02:54:30 <selsta> tobtoht: could you reapprove https://github.com/monero-project/monero/pull/8178 ?
03:05:24 <selsta> .merge+ 8254
03:05:24 <xmr-pr> Added
04:55:42 <curtains[m]> 🥳
04:55:44 <curtains[m]> happy monero bday
04:55:50 <curtains[m]> thanks everyone in here for all your hard work
06:21:20 <mj-xmr[m]> curtains[m]: Thanks for being part of it :)
06:25:17 <mj-xmr[m]> jeffro256[m]: I think I saw your comment in the Unity Build PR, that I can't see anymore. Yes, you're right, it was failing to build, but should be OK now. I pushed and we'll see. One way or another, it should be ready on 2 hours max.
06:56:27 <mj-xmr[m]> I think I'll give up with the unit_tests for now TBH. The core_tests build 50% faster, while unit_tests only 35% and require much more work.
07:54:24 <mj-xmr[m]> jeffro256[m]: ready.
11:50:33 <drflashd[m]> folks, as a reminder **STOP USING MONERO FOR ILLICIT ACTIVIETES**
11:50:33 <drflashd[m]> nsa & co record the internet for the next gen quatums to break privacy and f** u in 10 years down the road
11:50:33 <drflashd[m]> monero is FULLY transparent regards quantums, see https://github.com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/semitechnical_summary.MD
11:54:35 <moneromooo> I think you misread the channel name. There is a -dev here. Be more careful next time.
12:14:18 <drflashd[m]> <moneromooo> "I think you misread the channel..." <- i am aware, the idea is to get your opinions (if any voiced), since quantum resistance is deeply tech
12:14:34 <sethforprivacy> If you really care about the technical aspects, use #monero-research-lounge:monero.social 
12:14:44 <sethforprivacy> This is not the channel for that, dr flashd.
12:16:55 <drflashd[m]> s/**/\*\*/, s/https:////, s/semitechnical_summary/semitechnical\_summary/
12:16:55 <drflashd[m]>  * folks, as a reminder **STOP USING MONERO FOR ILLICIT ACTIVIETES**
12:16:55 <drflashd[m]> nsa & co record the internet for the next gen quatums to break privacy and f\*\* u in 10 years down the road
12:16:55 <drflashd[m]> monero is FULLY transparent regards quantums, see github. com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/semitechnical\_summary.MD
12:17:49 <moneromooo> ...
12:17:53 <moneromooo> OK, ignore list it is.
14:03:05 <MajesticBank> https://www.reddit.com/r/Monero/comments/u75ehm/it_was_majestic_day_8000_usd_collected_for/
14:03:46 <MajesticBank> if everyone agrees, we allocated 5000$ for multi-sig fix coder / reviewer
16:06:12 <gingeropolous> stumbled upon https://ohshitgit.com/
16:19:20 <UkoeHB> I like this, gonna use it a lot to fix my trigger-happy commits: git commit -a --amend --no-edit
16:52:28 <selsta> .merge+ 8247
16:52:28 <xmr-pr> Added
18:45:44 <sethforprivacy> Has anyone reached out to Ledger and/or Trezor to be sure they're aware of the scheduled hard-fork? Or should that wait until after the release is tagged etc?
18:46:55 <selsta> no, that has to be done before the release
19:07:03 <sethforprivacy> OK, do we have specific contacts or would it help if I send a quick email to both supports/public emails?
19:07:11 <sethforprivacy> Want to be sure they have as much time as possible.
19:19:30 <dEBRUYNE> You can message the Trezor dev on Reddit -> https://www.reddit.com/user/ph4r05
19:19:32 <dEBRUYNE> ^ sethforprivacy 
19:19:52 <dEBRUYNE> Alternatively, create a ticket on the Trezor repository, they usually respond quite fast as far as I can see
19:23:30 <sethforprivacy> I'll try the Trezor dev first, thanks
19:23:43 <selsta> sethforprivacy: I can contact Ledger
19:23:53 <selsta> i'm in their discord
19:34:53 <sethforprivacy> <selsta> "Seth For Privacy: I can contact..." <- Great, thanks
19:39:12 <sethforprivacy> Trezor notified, if I don't hear back in a few days I will open an issue instead.
19:39:25 <sethforprivacy> Please ping/tag me once LEdger are notified so I can update the checklist, selsta!
19:39:49 <selsta> I'm still convinced that we will have to implement it ourselves
19:40:42 <sethforprivacy> Oof, I hope not
21:43:33 <jeffro256[m]> Hey are there any plans to eventually move away from MD5 HTTP authentication in the future?
