02:35:43 <321bob321> Stuff and things 05:17:25 someone said today that OM actually got hacked before. is that true? i doubt it. if so, source? 05:17:25 what about retoswap though? weren't they? i seriously just want to use the safest one because i know bartenders here in mexico who have large sums of cash that they want to put into xmr and if anything ever happened like that and i was the one who recommended a platform, i'm a f*kn dead man. please confirm if true, please. eve [... too long, see https://mrelay.p2pool.observer/e/kKHdqYALYVBBLVVL ] 05:24:15 dont throw the whole stack into a trade, break it up, then if anything happens, youre good 05:29:15 @agorise:matrix.org: and dont fuck with people that are dangerous 09:16:57 @agorise:matrix.org: Yes, OM did. No, retoswap didnt. 09:16:57 Retoswap admins can steal all funds being offered on the orderbook, so.. trust what you want. 14:15:03 acx part-time work on Monfluo 2026Q2 is now fully funded! https://ccs.getmonero.org/proposals/acx-monfluo-maintenance-and-further-development-5.html @luigi1111 17:17:39 🥳 ^ while we wait for the 1TB disk, do note that registrations have moved to manual approval only - before this, any bot could register an account (this happened every minute or seconds, totalling 5 million+ accounts) and start up their own repository and fill it with hundreds of MB's of garbage (mainly advertising, for search engine 17:17:39 optimisation presumably). i have already deleted the largest offenders freeing 4 ish GB. 17:19:33 the ccs-backend can be pointed at a github repo, out of the box (i have confirmed this working while hosting my own instance) more sanity checks to to see what effect - if any - pointing a running ccs at a mirror'd repo on another host (it should have no effect) - this can be done temporarily if any bot removal / maintenance needs to be done, or, 17:19:33 during migration there are hiccups 17:20:49 the funding required page continues to work after i submitted a small try/catch patch to avoid any over funding 17:55:12 🙂👍 18:03:08 thx plowsof 20:01:41 https://x.com/Joe_IO/status/2052012958054584577 20:02:36 monero on trezor safe 7 20:30:05 Monero's already supported on Ledger right? 20:31:05 Yes 20:33:54 > Retoswap admins can steal all funds being offered on the orderbook 20:33:54 Can you explain this further? 20:36:27 A trade consists of 3 parties 20:36:27 buyer <-> mediator/admin <-> seller 20:36:27 you need 2/3 of these people to sign a multisig transaction to release funds. In the event of a dispute, the mediator is the second signature and decides where the funds are sent to. 20:36:27 [... more lines follow, see https://mrelay.p2pool.observer/e/lcWDxIALV2ljdWg4 ] 20:37:38 so every offer to sell xmr, can have the xmr stolen by rogue admins (if they decided to rug or had their admin keys stolen). 20:38:53 Oh yes, I thought you implied it for all orders, but this is still a fair threat. How are the mediators/admins selected btw? Is it somehow anonymous individuals with some kind of reputation, or are they just the devs of Retoswap? 20:40:55 Or actually it could be even more dangerous if there would be more mediators in a decentralized way. Maybe multiple mediators could solve this? 20:42:46 @anonmesh:matrix.org: They select themselves 20:43:18 The mediators are the admins on reto 20:44:07 @anonmesh:matrix.org: More mediators mean that the mediator trying to steal funds has a lower chance of being selected as the mediator for the offer that they are trying to steal from