03:53:53 <razor[m]> https://www.bitchute.com/video/BSs4dmyG9dBR/
03:54:34 <razor[m]> https://www.bitchute.com/video/15sAUpbnwnDg/
03:55:17 * razor[m] uploaded an image: (633KiB) < https://libera.ems.host/_matrix/media/r0/download/monero.social/XcfDqTwLxICcwnWkJDLYNLgF/image.png >
05:37:06 <anonyphi[m]> <razor[m]> "image.png" <- Is this related to Monero development in some way?
11:30:36 <mj-xmr[m]> <alex[m]123456727> "Credit cards, for example..." <- I agree with that 100%
11:39:02 <hyc> mj-xmr[m]: actually, Rpi4 comes with a 64bit OS. it's the first time raspberry has supported that
11:39:17 <hyc> which is why #7953 is about rpi4.
11:39:28 <mj-xmr[m]> Yeah yeah. it's all clear now.
11:44:07 <sech1> hyc my rpi3 runs 64-bit os too. I had to install it manually though
11:44:25 <hyc> right
11:44:52 <hyc> as I said - rpi4 i the 1st time raspberry supported it. 3rd party was available before
11:46:20 <mj-xmr[m]> sech1: I didn't know that the 64-bit os was available for RPi3 as well. Too bad, because it does give some kick.
11:47:04 <hyc> armbian distro is pretty easy to install
11:47:34 <Rucknium[m]> I tried to DM luigi about CCS, but Matrix is now telling me "User is not online or does not exist. Message not sent.", so I'll ask here:
11:48:22 <Rucknium[m]> I submitted a merge request for a new Idea, and it actually shows up in the Ideas section. However, the text doesn't show up like with other proposals:
11:48:22 <Rucknium[m]> https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/255
11:49:26 <Rucknium[m]> Does anyone have any guidance on why this may be happening?
12:12:51 <mj-xmr[m]> <Rucknium[m]> "Does anyone have any guidance on..." <- When I compare https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/255/diffs with https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/252/diffs , there are some formatting differences. This is all I can tell.
12:41:04 <gingeropolous> it probably won't display properly because you called them mixins
12:46:49 <gingeropolous> "it would likely be wise to conceal the mechanics of OSPEAD indefinitely." >>> isn't it likely that an adversary could find a statistician like yourself that could uncover the same thing? I guess thats moot really. The same could be said of an exploit i guess.
13:04:20 <anarkiocrypto[m]> > I submitted a merge request for a new Idea, and it actually shows up in the Ideas section. However, the text doesn't show up like with other proposals:
13:04:20 <anarkiocrypto[m]> > https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/255
13:04:20 <anarkiocrypto[m]> Can you also include stats on single input churns (sweep_single), please? (I can't afford to donate, can barely afford food/rent, but if you need any web dev help, I can offer that in return.) Churns are important for many real life use cases, where 1/11 plausible deniability isn't enough to stay safe.
14:31:21 <mj-xmr[m]> > <@anarkiocrypto:halogen.city> > I submitted a merge request for a new Idea, and it actually shows up in the Ideas section. However, the text doesn't show up like with other proposals:... (full message at https://libera.ems.host/_matrix/media/r0/download/libera.chat/2782e7f263b6c71679170723322efb28571ac878)
14:32:12 <mj-xmr[m]> I have no idea what it's about.
14:37:16 <anarkiocrypto[m]> Do you mean Rucknium's proposal or churns?
14:37:16 <anarkiocrypto[m]> I think Rucknium wants to statistically research decoy selection algorithm and then improve it, so that plausible deniability is better (i.e. the 10 decoys are more realistic and it is difficult for an observer to guess which is the real spend).
14:38:07 <UkoeHB> Rucknium[m]: Don't you just have to paste it into the issue message?
14:39:30 <mj-xmr[m]> Thanks. And what about the churns? A link would also be fine.
14:56:35 <anarkiocrypto[m]> I churn for safety reasons since 1/11 plausible deniability isn't enough for me.... (full message at https://libera.ems.host/_matrix/media/r0/download/libera.chat/05d4379652f27d8b2016dd7cf531d07b9c172ef2)
14:58:04 <anarkiocrypto[m]> s/increases/decreases/, s///, s///
16:40:27 <Rucknium[m]> <gingeropolous> ""it would likely be wise to..." <- Yes. Like I stated, the fuse is lit. I think is is possible that the only benefit of revealing OSPEAD publicly is that other CryptoNote blockchains would be able to benefit from it, since they face the same mixin selection problem if I understand correctly.
16:42:05 <Rucknium[m]> anarkiocrypto: I agree that churning is an important object of study, but I want this CCS proposal to remain focused. I (and others) could possibly examine it in a future research effort.
17:06:17 <anarkiocrypto[m]> Surely churning is related to decoy selection? But I understand if not.