21:51:44 <reeemuru[m]> <jeffro256[m]> "Hey are there any plans to..." <- I was attempting to learn more about authentication lately. I was wondering if jwt++ is a potential replacement?
21:51:44 <reeemuru[m]> https://github.com/Thalhammer/jwt-cpp
21:53:27 <jeffro256[m]> I've never seen that library before, but at first glance, that seems like an excellent replacement for what we currently have
21:53:49 <jeffro256[m]> The only issue being that library isn't as well supported as MD5 Digest authentication
21:53:56 <jeffro256[m]> But the again, nothing will
21:56:02 <lberrymage[m]> <jeffro256[m]> "Hey are there any plans to..." <- Where is this used in Monero?
21:56:31 <jeffro256[m]> That library supports Ed25519 encryption which could open up some really cool doors like authentication by wallet keys
21:57:16 <jeffro256[m]> lberrymage in contrib/epee for the http servers, and wallet for http client
21:57:27 <jeffro256[m]> Basically any code that has to do with RPC calls
22:02:43 <jeffro256[m]> As of right now, any node that exposes its RPC port to the public must turn on restricted RPC because MD5 is so insecure. We could lift that restriction if we actually had a decent way to authenticate RPC calls
22:04:01 <reeemuru[m]> <jeffro256[m]> "That library supports Ed25519..." <- That is currently how himitsu works. It does self authentication via wallet signature. then uses `<primary_address>:<signature>` like a cookie until the auth server invalidates it. I think the default cookie expiration is ~10 blocks
22:04:01 <reeemuru[m]> https://github.com/hyahatiph-labs/infosec/blob/main/prokurilo/src/util.ts#L46
22:04:01 <reeemuru[m]> super buggy and experimental
22:07:52 <reeemuru[m]> maybe create like a separate auth server for rpc, where the jwt bakes in wallet sig? Not sure though.
22:15:59 <jeffro256[m]> That's a really cool idea
22:16:22 <jeffro256[m]> Is the `<primary_address>:<signature>` cookie sent in plaintext tho?
22:16:42 <jeffro256[m]> Because if so, then someone can just sniff it then start using it themselves
22:17:26 <jeffro256[m]> What would be ideal is to use the wallet key to generate a shared secret and then upgrade to a TLS session
22:18:57 <reeemuru[m]> 😅 yes it need to be encrypted for http
22:18:57 <reeemuru[m]> himitsu only works over i2p tunnels i dont think it can be sniffed
23:01:17 <selsta> 00:02 <jeffro256[m]> As of right now, any node that exposes its RPC port to the public must turn on restricted RPC because MD5 is so insecure. We could lift that restriction if we actually had a decent way to authenticate RPC calls <-- any links to this?
23:02:25 <selsta> not sure what you mean by this
23:02:58 <selsta> restricted-rpc is to avoid fingerprinting and also disable things like start/stop mining and stopping the daemon
23:03:08 <selsta> RPC also supports SSL
23:03:19 <selsta> but maybe I just don't know what you are talking about
23:10:36 <moneroextremist[> yo seista
23:10:36 <moneroextremist[> selsta i been looking for you selsta 
23:10:46 <moneroextremist[> REALLY, really important question i have here.
23:11:09 <moneroextremist[> So the hard fork is happening in July. Will you have to download the new Monero GUI update from getmonero.org and reinstall the program all over again, or will you be able to do any necessary update straight from the GUI ?
23:11:10 <moneroextremist[> I really don't feel comfortable and safe downloading the GUI again to have to put my seed in again. I would feel much better if we could just do the update straight from the GUI, or continue using the GUI without having to make any updates. It's a stressfull process.
23:11:42 <moneroextremist[> please answer this ^ will we have to download the gui all over again for the hard work selsta 
23:12:34 <selsta> there is an update dialog inside the GUI that downloads and verifies the new version for you, but you have to install it yourself
23:12:52 <selsta> you don't have to enter your seed again, you can open the same wallet file
23:15:08 <moneroextremist[> selsta: what do you mean exactly by that?
23:15:25 <moneroextremist[> will it give a link to download and install the new update or will it be downloaded straight in the GUI?
23:15:57 <selsta> it will be downloaded inside the GUI and you can select a place to save the file
23:16:06 <selsta> then you have to close the GUI and open the new file
23:16:19 <selsta> anyway let's continue in #monero-gui because this isn't dev related
23:16:29 <moneroextremist[> ok im waiting for u on monero gui
23:19:37 <moneroextremist[> u left me selsta