01:53:14 <Rucknium[m]> jberman: Isn't it the case that if an attacker somehow knew that a target user was using the reference wallet, the vulnerability, in your original formulation, would still be a concern?
02:01:54 <jberman[m]> if an attacker knows a transaction came from the reference wallet then it should still be a concern yes
07:33:53 <ellpepe[m]> Is there some kind of backlog/list of issues, that need to be tackled? Or how can I contribute/learn the best as a new member?
07:48:01 <Halver[m]> <ellpepe[m]> "Is there some kind of backlog/..." <- You may look at https://github.com/monero-project/monero/labels
08:08:52 <ErCiccione> labels are not really used in that repo. Better take a look at the open issues ellpepe[m] 
08:10:35 <Halver[m]> indeed many labels seem quite old and obsolete (but I didn't check all of them)
08:11:19 <ErCiccione> yeah they are not used. They might well be still the default ones of when a repo is created
08:25:42 <ErCiccione> Could somebody from here review https://github.com/monero-project/monero-site/pull/1831? 
08:41:17 <Halver[m]> <ErCiccione> "Could somebody from here..." <- it is intended to be a blog post ?
08:41:59 <ErCiccione> yep. selsta already left his approval. I'm reviewing as we speak
09:19:53 <Rucknium[m]> moneromooo: luigi1111w : I have now submitted the document and supporting materials to HackerOne, encrypted with your respective PGP keys. The text itself is 11 pages. With images, tables, and code appendices, it is 28 pages. Thank you for reviewing it!
09:24:37 * moneromooo feels DoSed
09:28:44 <Rucknium[m]> > * <@moneromooo:libera.chat> feels DoSed
09:28:44 <Rucknium[m]> Lol. Feel free to take your time with it :)
11:57:49 <utxobr[m]> <Rucknium[m]> "moneromooo: luigi1111w : I..." <- thanks for dedicating all this time into it :) cheers
14:56:35 <spirobel[m]> Is generate_from_keys and open_wallet in monero_wallet_rpc an expensive operation if done only with viewkeys? I have lots of view keys and I want to make integrated addresses and then look with get_bulk_payments if the money was received. Is going through wallet rpc even the right approach in my case? it seems like I would have to go through all the viewkeys sequentially in repeated intervals. instead of just looking for incoming
14:56:35 <spirobel[m]> payments to any of the view keys.
15:00:22 <moneromooo> The tx scan will be expensive either way.
15:01:20 <moneromooo> If you can do with subaddresses/accounts instead, do that, scales in O(N) rather then O(NM) (with N being number of outputs, M being number of view keys)
15:02:07 <moneromooo> That said, generate_from_keys and open_wallet aren't super expensive, but I'd expect something on the order of 1 second.
15:02:32 <moneromooo> open_wallet may take more if it's got to load a massive wallet cache too.
15:03:32 <moneromooo> If the bot is still borked, someone please repaste the above on a paste site and paste the url for spirobel[m].
15:03:57 <moneromooo> (someone from matrix :P)
15:17:23 <janitha> Is there a reason why monero isn't publish docker containers along with the cli releases? (or perhaps I've not looked in the right place)
15:18:41 <spirobel[m]> <spirobel[m]> "Is generate_from_keys and..." <- okay i  read this https://monerodocs.org/public-address/integrated-address/ and the linked to reddit thread. it says to create an integrated address no private key is necessary and monitoring incoming funds to  integrated addresses is essentially free: https://www.reddit.com/r/Monero/comments/9aevri/is_it_fair_to_say_integrated_addresses_are/e4vf47p/  i was just wondering how to actually
15:18:41 <spirobel[m]> achieve this. I am going to do more digging by myself, but I would be glad if someone can give me some hints 😀🙃😆❤️
15:27:59 <moneromooo> Subaddresses are better than integrated addresses at first approximation.
