09:03:09 18 Block reorg from qubic?! 09:12:22 Yes 09:28:10 Indeed 09:32:55 Would rolling DNS checkpoints have prevented the reorg going above 9? that is what i have come to understand 09:34:16 I understood the same, the checkpoints would have blocked at 10 09:40:39 @plowsof:matrix.org: Yes 09:41:15 But its very hard to implement? 09:41:49 No 09:49:13 @kevino:tchncs.de: Its just needs some rigorous testing first... 09:52:54 I rigorously tested it 09:53:34 @ammortel: Yeah they are gloating about it on Nitter. That CFB persom is gloating like his šŸ’© dont stink claiming Monero exisits at his mercy because he allowed it to stay on. Just shows we dealing with bunch immature retards. I cant wait to we deal with this I hate how he trying get attention and headlines on back of Monero 09:53:38 the only thing that needs testing is the actual domains that we plan on using 09:58:51 @ofrnxmr: Yeap I saw your discussions about the testing appreciate your work bro thankyou 10:13:11 @ofrnxmr: so we've got the decentralised option where each domain is a separate machine belonging to different people who despise each other but love monero (wont conspire to help each other and/or harm the network), each will secure the machine the monero node is running on and keep 99%, they will likely need to rent a fo [... too long, see https://mrelay.p2pool.observer/e/1tfYibUKbHY5ajRr ] 10:14:17 Yeah, fuck the decentralized option atp 10:14:29 i think the top pools would rather handle this themselves rather than relying on others 10:14:36 that is a lot more work to deploy 10:14:40 i.e their own DNS peoples with glue 10:14:56 And will almost certainly cause a chainsplit 10:15:38 short term we just have to pretend that the moneropulse domains are super decentalised behind the scenes? 10:16:31 i just can't see the top pools accepting a few guys from featherwallets node list are going to secure their bags 10:16:45 lol they are super decentralized behind the scenes 10:16:48 @plowsof:matrix.org: When Romanian empire was under attack, they postpone democracy and elected a leader to govern and protect them. moneropulse have this role 10:16:50 secure their bags -> blocks lost above 10 re-orgs** 10:17:00 I don't know if I made this shit up or if I heard it in a movie 10:17:22 The decentralizing of the domains doesnt do anything positive aside from decettralizong the point of failure 10:17:22 Negatives are that decentralized domains can have different rules about ttl, or unreliable participants 10:18:02 so my suggestion of allowing these pools to just say fuck this we'll figure it out is going to increase chance of chain split 100%? 10:18:27 Yes 10:18:36 to make the domains configurable easily 10:18:50 If nodes disagree on the point to which they will roll back to, they will build different chains 10:19:27 The finalized checkpoint tip has to be common amongst >50% of net hash 10:20:28 If plowsof checkpoints block 500 and ofrn checkpoints block 502, during a reorg, plowsof will build and checkpoint new blocks for 501 and 502, which can never be accepted by ofrn 10:21:50 the domains areĀ configurable easily. Change the domains in the code and rebuild :P. But this is not a good idea. 10:22:01 You want to be on the same checkpoints as everyone else 10:24:49 i think moneropulse has to be controlled entirely on core infra for the immediate short term. with 0.5 persons with access needing to put fires out across (hopefully) 7 vps running monero full nodes rather than 1 which is proxied across the domains 10:25:11 Its dns, doesmt have to be on their infra at all 10:25:35 Its 1 script, 1 node, updating 7 dns at once 10:25:46 Automatically 10:26:44 they are on cloudflare afaik 10:27:56 Whats the worst that can happen? Cloudflare can inject malicious entries? I highly doubt cloudflare is going to do such a thing 10:33:31 i think the only thing we need to discuss, is how often, how deep, and how many checkpoints to push 10:33:32 example that i think works: 10:33:32 How often = every time tip ends in 0 or 5 block (approx every 10mins)[... more lines follow, see https://mrelay.p2pool.observer/e/3oujirUKUjQzZVZ5 ] 10:38:35 the only worst thtat can happen is the 1 node is offline and theyre empty lol 10:38:53 needs redundancy still for the centralised quick fix 10:39:30 good that the short term fix is doable 10:41:12 @ofrnxmr: Security-wise: ā€œdepth 5, 10 blocksā€ is strong protection. 