<a​nddn:matrix.org> The Tor network is being rewritten in Rust. Should Monero also consider rewriting it in Rust? Because C++ is too cumbersome and not suitable for the long-term development of Monero.🤔

Oh no, not this again 🙄

Rust is a language that's too overhyped for what it can really achieve, plus it suffers from the supply chain plague redteamnews.com/threat-intelligence…developers-through-malicious-crates

Good choice for Monero? I say no

The C++ official repo will stay there for the foreseeable future and be the main source of the official binaries. But there is Cuprate project, if you're interested

<k​ayabanerve:matrix.org> Tor and Monero both have alternative implementations in Rust under development. I don't believe Tor is deprecating their C and Monero definitely isn't.

<k​ayabanerve:matrix.org> > We intend that, in the long run, Arti will replace our C tor implementation completely, not only for clients, but also for relays and directory authorities. This will take several more years of work, but we're confident that it's the right direction forward.

<k​ayabanerve:matrix.org> >

<k​ayabanerve:matrix.org> > (We won't stop support for the C implementation right away; we expect that it will take some time for people to migrate.)

<k​ayabanerve:matrix.org> TIL

<k​ayabanerve:matrix.org> Monero also is adopting Rust dependencies with FCMP++ and I personally find it incredibly appropriate.

<k​ayabanerve:matrix.org> (sech1 is welcome to rewrite FCMP++ in C++ and have Cuprate adopt C++ dependencies though ;) )

I would rather rewrite it in C with some ASM code for max performance

If it comes to rewrite

Also, C is much easier to bring to other languages

How many lines of code is FCMP++ currently?

<k​ayabanerve:matrix.org> Rust can expose a C FFI FWIW

<k​ayabanerve:matrix.org> 10-20k, not counting deps?

<k​ayabanerve:matrix.org> I can check in a few

A full rewrite is an overkill then

but some performance critical parts - why not

<k​ayabanerve:matrix.org> Tbh I'd love a second verifier implementation

<k​ayabanerve:matrix.org> You also can probably get it much more concise if you remove the prover and strip 'unnecessary' functionality

If if can be rewritten in parts and interconnect with Rust code with C FFI, I can do it gradually

maybe even make a CCS proposal for it

because it will be a lot of work

10-20k lines of code is at least 3-4 weeks of full time work to get an MVP

minimal viable product

<k​ayabanerve:matrix.org> I didn't implement the FCMP. I implemented a framework for proofs over Bulletproof, composable parts for such proofs, and then the FCMP on top, as necessary to satisfy review and ensure we could actively develop it.

<k​ayabanerve:matrix.org> You can probably cut a lot of that out and bake in the FCMP specifically though.

<k​ayabanerve:matrix.org> It won't be explanatory and may be hell to audit, but it doesn't have to be audited to be correct. Solely corresponding.

<k​ayabanerve:matrix.org> monero-oxide/monero-oxide #29 14k lines, excluding deps, a month ago

Second implementation can be really helpful to find new issues - P2Pool got a lot bug reports and some vulnerabilities fixed when DataHoarder was writing the P2Pool Observer

<k​ayabanerve:matrix.org> The external deps are likely just blake2, ed25519 if you want to be minimal however.

blake2 and ed25519 already have good C implementations, perfect

A key part of that was also running the same tests but with different code too (found shuffle stuff) or easier time fuzzing

Not be a 1:1 implementation but try to make it specific to the language, then test very well the consensus parts

not making a PR for this yet WeebDataHoarder/monero 755bf84

This fixes a long term bug where signing messages from Monero GUI watch-only wallet produces a signed message ... signed from the spend key, using the valid spend pub, but using the "zero" private key

(also allows view key signatures to happen on watch-only mode when specified)

on the main address, at least

sign 0,0 --view proof.txt

Error: wallet is watch-only and cannot sign

^ this would work

to repro the issue on Monero GUI do this, on a watch-only wallet: Go Advanced->Sign/verify, Sign Message (sign anything here), ... scroll below and verify it again :)

I had the specific detection from two years ago more or less where checking a signature against spend/view pub commitment, but the signature was generated using the zero private key git.gammaspectra.live/P2Pool/consen…/monero/address/crypto.go#L151-L154

.merge+ 10115 10114 10113 10112 10110 10104 10103 10098 10097 9939 9901

Added