-
jeffro256[m]
Hey was the ci build for windows changed recently ? It's erroring out right now
-
jeffro256[m]
I submitted a PR that I think will fix that error but I don't compile on Windows so maybe someone can double check it works after I run it thru CI (assuming it works)
-
sech1
definitely DWORD there
-
jeffro256[m]
sech1 thanks for looking at it
-
jeffro256[m]
Using CI as my windows compiler rn hehe oops
-
jeffro256[m]
phew it passed, was really hoping patching it wouldn't expose 30 more identical instances of the error
-
hmd2v[m]
Hello everyone, I'm HMD2V. I'm working on making a bridge from Algorand to Monero, inspired by the talk on BTC<->XMR bridge by h4sh3d, the paper and what the Comit team has done and written.
-
hmd2v[m]
I'm still quite new to Monero development but I've been playing around with it after work the last couple of weeks. Still I'm wondering if there is anyone here who'd be up for answering some questions of mine? Specifically related to the python-monero wrappers (doing everything in Python is more convenient) and how to do certain things with the wallet cli tool over rpc.
-
hmd2v[m]
Thanks everyone.
-
hmd2v[m]
* Hello everyone, I'm HMD2V. I'm working on making a bridge from Algorand to Monero, inspired by the talk on BTC\<->XMR bridge by h4sh3d, the paper and what the Comit team has done and written.
-
hmd2v[m]
I'm still quite new to Monero development but I've been playing around with it after work the last couple of weeks. Still I'm wondering if there is anyone here who'd be up for answering some questions of mine? Specifically related to the python-monero wrappers (doing everything in Python is more convenient as you can write Algorand smart contracts in Python) and how to do certain things with the wallet cli tool over rpc.
-
hmd2v[m]
Cheers
-
sech1
if you have specific questions about monero-wallet-rpc, just ask. You use monero-wallet-rpc, not -cli, right?
-
hmd2v[m]
Indeed.
-
merope
hmd2v: (fyi this channel is bridged to irc, so avoid making too many edits to your messages, otherwise it creates a lot of noise on the irc side)
-
ooo123ooo1234[m]
> <@hmd2v:matrix.org> Hello everyone, I'm HMD2V. I'm working on making a bridge from Algorand to Monero, inspired by the talk on BTC\<->XMR bridge by h4sh3d, the paper and what the Comit team has done and written.... (full message at
libera.ems.host/_matrix/media/r0/do…cb9cd20a811e6548b8f7d66ba41c62a6257)
-
hmd2v[m]
Basically I want to be able to generate a wallet from keys. In the protocol, Alice and Bob exchange monero keys (public spend, secret and public view) and add the pub spend keys (ed25519 points) together to get a new pub spend key. Bob then seeds the new pub key with his monero, which Alice can gain access to if... (full message at
libera.ems.host/_matrix/media/r0/do…816e6a5db377ec45021c43de6f2cb2c5f4f)
-
hmd2v[m]
-
hmd2v[m]
-
hmd2v[m]
-
hmd2v[m]
-
moneromooo
FYI, long messages are elided, and replaced by a URL.
