Battlefield Title Wager

04:28:23 Wow we really are a small community if it’s not immediately obvious who the ms signers should be. 04:28:24 Whom does core team consist of? 06:30:36 core wants to do less not more 06:38:32 Maybe they can do less of what they’re doing, but take up key holding. 06:38:51 Maybe we can start by making a list of possibles though 06:39:45 lol 06:40:02 ccs keys arent passive 06:40:19 you need to constantly make transactions which is annoying 06:42:02 Establish the duration of key holding terms also. If people think it’ll be too onerous for long term holding 06:43:21 I was concerned about trustworthiness at first, but MS solves that. Doesn’t have to be core members only 06:44:15 Something like a 4 of 7 is possible? 06:46:04 not really 06:47:11 you should really try and set up a multisig wallet before you ask 7 people to do it. coordinating 4 people every time a ccs payout needs to be sent would be a nightmare as well 06:47:56 I don't think it HAS to be a nightmare with the right UX 06:48:13 No one does. 06:48:19 Right now doing multisig on the monero-wallet-cli is hellish tho 06:48:23 But that right UX isn’t there currently 06:50:54 I volunteer if it’s really that few willing people. I just doubt I’d be accepted. Someone (plural) has to do it. 06:51:08 After FCMP++ and Jamtis deploy, I was thinking about writing a CCS backend/frontend service from the ground up with actual usable multisig and publicly available outgoing view key history so the multisig key holders are held accountable to outgoing txs 06:52:25 that would be cool 06:52:41 That’s a super long way away 06:52:49 yea 06:53:07 aremor i think you underestimate how ass the mulitisg UX is right now 06:54:21 it's way more likely that coins would be lost due to multisig than if the CCS funds were just managed with a trezor wallet 06:58:32 Multisig seeds are gross, the ceremony is gross, syncing key images is gross, passing around partially signed txsets is gross 06:58:53 It gets better after FCMP+Jamtis tho 07:01:29 at the end of tobtohts report for the latest release of feather @ https://featherwallet.org/changelog/ focusing on practical multisig lead to delays in maintenance for featherwallet (understandably his main focus) 07:08:51 <321bob321:monero.social> so n+2 then i guess 07:10:22 basicswapdex devs have offered to pick up the task / finalise it (if tobbers needs breathing room for his never ending to-do list) OR to use their own tech to create something new from the ground up. i am not sure on the exact details of their approach but they have expressed willingness to help 07:11:00 Need volunteers. And go through a test period with low amount of funds in the wallet. 07:12:26 youd have to pay me $100 an hour to do multisig transactions multiple times a month 07:12:41 it is really bad 07:13:08 jeffro256 something for the future: imagine we have a (as mentioned earlier) 4/7 multisig wallet. although its beneficial to have a large pool of signers - we must not forget that plausible deniability increases 07:13:17 Plowsof you can hold a key? 07:13:27 at this point in time, we are not able to know exactly which of the signers 'signed the sweep_all' transaction 07:13:53 so 4 of the 7 may have a slight incentive to collude 07:15:21 And the benefit of having more of the signers not required in order to send is fault tolerance for keys getting lost 07:15:49 so when joining a large Msig group - you could be the patsy 07:36:20 <321bob321:monero.social> why would basic swap do it, when their ccs wont get merged 08:02:58 a separate ccs* 08:09:43 The way I see it, it's pretty easy. We let tobtoht do their thing and patiently wait in the meantime. Any alternative I have read so far, especially today, is worse, sometimes down to the point of laughably so. If tobtoht burns out or simply calls it quits, we have a real problem on our hand, but hey, that's life. 08:13:29 <321bob321:monero.social> god i hope the jetfund takes off again 08:13:34 Wow this is really illustrating how few active people there are 08:13:39 <321bob321:monero.social> jokes on community 08:13:59 <321bob321:monero.social> reactive, not proactive 08:20:55 What is the "jetfund"? 08:25:33 that would be the ccs overfunding, hovering around 300 now https://github.com/plowsof/scrape_ccs_fr 08:35:12 again? 