15:28:24 <Halver[m]> <spirobel[m]> "okay i  read this https://..." <- There are recurring discussions about deprecating and suppressing integrated addresses.
15:28:24 <Halver[m]> Last one = https://github.com/monero-project/monero/issues/7889
15:28:24 <Halver[m]> Using subaddresses is generally preferred.
15:28:24 <Halver[m]> Subaddresses are indeed really quite easy to use.
15:28:37 <moneromooo> janitha: there is a docker file in the repo, but it needs someone to maintain it, and AFAIK nobody volunteered for that.
15:54:29 <spirobel[m]> > <@hoverhalver:monero.social> There are recurring discussions about deprecating and suppressing integrated addresses.... (full message at https://libera.ems.host/_matrix/media/r0/download/libera.chat/d27db648d3684cd909a7cf366990a686316c35c8)
15:56:11 <spirobel[m]> (even though maybe its still not solving my issue because i guess payment processors would still deal with only a single view key)
15:56:50 <spirobel[m]> * view key/wallet)
16:19:45 <hyc> my monerod is spamming console with this
16:19:46 <hyc> 021-09-16 16:18:56.613 E Exception at [portable_storage::load_from_binary], what=duplicate key: support_flags
16:19:48 <hyc> 2021-09-16 16:18:58.608 E duplicate key: support_flags
16:34:04 <moneromooo> Do you have the whole stack trace ? At first approximation, it's probably ignorable unless something isn't catching and dropping the connection.
17:25:55 <hyc> hang on, yeah stack traces are in logfile
17:27:36 <hyc> https://paste.debian.net/1212012/
17:28:03 <hyc> eh, no useful symbol info tho
17:29:14 <moneromooo> It still keeps up, right ?
17:29:20 <hyc> seems so
17:29:38 <moneromooo> Then it's just someone hacking the source and fucking up. Can be ignored.
17:30:05 <hyc> ok
17:31:37 <hyc> still, it's a continuous stream of errors. one of the peers I'm connected to is causing this?
17:32:25 <moneromooo> Somewhere upstack, you'll have a connection_context object, it prints the IP:port when logged. 
17:33:06 <moneromooo> Attaching gdb and breaking in... hmm... maybe "catch throw" will work, though that might give many false positives.
17:33:40 <moneromooo> Maybe not, looks like only duplicate keys in your log. gdb should see the stack a bit better.
17:39:30 <Rucknium[m]> pigeons:  pigeons  : The IRC --> Matrix bridge seems to be broken for #monero-dev and another channel (can't remember which exactly)  Could you try to fix it? Or someone else?
18:04:13 <moneromooo> I thought it was a network wide bridge, not a monero one.
18:05:08 <moneromooo> Must be, there are a few [m] people in #townforge and I've not added any matrix bot.
18:08:35 <Rucknium[m]> moneromooo: You can directly join an IRC channel from Matrix with "!join #monero-research-lab" command to the appservice . Somehow that is different from the corresponding Matrix room. So what I see now in my Matrix client are two #monero-dev channels: the native Matrix one and the IRC one. I can see your messages in the IRC one but not the Matrix native one. 
18:09:48 <wfaressu1ssia> test
18:25:41 <xmrscott> IRC -> Matrix test message
19:36:40 <selsta> hyc: had this too the past weeks
19:36:45 <selsta> can be ignored
19:41:39 <sethsimmons> IRC bridge in here should be fixed, in theory.
19:41:58 <sethsimmons> I see selsta messages now after the change.
19:43:14 <Rucknium[m]> Seth: Thank you! 
20:47:30 <UkoeHB> https://hackerone.com/reports/854726
20:47:30 <UkoeHB> moneromooo can you add a comment to this report pointing to the PR that fixed the issue?
20:50:44 <UkoeHB> or TheCharlatan 
20:52:24 <UkoeHB> I guess this one? https://github.com/monero-project/monero/pull/6745
21:59:22 <moneromooo> Yes.