-
ooo123ooo1234[m]
hmd2v: bridge != atomic swap
-
ooo123ooo1234[m]
> <@hmd2v:matrix.org> Basically I want to be able to generate a wallet from keys. In the protocol, Alice and Bob exchange monero keys (public spend, secret and public view) and add the pub spend keys (ed25519 points) together to get a new pub spend key. Bob then seeds the new pub key with his monero, which... (full message at
libera.ems.host/_matrix/media/r0/do…3759e2fd12c98ca22ec4580a81b9f8527d5)
-
kayabanerve[m]
> <@hmd2v:matrix.org> Basically I want to be able to generate a wallet from keys. In the protocol, Alice and Bob exchange monero keys (public spend, secret and public view) and add the pub spend keys (ed25519 points) together to get a new pub spend key. Bob then seeds the new pub key with his monero, which Alice... (full message at
libera.ems.host/_matrix/media/r0/do…66014ecd757b0f2493eca36d2ebaf19ef43)
-
hmd2v[m]
ooo123ooo1234: fair enough
-
kayabanerve[m]
If you want to try something potentially simpler, and know rust, there's a largely modular proof of concept available (doesn't save to disk and so on, preventing recommendation for real world usage) btw
-
ooo123ooo1234[m]
bridge is just network app that can be written by any one and it implies trust to bridge operator; but atomic swap is complex protocol suitable for p2p since it can be used by untrusted parties
-
kayabanerve[m]
You don't have to do it in entirely from scratch in python just to move past btc bias
-
kayabanerve[m]
Anyways. That should be the rpc route. It should create a new file itself for the name you specify. There should be publicly available address encoders for Python. It's also easy enough to test this with curl :p
-
hmd2v[m]
Thing is I dont know Rust and, while I am not averse to learning new languages, I really dont think it is needed in this case. The only thing I'm doing is calling on LibSodium bindings to add two private spend keys.
-
hmd2v[m]
Then it'll be a matter of creating a swap daemon, cli tool, server functionality so it can connect to other swappers.
-
hmd2v[m]
Finally, the Algorand Virtual Machine is partially built on top of LibSodium. It'll just be a matter of exposing _crypto_scalarmult_ed25519_base as an operation available to smart contracts.
-
HenryHollingwort
what does it mean to generate a wallet from keys? if it is get the wallet's address then that can be done rather simply following the method outlined in the mastering moneo book. From there you know the address which Bob needs to transfer the monero to
-
HenryHollingwort
i am a noob so I could be missing something or a lot
-
HenryHollingwort
*getting the wallet address using the keys
-
HenryHollingwort
i mean there is no problem spawning the wallet rpc client w/ a fake wallet and then calling the the method is a little bit awkard but hey just wrap it - the only downside i can think of is you introduce reliance on spawning process, filesystem etc.. which could reduce reliability of code
-
kayabanerve[m]
<hmd2v[m]> "Thing is I dont know Rust and..." <- I really think you're underestimating this. You also need a DLEq proof
-
kayabanerve[m]
That's not a light piece of cryptography
-
kayabanerve[m]
HenryHollingwort: It's creating a wallet file for the daemon to work with with a specific set of private keys. It's kinda like restoring from a seed, except... Numbers instead of words turned into numbers.
-
kayabanerve[m]
kayabanerve[m]: You also need adaptor signatures hmd2v:
-
kayabanerve[m]
So it's two cryptographic constructions beyond addition, which is trivial, and then as you say, you need the actual service + interface for it
-
HenryHollingwort
kayabanerve[m]: i meant more what is he then trying to achieve - if it just creating it to compute the address for the transfer you can do it without needing to make a wallet file for the rpc client (ditto for verifying - just need daemon connection and scan the blocks)... though at that stage it way be worth actually creating the wallets and using the rpc lol
-
kayabanerve[m]
Also, if you do refer to the MRL paper for a dleq proof, please note it has an error and needs to be supplemented with a proof of knowledge
-
hmd2v[m]
Why do you need a DLEq proof? That's to bridge the ed25519 Secp256k1 gap right?
-
kayabanerve[m]
HenryHollingwort: Atomic swaps create a naive 2-2 multisig, so you create a private key and then end up spending from another
-
kayabanerve[m]
hmd2v[m]: ... Is algorand ed25519?
-
kayabanerve[m]
hmd2v[m]: Because you wouldn't if so. You would still need adaptor signatures though those are easier to implement
-
hmd2v[m]
Yes Algorand is ed25519
-
kayabanerve[m]
Got it. Didn't realize that, sorry.
-
kayabanerve[m]
In that case, it's adaptor signatures and key addition and signatures working as proof of knowledges.
-
hmd2v[m]
No worries 👍🏾 I also had to confirm t with Noot who is making the eth<->XMR swap because it seemed too easy lol
-
kayabanerve[m]
*A PoK can be constructed by any signature for a public key which signs itself.