08:35:40 we just lost +400k and we are already sitting on 300 XMR extra? 08:36:47 Just a random thought, I think the CCS should be decentralized somehow 08:37:19 Otherwise one guy has to resist the temptation to steal the whole bag people put their money into 08:38:02 Just a random thought, I think the CCS should be decentralized somehow (correct me if that's not possible BTW) 08:43:23 <321bob321:monero.social> trust me bruh 08:43:45 <321bob321:monero.social> jet fund = ccs fund 08:43:46 <321bob321:monero.social> cause it took off 08:44:13 <321bob321:monero.social> black flight cause no one knew it took off 08:45:43 <321bob321:monero.social> and people rolled over and accepted it lmfao 09:12:44 monerobull 100~ extra now, 244 is carried over (never forget!) 09:13:56 the robbery was the intervention needed to cull all the unclaimed old stuff 09:14:10 dont you dare carry stuff over 09:15:02 if mr translation ccs comes back in 4 years just tell them "sorry, you didn't claim for nearly a decade and it got robbed, we aren't your custodian" 09:15:15 lol 09:26:14 mr translations came back after years and didnt put his full address (nor did he send it to anyone on irc/matrix) https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/237#note_21125 09:30:38 hmm, vanity address generator can produce lots of addresses matching what he posted :D 09:37:21 >The first 5 digits of my address: 4A63F; the last 5 digits: ZtER1. 09:37:28 what 09:37:40 sech1 oh no lol 09:38:21 we should have a clause saying uncollected funds go to the fucking burn wallet after 2 years 09:38:51 the burn wallet is crazy btw 09:39:11 only has 2 transactions since the very begining 09:39:57 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/yBzqJLTWhvlTzDJdEqhPPwJY 09:40:29 and i can guarantee you that the first ever tx to that address was woodser testing the haveno punish tx haha 17:51:08 Hey everyone I am working on BiorLogin my mobile apps wallet creation method (We will support monero) and wanted to hear everyone's thoughts. I know people in here are very good with tech and security. So I appreciate all ideas and criticism. 17:51:08 The idea is simple, use a username x password format to replace seed phrase. We just need to discuss how it will be done on the back end. 17:51:10 to access an account a user must have at least 3 pieces 17:51:12 Options are: 17:51:14 1- username 17:51:16 2- password 17:51:18 3- second password 17:51:20 4- date of birth 17:51:22 5- OTP code? 17:51:24 Users can decide which to activate as long as they have 3 of them. This would protect against brute force since we increase the number of possibilities. 17:51:26 Once an account is created we use the information provided to encrypt access to the account. We also cant access it. The only way to decrypt or access an account is by providing the right amount of information and the right information. 17:51:57 The goal is to create a more familiar way for users to create and maintain an account. Everyone knows about username x password and everyone knows about security questions 18:07:29 Hey everyone I am working on BiorLogin my mobile apps wallet creation method (We will support monero) and wanted to hear everyone's thoughts. I know people in here are very good with tech and security. So I appreciate all ideas and criticism. 18:07:30 The idea is simple, use a username x password format to replace seed phrase. We just need to discuss how it will be done on the back end. 18:07:32 to access an account a user must have at least 3 pieces 18:07:34 Options are: 18:07:36 1- username 18:07:38 2- password 18:07:40 3- second password 18:07:42 4- date of birth 18:07:44 5- TOTP code? 18:07:46 Users can decide which to activate as long as they have 3 of them. This would protect against brute force since we increase the number of possibilities. 18:07:48 Once an account is created we use the information provided to encrypt access to the account. We also cant access it. The only way to decrypt or access an account is by providing the right amount of information and the right information. 