10:41:30 the dns checkpointing node doesnt have to be static or local 10:42:02 Can also have fallbacks 10:42:24 we'll need this 1 script 1 node editing dns testpoints asap me thinks 10:42:47 Its already done (in R) by rucknium 10:43:00 But we need to test moneropulse on testnet 10:43:08 We havent tried the moneropulse domains yet 10:43:29 Could be that cloudflare is unusable 10:43:43 https://github.com/monero-project/monero/issues/10064#issuecomment-3259592231 10:43:51 On testnet, we used various domains that rucknium, tevador, and vtnerd own 10:44:11 Yeah i sent him a dm 10:46:32 we could have this as a moneropulse wikipedia pade to ppost upto date goings on @ https://docs.getmonero.org/infrastructure/monero-pulse/ 10:48:02 seeing something @ dig -t txt testpoints.moneropulse.net +dnssec 10:48:02 will inspire us with confidence. just have to wait 11:24:29 <321bob321> I propose we use DNS-over-QUIC cause its close to qubic. 11:33:08 hi @malori:xavi.lu 11:33:30 nice name 11:58:31 dan bob is alive!!! 12:01:05 <321bob321> Hiding from drone strikes 12:03:21 successful so far :) 17:27:48 hey vik please tweet about jb also 20:56:59 cloudflare is a single point of failure. > <@ofrnxmr> Whats the worst that can happen? Cloudflare can inject malicious entries? I highly doubt cloudflare is going to do such a thing 20:58:58 Boohoo 21:00:14 I'm, as we speak, monitoring dns updates across multiple endpoints, and i'll take "single point of failure" over 3/5 failures to meet consensus 21:01:05 I hate democracy 21:01:26 You need 2/3rd of thr servers to agree entirely. Having multiple points of failure makes it easier for the whole operation to fail, simply due to inconsistencies across implentations 21:03:30 As a last resort, mining pools can always stop enforcing DNS checkpoints if any man-in-the-middle attack is suspected to occur. Anyway, the records would have DNSSEC enabled. 21:04:13 Disabling checkpoints is as simple as restarting the node and dropping the flag 22:54:03 <321bob321> If we put the cert on all nodes we can get cloudflare full TLS mode. 23:38:12 Is there any reason at all that this isn't merged? A finality layer is WAY preferable to DNS checkpoints outside of emergency scenarios https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/604 23:41:42 this isnt answering your question, but dns checkpoints are a finality layer too 23:42:30 What you mean to say, is that POS is preferrable to DNS, but thats debatable 23:42:36 Right, but DNS checkpoints are in practice way more centralized than a well implemented finality layer 23:42:44 DNS is opt-in 23:43:11 Oh come on, anyone who doesn't opt in is on a different network. We've had these circular convos for weeks now 23:43:58 Its essentially a miner-lead soft fork 23:44:10 If you dont opt-in, you follow majority hashrate 23:44:20 Hence a different network.... 23:44:29 (in this reorg case) 23:44:37 Which is utter trash 23:45:01 Its whatever network has majority hashrate, which would/should be the honest miners 23:45:20 the reorg would be reorged out 23:45:25 Then no need for DNS checkpoints, we're back in circular convo land 23:45:51 no, dns checkpoints combat selfish mining 23:46:30 Instead of temporarily hijacking the chain, the hijacking is prevented (unless it can be sustained) 23:47:09 It still splits the network if someone doesn't want to submit to the holy DNS recordā„¢ļø #decentralization 23:47:14 anyway, my point is that using dns as a talking point for pos isnt relevant 23:47:17 Hence why I'm mad 23:48:04 I'm glad DNS checkpoints are being considered, but I'm mad that finality layer is considered a totally different thing and this proposal has sat without being merged for weeks 23:48:20 @sgp_: It forks off the malicious miners. It doesnt simply caise a net split unless the malicious side IS the majority 23:48:36 Which is same shit as pos halting 23:49:37 The main differences are, one if these is a consensus change, and one isnt. One is a bandaid, and one is a (likely) permanant change 23:51:41 The question of why isnt it merged falls to mrl and dev to decide whether to pursue. Theres support and opposition, and as you know, its not an implementation 23:53:11 It's to fund the research not to decide we must commit to the option when it's merged 23:53:12 Its a write up / book / research topic. Framing it as "finality layer better than dns" is dishonest, because the ccs isnt for a finality layer 23:55:05 For all we know, its on luigis desk waiting to be merged. Dns mitigations could have been rolled out over a week ago, yet here we are, no book, and 117 invalid txs 23:57:00 The ccs doesnt help our immediate situation, dns does. I'd rather see dns + pop than to anchor monero consensus to another blockchain, and barring that, were looking like well over a year away from a finality layer hard fork 23:59:46 Fwiw I agree that DNS is one of the only actual short term options 23:59:56 Hence why I support them