-
kayabanerve[m]
And Ed25519 signatures naturally include themselves so technically ed25519.Sign("PoK") would be sufficient, yet it'd probably be good form to include the key again just to be explicit about it and mindful of other schemes which may not
-
kayabanerve[m]
hmd2v[m]: Yeah, we actually had a really interesting discussion about that lol
-
kayabanerve[m]
They didn't have ed25519 available natively but they did replace the DLEq proof with an on chain SC which...
-
ooo123ooo1234[m]
-
kayabanerve[m]
Which has the irony of not relying on the XMR atomic swap protocol as we know it and having been possible for years
-
ooo123ooo1234[m]
algorandfoundation/ARCs #92, proposed protocol for atomic swap
-
ooo123ooo1234[m]
for a more focused discussion
-
ooo123ooo1234[m]
s/a//
-
ooo123ooo1234[m]
hmd2v: you would better start from link to your repo, instead of asking how to use monero python lib
-
ooo123ooo1234[m]
hahahaha
-
kayabanerve[m]
ooo123ooo1234[m]: Wow do I not like this
-
kayabanerve[m]
Why would you introduce a new op code?
-
kayabanerve[m]
> cryptography exists
-
kayabanerve[m]
> Is this a reason to hard fork a protocol and bloat a chain with unnecessary data?
-
ooo123ooo1234[m]
kayabanerve[m]: Am i doing bad or good thing with posting that link ? Can't understand you
-
kayabanerve[m]
I don't like what it details
-
kayabanerve[m]
The link itself is helpful, though it did make me wonder how off topic we're getting
-
kayabanerve[m]
hmd2v: if you're proposing a hard fork, when algorand has scs, you're doing it wrong. End of story
-
ooo123ooo1234[m]
kayabanerve[m]: As long as it's related to atomic swap with monero it is not off-topic
-
kayabanerve[m]
Tbf now I'm criticizing an algorand protocol design proposal
-
ooo123ooo1234[m]
If it's already clear why this protocol doesn't work then explain and this discussion can be stopped
-
kayabanerve[m]
> The company Comit took that paper and turned it into an MVP, which is described in this blog post and this video presentation. Joël, aka H4sh3d, also made this presentation.
-
kayabanerve[m]
This isn't even a good explanation of the history :(
-
kayabanerve[m]
ooo123ooo1234[m]: His readme advocates for a hard fork to algorand. I'm commenting that's a horrible decision
-
kayabanerve[m]
Not to mention, you may be able to use ed25519 verify AS x*G == R?
-
kayabanerve[m]
You shouldn't need a hard fork. This op should already exist. They just don't know if
-
kayabanerve[m]
s/if/it/
-
kayabanerve[m]
hmd2v: Verifying a signature crafted so the public key is X, the R is 0, and the s is the private key (or its negative) will be a sk -> pk verification
-
kayabanerve[m]
All you'd have to do is verify they used a 0 R, or if those are banned, a known R. Can you do a byte comparison of the signature before calling ed25519 verify?
-
kayabanerve[m]
Because if so, not only is this still a bad protocol beyond a proof of concept because you're placing this on chain instead of implementing the cryptographic protocol established, but you should never have proposed a hard fork for this
-
kayabanerve[m]
You even note how n00t moved to the cryptographic solution .-.
-
kayabanerve[m]
It's fine for a proof of concept. The issue is when you make a RFC suggesting a hard fork despite the solutions being in front of you .-.
-
ooo123ooo1234[m]
+1000 for critical thinking
-
ofrnxmr[m]
<ooo123ooo1234[m]> "As long as it's related to..." <- For -Dev? I think it is off topic.. 🙃
-
hmd2v[m]
kayabanerve: Ah Cunningham's Law - post the wrong solution and get the right answer back 😃
-
hmd2v[m]
I agree that this is off-topic but I'd love to continue talking to you.