18:32:42 Why don't he signs a message with the full address ? Anyone can say "I have this" 20:47:33 Or that they should be automatically allocated to fund new approved proposals 20:47:55 nah 20:48:00 Before opening funding round to public 20:48:05 that gives bad incentives 20:48:18 nobody can complain about a burn 20:48:32 That incentive already exists when the balance gets high regardless 20:48:43 you can have some real shizo conspiracy shit when you take money from someone and give it to someone else 20:51:22 On the flip side, I'm less willing to donate if I know that my money is going to be thrown into a block hole 20:52:51 It should be expected for R&D to have a high "failure" rate, but that shouldn't necessarily mean that the funds get evaporated 20:52:56 not a black hole if the person actually shows up every 2 years or so 20:53:10 you really cant expect us to hold on to your funds for 5 years 20:53:40 i think its ridiculous that plow even considers paying the translation guy at this point 20:53:58 Yeah which is why it should be allocated to something useful and the old proposer loses their claim on the funds 20:54:22 sorry, we got rugged for 400k, you would have not been affected if you were an active member of the community instead of fucking off for 4 years 20:54:26 Idk the specifics of this case, but I'm not saying that we should hold the funds *for the same person* forever 20:54:51 but again, that sets bad incentives 20:55:02 "plow, kill this ccs and fund mine with it" 20:55:09 is a whole lot different from 20:55:13 "plow, burn the coins" 20:56:48 burned at the same rate as daily coinbase rewards until we have zero left 20:57:11 YES+ 20:57:17 make monero deflationary 20:57:47 Or create a tx where the entire balance goes into the fee 20:57:56 no 20:57:59 you can game that 20:58:34 plow doesnt broadcast the tx for a year and then mines a 300 XMR block 🤡 20:59:04 it could be done gradually 20:59:08 Okay then do it slowly and double check that it's broadcasted normally 20:59:22 nobody can game a tx to 46uVWiE1d4kWJM3aAoCpHVgDCm5higshGVJBb4ZNpTYARp8rLcCdcA1J8QgRfFWTzmJ8QgRfFWTzmJ8QgRfFWTzmCag5CXT 20:59:24 It won't leave a trace on the blockchain, but current nodes can check its broadcatsed 20:59:34 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/OkAaNsFBvHnUoExqCTVwWosG 21:00:30 btw im intoxicated and shitposting, just in case anyone thinks im being serious 21:03:15 btw its really funny to load up the GF view only and see scammers scramble 21:03:28 it's like 2k XMR 21:03:35 last time ive checked 21:04:59 if only view only wallets could be loaded from seeds 21:05:53 This is where an unlock time field like Bitcoin's `nLockTime` would be useful: one could broadcast the tx(s) days or months in advance so all miners know about it(them) floating around beforehand but can't mine them until a specified block number. This can create incentive issues around reorging, but that can be solved by smoothing out the reward and not spiking the reward in a single block 21:06:54 monero has some crazy fields 21:06:59 It would be funny if the GUI supported a seed type which opened to the view balance wallet, but the GUI *acted* like it was a full spending wallet until they tried to spend the funds and it gave them goofy ass error messages 21:07:17 i love how the timelock feature is a shitty copy of the bitcoin one with no real usecase 21:08:06 no real usecase? what about bankrupting exchanges? 21:08:23 haha 21:08:24 they didnt even do that though 21:08:26 oh man 21:08:30 missed opportunity 21:08:37 i would have 100% bankrupted them if i had known 21:08:43 for the lulz 21:09:17 burn a bunch of XMR for 96% in BTC? 21:09:23 hehe lmao sure 21:09:53 although im not sure if i would have had enough liquidity 21:10:46 these fuckers / or someone related are probably behind the ddos on monerotown 21:11:14 who? 21:11:46 infinity 21:12:03 its a tor only instant swapper with 4% swap fee 21:12:15 their admin came into this chat like 1 or 2 years ago all confused 21:12:29 bcs he received $20k in timelocked XMR 21:13:13 the attacker could have compiled the CLI themself and set the unlock time beyond the heat death of the universe but infinity was lucky and they only locked the coins for 4 years 21:13:15 oh right, I was more thinking about Binance 21:13:45 you wouldn't need much if you were willing to cycle the coins 1000x 21:14:02 Hello guys.... 21:14:09 Something really bad has happened to me and I hope you can help me. I'm in a really bad mood right now. I know a lot about IT and I've never really had a virus. Now 2 weeks ago, in a hurry, I downloaded a clone of a program that had a virus on it. I analyzed the virus and from its logs it didn't steal anything bad. But now I still had an unencrypted Monero wallet on my computer wi 21:14:10 th a total of 10 Monero. These were withdrawn a week ago. So the attacker got hold of it too, even though the logs said otherwise. So the logs are not complete and that sucks. 