.social> I think scanning the chain on each brute force attempt would take too long. They would attempt to match public view keys or public XMR addresses.
15:02:08 <m-relay> <h​into.janaiyo:matrix.org> ooo right that could be done extremely quickly
15:05:00 <m-relay> <r​ucknium:monero.social> Kearney, J. J., & Perez-Delgado, C. A. (2021). "Vulnerability of blockchain technologies to quantum attacks." https://moneroresearch.info/index.php?action=resource_RESOURCEVIEW_CORE&id=80
15:05:11 <m-relay> <r​ucknium:monero.social> "However, Monero’s privacy system gives it some added level of security. An attacker would not know the amount being transferred in a target transaction. Hence, transactions of value are unobservable without prior attacks. Further, the use of RingCT means that the quantum assailant would need to solve multiple Pedersen commitments in order to find the correct public key used in <clipped message>
15:05:11 <m-relay> <r​ucknium:monero.social> the transaction. This makes Monero slightly more secure against—or at least a slightly less attractive target for—quantum assailants than other blockchain networks."
15:09:32 <m-relay> <h​into.janaiyo:matrix.org> i'm assuming the attacker had regular computer(s) and the entropy was low enough for a bruteforce
15:10:07 <m-relay> <h​into.janaiyo:matrix.org> unless the first person with a practical quantum computer decided the CCS wallet was target #1
15:10:55 <m-relay> <r​ucknium:monero.social> I quoted that article because it shows that you can't just perform a database lookup of addresses on Monero, unlike other blockchains. The only easy lookup would be view keys and public addresses AFAIK.
15:11:30 <m-relay> <r​ucknium:monero.social> I don't think it could be a quantum attack. Could be a regular brute force attack with a classical computer.
15:15:31 <sech1> "whatever set of keys are possible with the lower entropy" I think it's too far-fetched
15:15:57 <sech1> Entropy must be less than 50-60 bits to crack the known wallets in a reasonable amount of time
15:16:14 <sech1> Even if you're in a VM, it's possible to get more bits of entropy
15:16:36 <sech1> and the attacker must know the exact version of Qubes that was used to replicate the entropy issues
15:19:17 <m-relay> <h​into.janaiyo:matrix.org> unless qubes 2016~ really did have 50-60 bits of effective entropy https://github.com/QubesOS/qubes-issues/issues/6939
15:20:18 <m-relay> <h​into.janaiyo:matrix.org> seems like the daemon responsible for counteracting the low vm entropy did not work
15:23:29 <m-relay> <h​into.janaiyo:matrix.org> if `monero-wallet-cli` just takes what it can from `/dev/urandom` without blocking then the pool may have been used up by other stuff running
16:01:34 <m-relay> <m​xgrafics:matrix.org> monerobull: can you approve my post on r/monerochan https://www.reddit.com/r/monerochan/s/Mu8nhLmXfP
17:30:06 -xmr-pr- [meta] Rucknium opened issue #928: Monero Research Lab Meeting - Wed 15 November 2023, 17:00 UTC
17:30:06 -xmr-pr- > https://github.com/monero-project/meta/issues/928
17:52:33 <m-relay> <4​rkal:monero.social> If I send x monero to y address. How can I prove to a third party that i sent the x amount to y address?
17:54:31 <dsc_> txproof
17:54:48 <m-relay> <4​rkal:monero.social> Can tx proof verify the amount?
17:55:14 <dsc_> well, why not use txid though?
17:57:30 <m-relay> <4​rkal:monero.social> Asking whether or not a third party can verify that I sent you x monero
17:58:38 <dsc_> https://docs.featherwallet.org/guides/prove-payment 
18:01:25 <m-relay> <l​za_menace:monero.social> the check can be done via the `check_tx_key` wallet RPC call or with an explorer - the onion explorer uses this route `https://xmrchain.net/prove/{tx_hash}/{address}/{tx_key}`
18:03:08 <m-relay> <l​za_menace:monero.social> ohai dsc_
18:21:55 <dsc_> whatsup :)