-
ofrnxmr[m]
#monero-research-lounge:monero.social is more open
-
monerobull[m]
Stagenet forks next 16th, right?
-
GuruJi[m]
Anyone here aware of any plan or project where one can hedge XMR directly in a DEX way?
-
GuruJi[m]
It is possible now to do that only with BTC, but I am not comfortable with giving up the XMR for the Voyeur peep show coin, undermining the value of XMR
-
kayabanerve[m]
s/n00t/noot/
-
bubble101[m]
your symbol order is wrong, it should show btc/xmr
-
bubble101[m]
1xmr * 0.00649 xmr / btc = 0.00649 btc
-
bubble101[m]
-
w[m]
<GuruJi[m]> "Anyone here aware of any plan or..." <- Wrong channel
-
w[m]
Jeez
-
w[m]
#monero:monero.social
-
bubble101[m]
> Web UI has been disabled
-
bubble101[m]
The functionality of this website has been deprecated and will be removed entirely in the future. It will soon be replaced by a desktop app that is currently in active development. The GitHub repository is public, so feel free to inspect the code or provide feedback as development progresses.
-
bubble101[m]
which dev though it is good idea to disable web BEFore the desktop app is ready ..
-
w[m]
<moneromooo> "If it's about monero development..." <- .
-
ooo123ooo1234[m]
<ofrnxmr[m]> "For -Dev? I think it is off..." <- atomic swap -> compatibility with monero -> what can be changed in monero in order to make more compatible ? Is it already compatible ?
-
ooo123ooo1234[m]
<ofrnxmr[m]> "For -Dev? I think it is off..." <- a
-
ofrnxmr[m]
#monero-research-lounge:monero.social or
-
ofrnxmr[m]
#monero:monero.social
-
ofrnxmr[m]
Dev is for hacking on monero.. not for brainstorming algorand
-
hmd2v[m]
Dont worry we are taking it privately, sorry for cluttering this up.
-
hmd2v[m]
Happy days, people.
-
ooo123ooo1234[m]
> <@ofrnxmr:monero.social> #monero-research-lounge:monero.social or... (full message at
libera.ems.host/_matrix/media/r0/do…62dceac863edc2c4bd9e66867c72f6f7089)
-
ooo123ooo1234[m]
* it's about atomic swap protocol between monero and something else; the name of something else isn't important here;
-
ofrnxmr[m]
Yes it is. Atomic swaps arent monero. They are 3rd party
-
ofrnxmr[m]
Imagine the comit team using monero-Dev as their home base for their development chats 🥴
-
kayabanerve[m]
... I mean, I did say it was getting off topic because it became a rant about another project on my end, so I moved it to their threads and then explained to the developer privately how to properly integrate with monero, which is regardless of what they're integrating with
-
kayabanerve[m]
At this point, the only off topic discussion, besides mine which I ended almost an hour ago, and am sorry for, is this meta discussion on a dead conversation
-
ooo123ooo1234[m]
ofrnxmr[m]: atomic swap is shared part between monero and something else, it can be discussed by both sides; but isolated development of monero will be done here, and comit isolated development will be done somewhere else
-
ofrnxmr[m]
I was just typing
-
ofrnxmr[m]
"Im not replying on this subject fuether as arguing about it is even more off topic."
-
ooo123ooo1234[m]
clear enough ?
-
dangerousfreedom
Hey guys, I would like to get your thoughts on this issue here:
-
dangerousfreedom
-
moneromooo
What do you call stealth addresses ? Output pubkeys ?
-
dangerousfreedom
Yes
-
jeffro256[m]
Is this in any way related to the 2017 cryptonote inflation bug?
