00:24:30 <UkoeHB> ArticMine: I will try to review it by the end of next week
00:31:01 <ArticMine> Thanks
08:19:43 <mj-xmr[m]> .merges
08:19:43 -xmr-pr- 7805 7822
08:25:08 <mj-xmr[m]> selsta: I will have time to go through the PRs for review today from 4 hours from now, onward. I will have some questions though.
09:55:18 <selsta> mj-xmr[m]: sure, just ask
13:35:47 <jtgrassie[m]> Just a reminder, we need #7341 in the release branch. 
14:13:55 <mj-xmr[m]> selsta: 7805 : 2(3) comments from me.
14:21:13 <selsta> jtgrassie[m]: https://github.com/monero-project/monero/pull/7825
14:21:17 <selsta> it's included here
14:21:22 <selsta> mj-xmr[m]: will reply later
14:21:33 <mj-xmr[m]> k
23:04:29 <corklander[m]> Does anyone know if there's another stagenet faucet, other than https://community.xmr.to/faucet/stagenet/?
23:05:17 <corklander[m]> I'd like to test out the swaps, but don't have stagenet coins. :(
23:06:43 <plowsof[m]> https://melo.tools/faucet/stagenet/
23:08:11 <corklander[m]> Awesome Opossum!
23:37:40 <cooldiggs[m]> Hey guys, I have a question regarding the implementation of key_image in src/crypto/crypto.h
23:38:26 <cooldiggs[m]> I want to assign my own value to the key_image object like say a key image I generated myself or one from a raw transaction but Im having trouble understanding how I would go about doing that with how it is implemented 
23:38:47 <cooldiggs[m]>   POD_CLASS key_image: ec_point {
23:38:47 <cooldiggs[m]>     friend class crypto_ops;
23:38:47 <cooldiggs[m]>   };
23:39:11 <cooldiggs[m]> This is how its implemented in crypto.h and it borrows from ec_point which is... (full message at https://libera.ems.host/_matrix/media/r0/download/libera.chat/c8360bb2c104375581ba72fef73ffa52c316e724)
23:39:12 <moneromooo> It can't be any value, it has to be deterministic or it won't verify.
23:40:05 <cooldiggs[m]> Ah gotcha, so you basically have to use the generate_key_image function with the pub key + priv key in order for it to have a deterministic value?
23:40:18 <moneromooo> Yes, or equivalent.
23:40:53 <cooldiggs[m]> Hmmm ok, that clears some things up
23:40:53 <cooldiggs[m]> I guess ill try to understand how generate_key_image functions but theres a lot of things up in the air about it, at least to me haha
23:41:08 <cooldiggs[m]> I somewhat understand hash_to_ec, but ge_scalarmult kinda makes my head spin
23:42:18 <cooldiggs[m]> Stackexchange has been of help regarding hash_to_ec but theres not a whole lot of documentation on ge_scalarmult, and im not formally educated in cryptography so its hard to understand the functions implementation, for me at least
23:44:02 <cooldiggs[m]> To my understanding a key image is calculated by I = x*H(P) (x being single use private key, P which is basically x * the base point G) and H being the scary hash_to_ec function
23:45:22 <cooldiggs[m]> Im guessing that ge_scalarmult multiples the private key by the base point?
23:46:08 <cooldiggs[m]> Or perhaps multiples the whole thing by the base point as a sanity check? Again sorry for my ignorance on this matter, I find the implementation there confusing
23:48:40 <moneromooo> The name suggests it does so. ge == group element (uesd as pubkeys), scalars are used as secret keys.
23:49:20 <cooldiggs[m]> Oh im a dummy, ge == group element, I should have realized that haha
23:49:24 <moneromooo> ge_* functions are from djb code (supercop IIRC), there might be documentation about that somewhere on the internet.
23:49:57 <cooldiggs[m]> I heard some things about supercop littered in some of the comments there, I think that edward crypto guy made it so Ill do some digging there
23:50:23 <x3nu[m]> hello, I have a question: suppose a kyc exchange wants to target an individual. So they set it up where the person receiving the monero is going to get repeated transactions that they are monitoring. Would the exchange know which of the 11 decoys is the real output that the send to the targets wallet? The way i understand it, the only way this output could be known for sure is if it was a coinbase transaction. Is this correct?
23:51:55 <moneromooo> An exchange trivially knows which output they send. They themselves choose the fake outputs to use in the rings.
23:52:43 <x3nu[m]> how would they go about choosingthe fake outputs?
23:53:01 <x3nu[m]> I wasn't aware that could be done
23:53:02 <moneromooo> Typically by running monero-wallet-rpc, which does it for them.
23:53:25 <moneromooo> And that picks random inputs based on some predefined probability distribution.
23:54:16 <x3nu[m]> ah so they can manipulate that to easily compose fake outputs
23:54:21 <moneromooo> However, your question was vague so I might have misinterpreted. Feel free to ask more precisely.
23:55:30 <x3nu[m]> nope that was it. I had assumed that inputs are always randomized, but I hadn't considered that somebody could actually pull inputs that they know aren't the real one