17:11:30 <Rucknium[m]> anarkiocrypto: Yes it is related, but my proposal has a very specific & narrow goal in mind.
18:43:31 <merope> Perhaps churning should take into consideration how many times your outputs have been used as decoys in other transactions as well? (Not sure if it's actually a useful parameter, just throwing the idea out there)
18:44:42 <Rucknium[m]> endor00: There has been some recently-published research that, I believe, examines questions like this.
18:45:54 <Rucknium[m]> This is behind a paywall, but available for free via "other means"
18:45:54 <Rucknium[m]> https://doi.org/10.1145/3448016.3452825
18:46:20 <Rucknium[m]> It's a tough read, for me at least. So groking it is on the backburner
18:51:09 <Rucknium[m]> moneromooo: Can I share my HackerOne submission with sgp_  through end-to-end encrypted means?
18:51:44 <Rucknium[m]> sgp_: Maybe it would be good to give your rationale for seeing it. I'm not sure a rationale is necessarily needed, though
18:58:39 <M030AAAYAD> I've done a lot of work on ring signature research in the past and hope that I can provide a quality review
19:00:49 <Rucknium[m]> sgp_: That would be awesome. As I stated in my CCS proposal, I am pulling together a scientific review panel for the execution of the (sketch of) the plan that is in the HackerOne submission, and I think you would be a good person to be on the panel if you have the time and inclination to serve.
19:03:47 <ArticMine> Rucknium[m] I have a question about your HakerOne submission. How sensitive it this to a change in ringsize from 11 to 21 vs say 16 or 25
19:04:08 <moneromooo> Ultimately it's your research, but "because I want to assess it" doesn't strike me as a good reason or everyone interested will see it. I'm not asking you not to though.
19:06:16 <ArticMine> If this is for this channel I can provide a pgp email
19:06:32 <ArticMine> if this is too sensitive
19:07:23 <Rucknium[m]> moneromooo: I see. I also feel like it may be wise to restrict access to only those who may actively work to improve what I'm doing. That so far includes jberman, isthmus, and another applied statistician in the Monero community.
19:08:24 <moneromooo> Feel free to ask some core team members for a second opinion though. I may have a bias.
19:08:47 <Rucknium[m]> moneromooo: I intend to share something of a somewhat -- but not deeply -- sensitive nature with ArticMine . I assume that's OK, his being a Core member after all. Let me PM you, I think...
19:11:45 <Rucknium[m]> (Request was approved)
19:12:28 <Rucknium[m]> ArticMine: Yes, please provide an end-to-end encrypted means of communication. I have a Protonmail account, if that makes it easy.
19:12:41 <moneromooo> FWIW I do not wish be the decider of who gets to see what. I can only give my opinion.
19:13:15 <ArticMine> Pm you proton mail 
19:13:23 <ArticMine> me
19:17:00 <Rucknium[m]> moneromooo: Ok. I feel like I need to ask for second opinions since this vulnerability work is all new to me, however. Much of this feels "above  my paygrade"
19:19:46 <moneromooo> Sure.
19:49:46 <jberman[m]> My view is that there are strong nuggets in Rucknium 's paper to understanding and improving the algorithm, and I would rather the knowledge on it (and on solutions) be shared/opened up for everyone to be aware and make their own conclusions/draw ideas from it/scrutinize on their own as well
19:49:46 <jberman[m]> Case in point, the work presented was developed after seeing some of the thoughts/work I shared publicly on the algorithm, and so it stands to reason that making the work public is likely to invite even more qualified eyes and scrutiny
19:49:46 <jberman[m]> I also think it's better people are aware of the risks they face (and what they may have been exposed to) while using Monero today and in the past
19:49:46 <jberman[m]> FWIW I also don't feel I'm qualified enough to pass heavy judgment on much of the paper, except in an assessment that the general intuition and ideas presented seem sound and well-supported. It *needs* more qualified eyes in my view to pinpoint any potential holes and drawbacks to the math
19:53:21 <jberman[m]> Perhaps I am naive in thinking the "good" guys will beat the "bad" in this case, but I think it's closer to the spirit of FOSS/"no trusted 3rd parties" (of which I am biased toward) for yielding a stronger outcome
19:55:04 <Rucknium[m]> To be clear, in case not everyone is aware, jberman has seen my VRP submission in full.
20:00:41 <Rucknium[m]> I have thoughts on what jberman just said, but I want to give others a chance to respond first.
20:06:15 <UkoeHB> It's standard practice to publicize vulnerabilities even in much more widely adopted technologies.
20:06:29 <UkoeHB> After a period of 'hey fix this if you can...'