-
jeffro256[m]
-
jeffro256[m]
Will look at it more in depth in a little bit
-
UkoeHB
uh any idea why this suddenly failed (CI issue?)?
github.com/monero-project/monero/runs/6560013044
-
jeffro256[m]
My PR here fixes it:
-
jeffro256[m]
-
jeffro256[m]
Looks like someone updated the compiler for Windows CI build and didn't test it against current codebase (just a guess)
-
UkoeHB
jeffro256[m]: cool thanks
-
sech1
UkoeHB github updates compiler versions all the time
-
dangerousfreedom
<jeffro256[m]> "Is this in any way related to..." <- Could be if I had found a key_image outside the prime group. Which I didnt up to now. The thing is that Monero verifies only key_images. But anyone can modify the last bit of the transaction and relay to the network. The nodes would take the transaction and another point outside the prime group would be in the blockchain. Which lately could be used as a ring member in some
-
dangerousfreedom
transaction.
-
dangerousfreedom
By last bit I mean the stealth_address (resp_json["vout"]["target"]["key"])
-
gingeropolous
on immediate read, "NOTICE THAT I DID NOT FIND ANY KEY_IMAGE POINT THAT IS OUTSIDE THE MONERO PRIME SUBGROUP. WHICH WOULD MEAN THAT SOMEONE COULD HAVE DONE A DOUBLE-SPENDING." this doesn't communicate what i think the rest of the post communicates
-
gingeropolous
or at least it does so but the language requires more logic parsing
-
dangerousfreedom
I dont know what you think that the post communicates :p
-
dangerousfreedom
If it is not clear, let me know ;)
-
moneromooo
The quote above means "the check from vN worked" AFAICT.
-
moneromooo
(plus the blockchain check up to vN)
-
gingeropolous
it could be read as : "I did not find any key image point that is outside the monero prime subgroup, which means that someone could have done a double spending" .. or "i did not find any key image point that is outside the monero prime subgroup. If i had found that, it would mean ... "
-
gingeropolous
bah nvm. i think i got it.
-
dangerousfreedom
Oh yeah, sorry my language. I had an implicit statement there. I should have made like: WHICH WOULD MEAN (IF I HAD FOUND) THAT...
-
gingeropolous
yeah, there we go
-
jeffro256[m]
Oh okay, finally reading this now. There were no key images outside the subgroup, just some points
-
jeffro256[m]
If nothing else, it would be good to not allow that so the transactions remain uniform
-
dangerousfreedom
jeffro256[m]: Yeah, thats the point. Play safe in the prime group.
-
jeffro256[m]
Good find
-
jeffro256[m]
Since the public keys are outside the correct subgroup, won't the key images also be outside the group and thus not spendable?
-
dangerousfreedom
jeffro256[m]: No. It is a ring signature. You can have members outside the prime group.
-
dangerousfreedom
If you are the one trying to spend it then you can only spend the image that is in the prime subgroup
-
jeffro256[m]
Yeah but if they were to try to actually *spend* from that public key. the Key image is derived by multiplying against the public key so its corresponding key image would land outside the group correct?
-
jeffro256[m]
> If you are the one trying to spend it then you can only spend the image that is in the prime subgroup
-
jeffro256[m]
Okay yeah that's what I meant
-
dangerousfreedom
Yeah, you would have to multiply by 8 at some point
-
selsta
luigi1111: could you please merge 8349 to fix CI?
-
selsta
.merge+ 8349
-
xmr-pr
Added
-
luigi1111
Sure
-
selsta
.merges
-
xmr-pr
8318 8324 8325 8326 8328 8330 8331 8349
-
jeffro256[m]
UkoeHB your CI build should work now
-
jeffro256[m]
thanks luigi1111 !
-
jeffro256[m]
*as long you you rebase
-
selsta
force push is usually enough, at least for the CI run on the PR page
-
selsta
moneromooo: could you take a look at
monero-project/monero #8347 ?
-
aog
do you guys know how can I get some XMR on a testnet wallet?
-
NicholasHallahan
Hi Monero Devs! What are you guys working on?
-
plowsof[m]
-
aog
thank you plowsof[m]
-
plowsof[m]
-
NicholasHallahan
Awesome
-
jeffro256[m]
mine it with your daemon, the hashrate is only 4 KH/s