<b​ehelit:hackliberty.org> after the ccs incident what does the community think is the best methods of crowdfunding projects

<b​ehelit:hackliberty.org> Can you send monero whilst offline?

<4​rkal:monero.social> CCS with good opsec is still the best

<4​rkal:monero.social> But whoever is holding the funds should disclose their setup to be "reviewed" by the community. At least in my opinion.

<b​ehelit:hackliberty.org> how would you trust a reviewed setup

<4​rkal:monero.social> Wdyn?

<4​rkal:monero.social> Wdym?

<b​ehelit:hackliberty.org> how would you verify that the approved setup is actually being used

<4​rkal:monero.social> You can't

<4​rkal:monero.social> Don't verify; trust

<4​rkal:monero.social> Lol

<4​rkal:monero.social> You are already trusting them to hold the funds so...

<b​ehelit:hackliberty.org> and what type of entity would be trustworthy in your eyes

<4​rkal:monero.social> Multisig with many devs

<e​ndor00:matrix.org> You can sign a transaction offline, yes. And then submit it to an online node

<e​ndor00:matrix.org> Same as any other coin

<4​rkal:monero.social> You can't tho can you?

<4​rkal:monero.social> You have to have an online device too

<4​rkal:monero.social> Before submitting the file to an online node right?

<e​ndor00:matrix.org> Well yeah, you can't be both online and offline at the same time

<e​ndor00:matrix.org> The important part is that the private spend key is on a device that never touches the internet

<b​ehelit:hackliberty.org> can you give examples of this setup

<u​nkn8wn69:matrix.org> Anonero

<4​rkal:monero.social> anonero.io

<4​rkal:monero.social> Tor required

<v​ikrants:monero.social> Thanks for foundation devices and stack wallet, cake and Monerocom wallets have native tor in next update.

<v​ikrants:monero.social> matrix.monero.social/_matrix/media/…ero.social/GqqdxqmLRKySYSMvHBdXIEzh

<v​ikrants:monero.social> matrix.monero.social/_matrix/media/…ero.social/EiqfXknyFrwhxHEytXfFyzNi

<v​ikrants:monero.social> Thanks to foundation devices and stack wallet, cake and Monerocom wallets have native tor in next update.

<a​js_:matrix.org> monerokon 2024 planning in about an hour

<a​js_:matrix.org> in #monero-events:monero.social

<a​js_:matrix.org> agenda monero-project/meta #929

<4​rkal:monero.social> But whoever is holding the funds should disclose their setup to be "reviewed" by the community. At least in my opinion. <= some consideration should be made to physical security as well if "publishing" your setup, targeting involving meatspace could become more likely

<1​23bob123:matrix.org> Disclosing somethings is actually worse for opsec

<o​frnxmr:monero.social> Its on my google drive

<d​iego:cypherstack.com> hi guiz

<b​ehelit:hackliberty.org> sounds like security through obscurity

<s​weetbearkiller:monero.social> have rules that must be followed

<s​weetbearkiller:monero.social> regarding the opsec

Hello diego.

security through obscurity is a great thing when it comes to physical world

(rather, is a part of the equation)

Upload a floor plan of your home with positions (screenshots of any/all security cameras) so we can help improve your setup

<s​weetbearkiller:monero.social> yes dont forget to send the address to check if you are in a safe place

<s​weetbearkiller:monero.social> just in case

<4​rkal:monero.social> If you told people about your terrible opsec beforehand there would probably have been a large backlash.

<4​rkal:monero.social> We only learned about your setup once it was too late

<4​rkal:monero.social> Disclosing that you have for example and offline qubes os install with an offline vm to sign transactions can't really make it easier to attack you. On the other hand if you do something stupid the community might be able to help

<s​weetbearkiller:monero.social> I think the opsec should be disclosed in the future

<s​weetbearkiller:monero.social> security through obscurity has limits

<s​weetbearkiller:monero.social> an attacker will find out

<s​weetbearkiller:monero.social> that or having a standard that everyone must follow once they get enough responsabilities

<s​weetbearkiller:monero.social> it'd not be ridiculous to ask for an airgapped signer when you manage funds >1M$

<s​weetbearkiller:monero.social> and a signer in an offline cube when managing funds > 10k$

<4​rkal:monero.social> Yeah for example don't use an online windows machine when managing 500k in funds

<s​weetbearkiller:monero.social> and a signer in an offline qube when managing funds > 10k$

<s​weetbearkiller:monero.social> we learn from our mistakes

<4​rkal:monero.social> But yeah having a certain standard sounds like a good idea. Should have EXACTLY the same setup for every dev tho

