If I sign the same string with the same spend key, can I get a different signature?

I would say no. Seems to me to be the whole point: Same string singed with the same spend key (with the same algorithm and parameters of course) must give the same signature.

Sir if the new advanced user feature is converted from 24 words to 25 words, after I reset the ledger hardware wallet, can I access the same monero assets with just 24 words without +25 words in ledger hardware wallet? I don't mean passphrease in ledger hw. I mean the seed phrease (advanced users) for just the monero in ledger hardware wallet.

Hmm. That's my thinking too, but still getting a different signature. This is via monero-cpp and testnet if that matters, but I don't think it should. Straight calls to `wallet2::sign()`.

I'm trying to update the monero-javascript library, and for some reason, since updating to v0.18.1.2, `num_mainnet_hard_forks `, `num_testnet_hard_forks`, and `num_stagenet_hard_forks` from hardforks.h are all improperly initialized to 0 when built with WebAssembly. I confirmed they initialize correctly in v0.18.1.0. any ideas what could be causing that?

jozsef[m]: Just checked the code of wallet2::sign: Looks almost trivial, nothing non-deterministic in sight - and why should it? How would you check the signature otherwise?

woodser: Is `monero_wallet_full::sign_message()` tested within monero-javascript? (Can't find anything that would call it.)

Not sure I understand you question.

At this point I'm simply printing the signature.

and I get 'SigV2KfxLpk4bqBBcuEFmH11K9DEbj7n6BDDBxCXx24XJ3uFqWYxhD7HCJUmFK96XZaPjb1SAYoSK4o7QtNCDaxnD8cNe' and 'SigV24hsxZpanELHE9B77KD91rJAqhEc86QsyR5mNv2ShdYhVE5prscPL98a14z2wsVvm9uCyfXMer9dbabWtnHCJxJab'

jozsef yes, that function is tested here: github.com/monero-ecosystem/monero-…est/TestMoneroWalletCommon.js#L2265

People can check the validity of a signature with the corresponding public key, if I am not gravely mistaken?

Yes. I believe that's what woodser's test above does. Now I'd like to test if I get the same signature for the same message + wallet. Not assuming a problem with either wallet2 or monero-cpp, just trying to narrow it down where I'm abusing the API somehow. Probably the easiest is to add a wallet2 test if that does not exist.

solved my issue with the hardfork constants by explicitly including hardforks.cpp, fyi :)

I verified that the signatures returned from `wallet2::sign()` _are_ different for the same input `data`, `signature_type`, and `index{0,0}`. I find that strange.

Noob here: PGP signatures include the time of signature. Does `wallet2::sign()` include the time?

Rucknium[m]: as far as I can see no

Nitter.net/chainrx/status/1593608330127237121

Saw this just now.

Regarding a potential Sybil attack

\>tweet not found

I hope you have a screenshot

Nitter.net/chainrx/status/1593620605605224448

Sorry about that

This link should work

#xmr bootstrap exploit: #monero has 4 bootstrap seeds & 4 update servers (see pics) all resolve to gandi.net a french provider,

If this is true, it’s really stupid to have all eggs in one basket

a free audit nice

plowsof: We need hackathons

lets wait for reactions but i personally have not much clue whats going on here? "de anon" meaning finding the ip of clear net nodes? like get_peer_list? find which have public rpc? (its more than 200) bonus points for finding unrestricted nodes and using their peer lists too? github.com/plowsof/xmr-get-fee-estimate-test

ok ignore me^ im hearing the tweet is bs but hopefully someone clarifies for us

> <@nikg83:matrix.org> #xmr bootstrap exploit: #monero has 4 bootstrap seeds & 4 update servers (see pics) all resolve to gandi.net a french provider,

>

> If this is true, it’s really stupid to have all eggs in one basket

nevertheless ^

does he think every transaction my node broadcasts is from me

otherwise this whole thing makes zero sense

Is there a way to use "play monero"? I want to create an API for a monero-based point of sale so I can sell shit online, but I need a way to test it.

there's the testnet for that :)

stagenet is the real play-money

in terms of integrating with things, testnet is the play-money for people playing with the blockchain itself

Never heard of these, thanks guys!

One more question. How come Monero hasn't adopted Matrix spaces? Any reason?

"#xmr bootstrap exploit": Announcing an exploit with a Twitter thread and mysterious screenshots of parts of code?

And making statements that at least sound to me like mixing up two things badly, communication between nodes, and communication between wallets and nodes?

I guess I am too old for such Twitter threads, and too dumb to understand what they hint at :)

even he-who-shall-not-be-named isn't as dumb as that

plowsof: The IP addresses of the seed nodes are listed in the code

regarding that tweet: our DNS seed nodes are empty and we use hardcoded IPs on mainnet / testnet / stagenet

so I think they tweeted first before even verifying if what they claim works