-
selsta
hyc: monero-lws is a separate program from monerod
-
selsta
now obviously monero-lws could have a vulnerabilities too but it's a smaller attack vector compared to the full daemon and you can configure it to only accept connections with a SSL cert
-
gingeropolous
yeah, throwing your viewkey at some random remote node seems... odd.
-
gingeropolous
nvm. seemed to have misread
-
plowsof[m]
<hyc> "I just tried it out a few..." <- hyc: binaryFate_ binaryFate
-
plowsof[m]
<hyc> "I just tried it out a few..." <- Thank you for confirming! My K I S S proof of concept works then... Download the view only file with rsync (passwordless ssh login) to your device with the spend keys.. my poc uses monerujo and termux for rsync on android
github.com/plowsof/monero-wallet-rsync
-
luigi1111w
.merges
-
xmr-pr
8055 8056 8065 8070 8071 8072 8075 8083 8084 8085
-
luigi1111w
.merges
-
xmr-pr
Merge queue empty
-
moneromooo
That seems very complicated. AFAICT this can be done by adding a "not decoded yet" flag to outputs (if it's not already there), and when the wallet sees an incoming output, it doesn't ask for password to decode, it just stores the raw output and continues. A second pass comes later once the password is entered, to go through the new transfers and decode them.
-
moneromooo
Unless there's another complication that needs another db ?
-
hyc
nah, if you know a simpler way to do it, that's great
-
hyc
uh can #7910 go into this release?
-
hyc
it'll make it easier for people to do gitian builds
-
hyc
#7977 is the r17 branch
-
woodser[m]
is it possible to specify different unlock heights for individual outputs in a transaction?
-
UkoeHB
woodser[m]: no, there is one unlock height for all outputs
-
selsta
.merge+ 7910 7977
-
xmr-pr
Added
-
hyc
thanks selsta
-
Rucknium[m]
I have a draft proposal, I suppose, about node-level enforcement of a simple decoy selection rule here, for consideration:
-
Rucknium[m]
-
sech1
Searching for duplicates will either have to scan through all previous rings (slow), or store some hash per ring and look up that hash in O(1) time (bloat)
-
Rucknium[m]
sech1: Are you saying it cannot/won't be done? What about scanning recent transactions, like in the past two weeks?
-
Rucknium[m]
As of now, in effect, the ring size enforcement that we (or at least I) thought had been done is not being done. The transactions that isthmus and neptune found have effective ring size of one.
-
Rucknium[m]
Are we going to let this slide or are we going to figure out how to fix it?
-
ErCiccione
Better bring it up also at tomorrow's meeting. To make sure the issue has as much attention as possible
-
sech1
It can be done at the cost of 32 bytes per ring, maybe 8 bytes per ring will be enough if we declare hash collisions effectively "same rings" for this check
-
Rucknium[m]
I intend to. I wanted to bring it up prior to the meeting so that people have time to think about it.
-
sech1
how many rings are in Monero blockchain today? Probably more than transactions, around ~100 million I guess?
-
sech1
so 8 bytes should be enough
-
sech1
even if there's an occasional hash collision once in a year, wallet would just create another ring
-
Rucknium[m]
Isn't it a little more complicated than that, since we need to check if M-1 ring members are identical, not just the full set of size M? Maybe I don't fully understand your proposal, sech1
-
Rucknium[m]
sech1: Right. Re-rolling the dice for new ring members would not be a big deal.
-
sech1
M-1/M match checking is worse in terms of storage
-
sech1
and it will probably require 16 bytes hashes
-
sech1
and what prevents whoever created these tx to adjust their selection to circumvent this check?
-
Rucknium[m]
I don't know. Enforcement of a ring member selection algorithm is still in the very early stages of research.
-
sech1
100K rings with size 1 out of 100M total rings is not even a blip on a radar. It's better to concentrate on a consensus ring selection rules
-
sech1
any partial workarounds don't prevent malicious ring construction
-
sech1
well, it is a blip on a radar considering it was noticed and being discussed :D
-
Rucknium[m]
Is this malicious or just services being lazy?
-
sech1
maybe just a bug
-
IanNiculescu[m]
how do you guys generate wallets client side, because i'm trying to use a java library to do this but the instructions are way above my head.
-
moneromooo
"monero-wallet-cli". It will ask you whether to create one and ask for a name. Easiest there is.
-
moneromooo
monero-wallet-cli --testnet if you're testing on testnet, similar for stagenet.
-
IanNiculescu[m]
I mean being able to generate like 1000 wallets, and the CLI uses the daemon to make a remote procedure call from what i read, does it means that the wallet mnemonic seed is not generated locally ?
-
moneromooo
Then you want RPC. The daemon is used to get current height, so setup the wallet to scan only what's needed. The seed is not sent to the daemon.
-
IanNiculescu[m]
ok thank you for the support
-
moneromooo
Also, you can look at tests/functional_tests, this creates wallets using RPC.
-
IanNiculescu[m]
where can you give me a link
-
moneromooo
It's from the root of the monero tree.
-
IanNiculescu[m]
ah ok thank you
-
tevador
github down?
-
selsta
seems so githubstatus.com
-
sech1
down for me
-
jimmyt[m]
Down for me as well
-
js
Well, why would it matter that GitHub is down? Git is decentral! 😉
-
Canadiantaku[m]
heh
-
dEBRUYNE
tevador: How much work has to be done to plug your seed scheme into simplewallet.cpp?
-
tevador
dEBRUYNE: first it needs to be implemented in wallet2 and it requires some changes in account_keys, which seems to be the best place to put the seed since it's equivalent to a private key
-
BusyBoredom[m]
Does anyone know if p2pool has an http api I can use to determine whether a p2pool node is syncing? I see there's a stratum server API that gives hashrate and a few other numbers, but that's not really what I'm looking for.
-
tevador
BusyBoredom[m]: #monero-pools or #p2pool-log
-
BusyBoredom[m]
Ah nice, thank you
-
IanNiculescu[m]
woodser: hello my friend