<s​weetbearkiller:monero.social> Shouldnt* ?

luigi1111w: which is why I suggested that trusted persons deal with it without telling who they are, ofc I got laughed at

<4​rkal:monero.social> But yeah having a certain standard sounds like a good idea. Shouldn't have EXACTLY the same setup for every dev tho

<s​weetbearkiller:monero.social> Maybe that will get more consideration now ig

Seems like people want 4/9 multisig + the plot of a Tom Cruise movie

<o​frnxmr:monero.social> 2/7

<o​frnxmr:monero.social> I like 4/90

1/1

<4​rkal:monero.social> 6/9

<o​frnxmr:monero.social> (4rkal is serious)

<o​frnxmr:monero.social> Dreamlandia

I hope people realise we will just be shooting the shit and nothing will happen until multi sig is ready(tm)

<s​weetbearkiller:monero.social> 4/9 would not be irrealist in managing the cold wallet honestly lol

<4​rkal:monero.social> Sorry for cringy joke ofrn

monerokon has not set up their multisig wallet yet because all participants need to be online at the same time for some amount of time

takes a while to do

<o​frnxmr:monero.social> irrealist (brb while i dictionary)

<s​weetbearkiller:monero.social> lmao

highlight and Rclick

<o​frnxmr:monero.social> > <n​ioc> monerokon has not set up their multisig wallet yet because all participants need to be online at the same time for some amount of time

<o​frnxmr:monero.social> Arent they trusting rino aka basically dr

they want to set up CLI multisig as well for cold wallet

rino = hot wallet

<o​frnxmr:monero.social> ahi thoight rino = their solution

<s​weetbearkiller:monero.social> if people are trusted and good standards are adopted the risk is already significantly reduced even without multisig

<o​frnxmr:monero.social> They want to use simplex for their key exchange, thata right

they want to set up a simpleX group, I have no idea how things will be set up

that is, no idea what it will be used for

why is simplex better for key exchange than pgp encrypted email? Is it just cause simplex establishesbs p2p connection for the blob exchange?

*establishes

Security/convenience i think

sure, but why?

Or how?

So with pgp, because i have to give my blob thing to all participants several times/vice versa - i would have to encrypt the message separately with each participants pgp.pub keys

Unless there is a shared pgp key between us all (not sure how that would be distributed securely)

Protonmail does the above automagically(?) Simplex even more automagically(?) I dont know

<s​weetbearkiller:monero.social> do that with the key ?

<s​weetbearkiller:monero.social> tho that means if anyone leaks everyone is compromised, we cant just revoke one key

Yeah, should still be shared encrypted on simplex. There are still five (for example) phones with the blob on it. Unless there is autodestruct on messages, i guess.

<s​needlewoods_xmr:matrix.org> > <p​lowsof> So with pgp, because i have to give my blob thing to all participants several times/vice versa - i would have to encrypt the message separately with each participants pgp.pub keys

<s​needlewoods_xmr:matrix.org> not sure I understand this correctly, do you mean with pgp you have to create multiple encrypted messages, each for every participant?

You have to encrypt the message with someones public key

<s​needlewoods_xmr:matrix.org> yes, but you can add multiple pub keys to one encrypted message

TIL?

Nice, PGP is more than pretty good crypto.stackexchange.com/a/86489

So midipoet i see no reason for not using pgp over trusting 'thr next best thing since sliced bread' app

<p​lowsof:matrix.org> Community meeting next Saturday - what do we discuss

<p​lowsof:matrix.org> 280 XMR to be handed to 37c3 event organisers to pay an outstanding invoice, and to fund the current event: repo.getmonero.org/monero-project/c…als/-/merge_requests/105#note_22896

<p​lowsof:matrix.org> How to fix the ccs wallet because every option has a reason not to move forward with it

<p​lowsof:matrix.org> are we gatekeeping the ccs so that only core / seraphis devs will receive funding? is everyone finally happy?

<p​lowsof:matrix.org> xmrscott wants to raise a Q about mattermost.getmonero.org

<p​lowsof:matrix.org> adding a custom "fr-external" tag to ccs proposals with an extra "donate-url" field would allow things to be displayed on the funding required page, and simply re-direct people to the link. (no progress bar or anything unless integration for specific funding platforms is added to scrape their api on regular intervals) - problem is that the ccs backend can't be built (needs a docke<clipped message>

<p​lowsof:matrix.org> r wizard to handle old php dependencies)

<p​lowsof:matrix.org> also subscribe to featherwallets RSS feed featherwallet.org/feed.xml (theres going to be nice update soon with offline QR code transfer capabilities

<p​lowsof:matrix.org> diceware (adding dice rolls to produce seeds / add extra entropy?) and other things listed here matrix.to/#/!mehPttlWNbDtNeDbvu:mon…rg&via=monero.social&via=nitro.chat

Plowsof: whats the gatekeeping topic about?