21:14:12 My question now is: If the wallet on my Windows computer is unencrypted, can the attacker simply take over my wallet using the Windows files in “ProgramData”, for example? Because if that's not possible, he must have gotten hold of my seed, which is in my password database. And if he got hold of my password database, then everything is screwed anyway. It does have a very long 21:14:14 password, but maybe he tapped into it. So I need to know whether it's easy to get an unencrypted wallet via the files. 21:14:16 Thank you... 21:14:18 Translated with DeepL.com (free version) 21:14:20 what do you mean by that? 21:14:28 you could take the resulting BTC, swap back to XMR with a different service, repeat the process 21:14:35 send funds to cat shelter 21:14:52 Send 100 timelocked XMR, swap back into XMR, Send 99 timelocked XMR, swap back to XMR, Send 98 timelocked XMR, etc, ec 21:14:57 rip 21:15:19 there is malware that is specialized to extract seeds 21:15:43 oh yeah right 21:16:21 It was no good malware. It was a legal RAT. Thats why it was undetected. But the installation was silent and I allowed the installation because I thought its a different tool. But please tell me if its possible to take over my wallet with just the windows wallet files 21:16:40 Yes if your wallet file is unencrypted, then your seed is unencrypted. If your seed is unencrypted, they can just copy it and take your money 21:17:03 if it is unencrypted, they can just copy the wallet file to their machine 21:17:19 and even if its encrypted, if they have a RAT on you, they can keylog your password 21:17:44 grafik.png 21:17:49 Can you tell me in which file my seed is? Or what is the wallet file? I want to understand. I see there is a folder "bitmonero" in "ProgramData". Tere are these files 21:18:00 grafik.png 21:18:17 It will likely be in Documents/Monero if you leave it as default 21:18:33 The bitmonero folder is for the daemon data 21:18:55 Ah, its in documents, thanks so much 21:19:41 Fuck, this is so bad. I have like 350 passwords, so much server details and everything. I mean I lost the 10xmr, its also bad, but my passwords are more worth 21:19:46 id recommend a trezor safe 3 if you have more than $500 worth of crypto 21:20:11 If your XMR is still in exposed wallet, create a new wallet on a different machine, and transfer it ASAP 21:20:13 change them all, right now. 21:20:18 and reinstall windows 21:20:20 Yeah better yet use a Trezor 21:20:24 And change those passwords 21:20:26 jinx 21:20:50 if your password manager is any good, they might have only got your XMR from the wallet file 21:21:02 change all passwords regardless 21:21:08 id leave a canary wallet with like 1.5 XMR 21:21:18 if that gets drained, you know its time to nuke everything 21:21:20 Yeah... I am always using my Trezor, but in this case I was not, I was too lazy I guess 21:21:46 maybe you are interested where I got the virus: https://dash-electrum.com/ This is fake website. I downloaded this wallet. Real domain is with .org.... 21:21:58 rip 21:22:18 i once got baited into installing malware but i was smart enough to do it in a VM 21:22:21 Report that site to your search engine 21:22:51 fuckers didnt even bother to set their clipboard malware to steal monero 💢 21:23:09 rookies 21:23:10 That's so ridiculous that I get scammed over something like that. I know very good about crypto and everything. But I was annoyed that a provider only accepts Dash and just wanted to load the wallet quickly 21:23:21 would only go for btc / eth / ltc 21:23:22 yes, vm is smart 21:23:56 Thank you guys 21:24:16 theres one in windows pro 21:24:20 theres one included in windows pro 21:24:32 you can get keys for like 4$ on ebay 21:25:50 you mean vm feature? I am using vmware. There is a new free personal edition since few weeks or months 21:26:43 windows sandbox 21:26:44 file grafik.png too big to download (2004262 > allowed size: 1000000) 21:26:46 grafik.png 21:27:44 Yeah, this is also nice 21:29:49 welp 21:29:52