-
m-relay
<shortwavesurfer2009:monero.social> Unofficial XMRBazaar SimpleX
-
m-relay
-
m-relay
<shortwavesurfer2009:monero.social> RMUQhqsotA%3D%3D%22%7D
-
revuoxmr
Revuo Monero Issue 213: October 3 - 10, 2024.
revuo-xmr.com/weekly/issue-213
-
m-relay
<falcon8:matrix.org> I'm always chill bro :)
-
m-relay
<jeffro256:monero.social> Me too. Thankfully, I don't see it not being ready by February
-
m-relay
<syntheticbird:monero.social> Me too. If its not ready by february I might find all the devs and dox them 👍️ (no pressure guys) /s
-
m-relay
<321bob321:monero.social> Hashtag first
-
m-relay
<kayabanerve:matrix.org> And by December, the soft target?
-
m-relay
<jeffro256:monero.social> Definitely doable
-
m-relay
<321bob321:monero.social> Is this like saying multi sig by march ?
-
m-relay
<jeffro256:monero.social> Tbf the record shows that I said that the "temporary" non-multisig solution would become more permanent than other people thought
-
m-relay
<jeffro256:monero.social> But no, should be realistically achievable in the stated timeframe
-
plowsof
can we learn anything from this 6 person multisig wallet that was drained
rekt.news/wazirx-rekt
-
plowsof
(phishing was the eventual downfall of it , after 2 keys where compromised) but still a scary case
-
m-relay
<syntheticbird:monero.social> I consider that any multisig setup that requires n =< total_participant/2 votes is a liability.
-
ofrnxmr
3/100 lfg
-
ofrnxmr
Jeffro, we know. But ccs would still be RIP if we didnt accept the "temporary" solution
-
ofrnxmr
It was pretty clear to me that strange ppl showed up and fought to keep it down. (1/4 of the year)
-
geonic
multisig just gives plausible deniability, like in the fluffy/luigi scenario
-
plowsof
geonic exactly. if we could see which signer actually signed the transaction that would be ideal
-
m-relay
<syntheticbird:monero.social> i guess having both would be ideal
-
m-relay
<321bob321:monero.social> So knowing who signed or 2500xmr missing. Tough choice
-
ofrnxmr
Neither
-
ofrnxmr
dont know who signed, and lose 2500xmr
-
geonic
yep, that's the multisig scenario
-
geonic
as long as one person holds the keys and we know they'd be responsible in the event of a breach, that's fine I think
-
ofrnxmr
yeah, okay lol
-
geonic
split it among different people if the amount gets too big
-
m-relay
<321bob321:monero.social> Ahahah
-
ofrnxmr
worked out fine last time
-
geonic
we had 1/2 multisig last time
-
ofrnxmr
😆
-
m-relay
<321bob321:monero.social> No sig
-
geonic
effectively
-
ofrnxmr
I tried to split the funds (bsx ccs) but was rejected
-
m-relay
<syntheticbird:monero.social> should have been 2/2 from the start
-
m-relay
<321bob321:monero.social> At the end of the day “its plowsof’s fault”
-
ofrnxmr
Cest la vie
-
m-relay
<syntheticbird:monero.social> n =< total/2 is just adding attack surface
-
geonic
yep
-
m-relay
<321bob321:monero.social> Asking to many questions sir
-
ofrnxmr
2/2 makes it possible to burn the wallet
-
m-relay
<syntheticbird:monero.social> wdym burn the wallet?
-
ofrnxmr
All it takes is for 1 signer to "disappear".. or lose key
-
m-relay
<syntheticbird:monero.social> ah ok in that sense
-
ofrnxmr
Funds locked forever
-
m-relay
<321bob321:monero.social> Like having shamir key with 2 not 7 shards
-
m-relay
<syntheticbird:monero.social> yeah well they better find a third one them lmao
-
ofrnxmr
2/3 and 3/4 was my suggest
-
ofrnxmr
Other ppl wanted to larp on abiut 7/12 and shit
-
m-relay
<syntheticbird:monero.social> make sense
-
m-relay
<321bob321:monero.social> 2/3 and monero court for arbitration
-
m-relay
<syntheticbird:monero.social> more than 5 people => Absolute chaos
-
ofrnxmr
2/3 for payout wallet, 3/4 for donation wallet
-
m-relay
<321bob321:monero.social> They way we like it
-
m-relay
<321bob321:monero.social> Anyways tob has alpha,beta,delta feather multisig
-
m-relay
<jeffro256:monero.social> In this hack, supposedly 2 people were directly hacked. Not much to learn from this outside of general OPSEC. However, the core trick of the hack appears to be that the UI did not show the correct contents of the transaction being signed. The signers thought they were authorizing a routine transfer to a known address, when in reality the signers were authorizing a change in the wa<clipped message>
-
m-relay
<jeffro256:monero.social> llet contract. If your signing hardware doesn't do *correct* and *local* interpretations of the data that it is being signed, then the user can't trust that anything they sign will do what they think it is authorizing it to do
-
m-relay
<jeffro256:monero.social> This is significantly less of a problem in Monero because we don't do smart contracts and all transactions mainly look the same. There's fewer chances that an honest software dev will screw up interpreting the data that is to be signed
-
plowsof
thanks for reviewing jeffro
-
m-relay
<jeffro256:monero.social> But some Monero HW wallets still can't display integrated address *cough* ledger *cough*
-
m-relay
<syntheticbird:monero.social> cough *this review is sponsored by trezor* cough cough
-
m-relay
<321bob321:monero.social> You both need cough lollies
-
m-relay
<diego:cypherstack.com> Hi guys, I was requested to make a light version of the design I made for consideration a couple of months back. I was also asked to remove the circle buttons, and another couple touch ups. I did so. Find them here:
figma.com/design/OuY892nD4zD1CEQDvC…y)?node-id=0-1&t=TC6izgJAIuay80OP-1
-
m-relay
<diego:cypherstack.com> Please get me feedback. The sooner the better.
-
m-relay
<kewbit:matrix.org> Hey guys, important milestone update on the Haveno Multiplatform:
-
m-relay