<p​lowsof:matrix.org> so currently the only assurances for proposals in the ideas stage have been made to core / seraphis dev things

<p​lowsof:matrix.org> the rest of them (myself included) are being left in the dark / asked to wait for a magic fix

how do you mean assurances?

<p​lowsof:matrix.org> funding will be secured for them (one way or another: either directly from the general fund / put forward for retro funding(should the ccs wallet situation be fixed shortly) or a combination of the 2)

<p​lowsof:matrix.org> all of the inprogress proposals are covered* this is for the proposals at ideas

Can we not just a set up a RINO wallet as a stop gap in the short term ? Is it that we don't have anyone trusted enough to run it?

we need more than one incase someone gets hit by a bus

Just leave the backup with a couple of trusted members. Don't say who

<p​lowsof:matrix.org> i am in favour of any stop gap short term solution. the bar for being "more secure" than the previous setup is really low and the disclosure can be as simple as "its not a hot wallet" hooray

plowsof: I agree.

<p​lowsof:matrix.org> multisig which is what RINO is based on though, is not "known secure" (there is an above zero chance an exploit exists)

it will be fine

and it's a short/medium term solution anyway

if events want to risk 12k with it, i am sure CCS can risk the same

how much normally does the CCS wallet need to hold at any one time?

<p​lowsof:matrix.org> the last group of pending payments accumulated about 600 xmr in 1 month which is an ok estimate to throughput

there was over 600xmr in proposals ready to be merged when the bad news was announced

Yeah, i count ~870 XMR in ideas now (not founding FCMPs)

Realistically it's gonna be 1-2k if people don't leave milestones for years. 1k per 3 months is probably not far off, I can easily check later

some are a no go

events won't keep all funds raised in RINO

CLI multisig = cold, RINO = hot

<p​lowsof:matrix.org> we have to ask ourselves then, the theoretical multisig hacker: would they steal a few measily monteros or wait for something big - if this is the only reasoning then , it would be safe, however , the damage to the project/core team if it happens would be severe / out weight the monetary value so seems appealing for enemies

<p​lowsof:matrix.org> in security there is a counter argument for everything :(

so theoretically what is the total amount we are willing to risk in a RINO wallet?

250 XMR?

<p​lowsof:matrix.org> 244~xmr was the "unhacked amount" in the CCS2 (the small wallet that was actually used to payout people quickly) so its a good number to start at

Just make that the max allowed for each wallet. Will take some managing, admittedly but it's doable.

And just distribute control out to trusted members and don't say who

also, ensure backups are distributed out as well, to mitigate bus

to reduce the number of Monero needed to be held please pump (blasphemy)

<p​lowsof:matrix.org> reduce the coinbase outputs temporarily

<p​lowsof:matrix.org> this is no time for inflation

right, so we have a plan?

<p​lowsof:matrix.org> the github security experts and the anti ccs / core people will be mean to us

People are mean here most of the time these days, so how does that change anything?

we probably need four RINO wallets, and four (?) trusted members + plowsof.

<o​frnxmr:monero.social> Round and round we go

<o​frnxmr:monero.social> Or should i say

<o​frnxmr:monero.social> facepalm

<o​frnxmr:monero.social> That IF core holds it

<o​frnxmr:monero.social> argument has been had and settled

<o​frnxmr:monero.social> Solution: core doesnt hold the money, duh

<o​frnxmr:monero.social> Lets just leave the money in the known vaults why dont we

they are not trustworthy?

let Cat do it, nobody would suspect

<o​frnxmr:monero.social> +1

<o​frnxmr:monero.social> Lets give it back to luigi, so i can rob him twice in a row

<o​frnxmr:monero.social> Or give to bf, so when i finally get him, i can wipe monero clean

<o​frnxmr:monero.social> Or give it to cat

<o​frnxmr:monero.social> .. why would i waste my time on cat

<o​frnxmr:monero.social> Cat wont even get me famous

<o​frnxmr:monero.social> I hacked cat for 100xmr? "do you want a gold star sticker, ofrn?"

<o​frnxmr:monero.social> Making a big deal out of peanuts. What we lost were funds that should not have been there