20:08:41 <Rucknium[m]> UkoeHB: I feel like things are fundamentally different with a distributed blockchain. A "patch" doesn't fix past transactions. Also see Monero's VRP:
20:09:13 <Rucknium[m]>  >HIGH severities will be notified via at least one public communications platform (mailing list, reddit, website, or other) within 3 working days of patch release
20:09:13 <Rucknium[m]> >i. The notification should list appropriate steps for users to take, if any
20:09:13 <Rucknium[m]> >ii. The notification must not include any details that could suggest an exploitation path
20:09:13 <Rucknium[m]> >iii. The latter takes precedence over the former
20:09:54 <Rucknium[m]> I think (ii) could be interpreted to mean that full disclosure should not necessarily happen even after a "patch" is applied, depending on circumstances.
21:16:56 <hyc> re:#7953 "There is no difference in sync between high end server or low end pi , just network connection" this guy is full of shit
21:51:22 <UkoeHB> Rucknium[m]: I think the problem lies in the culture of FOSS and privacy tech. Image you were working on a different project (e.g. a Monero fork). You privately disclose your attack to them, and secretly concoct a solution for that project. What does your solution then look like to us Monero folk? Completely useless made up nonsense (regardless of its efficacy). Our selection would remain the same, and remain vulnerable, because 
21:51:22 <UkoeHB> we don't have the insiders to vouch for you and your research.
21:51:22 <UkoeHB> Even if you privately disclose your research to all projects that you can find, what about projects that come later? How can we humans, who excel at incremental progress, build on what you discovered?
21:51:23 <UkoeHB> By enacting that pattern for us, you are implicitly encouraging that pattern to be used to our detriment. In the long run, I think it is better for all _theoretical_ research to be open, even if in the short term there are costs.
21:54:38 <Rucknium[m]> UkoeHB: I may be much more pragmatic. Look, the status quo is the following:
21:57:52 <hyc> all of this is iterative. let this phase be confidential as it currently is. once an initial patch is released, that doesn't mean the work will stop.
21:58:21 <Rucknium[m]> The current mixin (or decoy) selection algorithm was developed by:
21:58:21 <Rucknium[m]> 1) Non-statisticians who were
21:58:21 <Rucknium[m]> 2) partially funded by the U.S. Department of Homeland Security, one of whom was
21:58:21 <Rucknium[m]> 3) a member of the board of Zcash (Andrew Miller)
21:58:55 <Rucknium[m]> They did not explain in their paper how they chose the gamma family of distributions. They basically just said, "Based on our human eyeballs, it looks gamma"
21:59:44 <Rucknium[m]> I do not trust human eyeballs. Only robot eyeballs are trustworthy ;)
22:00:41 <UkoeHB> Sure, but human eyeballs aren't much better than 'trust me I did the math'.
22:01:04 <Rucknium[m]> To be specific, this is their rationale, given in Moser et al. 2018:
22:01:05 <Rucknium[m]> "We heuristically determined that the spend time distributions, plotted on a log scale, closely match a gamma distribution."
22:01:09 <UkoeHB> better/worse
22:01:21 <Rucknium[m]> There's that word again, "heuristic" 🧐
22:01:48 <Rucknium[m]> Look, I am pulling together a scientific review panel. They will review my work.
22:02:15 <UkoeHB> 'trust us we did the math'
22:02:20 <UkoeHB> Same thing lol
22:03:31 <Rucknium[m]> Yes, it will require trust. Better than spilling an attack to CipherTrace and their ilk.
22:04:22 <Rucknium[m]> I address this issue in my CCS proposal text, for anyone who is wondering. Since I fully anticipated it would be a sticking point.
22:06:10 <Rucknium[m]> UkoeHB: I think your suggestion is based in ideology rather than a practical look at risks.
22:06:59 <UkoeHB> A cryptocurrency is not simply a practical thing
22:07:53 <moneromooo> A dozen people have seen or will soon have seen this. It'll be out at some point anyway.
22:10:44 <Rucknium[m]> moneromooo: To clarify, given the people that have seen it so far as well as the people who will soon see it, am I still technically following the VRP? In other words am I "abid[ing] by the VRP for responsible disclosure"?
22:11:27 <selsta> we usually don't follow the VRP in a super strict way
22:11:34 <selsta> just do what makes sense
22:13:11 <Rucknium[m]> selsta: Ok. The main concern that I have is I don't want there to be a conversation later that goes, "Rucknium didn't follow the VRP." I don't really care about any possible bounty. I just want to do the right thing -- and, I suppose, not be accused of doing the wrong thing later.
22:13:27 <Rucknium[m]> Like I have stated, this is a new type of process for me, so any guidance is useful
22:19:41 <moneromooo> Well, you asked, so it's not like you just plastered it across the internet.
22:20:27 <moneromooo> So there is evidence that you tried to do the right thing, if nothing else. Or at least, that you tried to make it look like you were :P
23:45:01 <chaser[m]> <sech1> "use sweep_single to churn a..." <- if you churn multiple inputs in one tx, do you reduce "only" your privacy, or others' as well?