-
MRL-discord
<Reuben (Firo)> Lol btw Joshua didn't know that you were the author of Seraphis UkoeHB
-
MRL-discord
<Reuben (Firo)> selsta: the initial version of Lelantus had the self spend tracing problem but later versions (Lelantus 2) did not have this issue albeit with the balance security proof problem. Lelantus 3 or Spark does not have either of these issues
-
sarang
Are messages not going through?
-
MRL-discord
<Reuben (Firo)> Not sure I didn't see it being addressed in your replies but maybe you did :)
-
moneromeow
I see one from sarang and three from Reuben (Firo).
-
moneromeow
Then more from half a day ago.
-
chad[m]
Same
-
UkoeHB
Reuben: Joshua?
-
UkoeHB
Meeting in ~35mins
-
MRL-discord
<Reuben (Firo)> UkoeHB: Joshua Goldbard
-
gingeropolous
whats the agenda?
-
ErCiccione
FYI: about the wagner attack:
monero-project/monero #7830
-
UkoeHB
gingeropolous: chat and orient about open research projects
-
gingeropolous
cool.
-
UkoeHB
meeting start
-
UkoeHB
1. greetings
-
UkoeHB
hello
-
isthmus
Salutations
-
Rucknium[m]
Hi
-
UkoeHB
monero-project/meta #597 made an issue for the meeting
-
UkoeHB
There don't seem to be that many people here. In any case,
-
UkoeHB
2. updates
-
UkoeHB
I am currently working on: Seraphis preprint, ring binning (issue #84), overhaul of multisig address generation. Past stuff still open: tx uniformity (#6456).
-
luigi1111w
sorta here
-
vtnerd
present
-
Rucknium[m]
I made a little R Shiny app to display data on CashFusion, BCH's CoinJoin protocol:
fusionstats.redteam.cash
-
Rucknium[m]
It seems the anonymity set is small. About 200 fusions a day, and a lot of those are teh same wallets fusing multiple times per day.
-
vtnerd
not strictly MRL related (but close) - finished writing a draft of p2p-e2e encryption with noise - perhaps too much work and should "just use ssl"
-
vtnerd
noise allows for sending handshake/ping in first packet + all bytes randomized, which makes it harder for dpi engines to identify the stream
-
vtnerd
so I'll post the full writeup before doing the code for feedback
-
wfaressuissia[m]
"
arxiv.org/pdf/1703.00536.pdf" is better than general purpose mixnet in long term perspective?
-
wfaressuissia[m]
* ... is it ...
-
vtnerd
maybe, but that would be external to monerod I think, and hopefully would use the socks interface
-
UkoeHB
some things others not present are working on:
-
UkoeHB
- ArticMine's fee change recommendations for issue #70 are in PR form:
monero-project/monero #7819
-
UkoeHB
- sarang's initial draft for Triptych-supporting multisig is out:
github.com/cypherstack/triptych-multisig
-
UkoeHB
- sarang and researchers at Firo are working on Spark (successor to Lelantus 1/2) protocol
-
UkoeHB
- jberman[m] continues to investigate/study the gamma selection for ring decoys
-
UkoeHB
Anything else that I missed?
-
Rucknium[m]
I am an empirical microeconomist, by the way. Hopefully I can be helpful to XMR at some point.
-
jberman[m]
Working on fixes to the decoy selection algo (7821, 7798). Next step seems to try and deduce real spends to guide parameter selection. Also thinking about implementing a tool to assess the quality of ring selection and/or shifting attention toward the binning implementation (by providing eyes or whatever else need be)
-
gingeropolous
i think an analysis of monero's monetary policy would be cool Rucknium[m] , with implications of adaptive blocksize params
-
isthmus
Agree, the jollymort stuff is really old
-
Rucknium[m]
I think it would be cool, too. I feel like I need to work my way through Zero to Monero first, though. What kind of research questions about the monetary policy would be useful to answer?
-
isthmus
The main thing on my mind: I am skeptical that going into tail emission soon at 0.6 XMR is going to incentivize enough hashrate to make Monero secure for large transactions
-
wfaressuissia[m]
"Anything else that I missed?" I'm lost somewhere within a try to fix peer to peer network of monero based on randomx pow.
-
UkoeHB
thanks for all the updates guys
-
UkoeHB
3. discussion
-
wfaressuissia[m]
isthmus: are there any papers about proper incentive design ?
-
UkoeHB
moving forward:
-
UkoeHB
- Two people expressed interest in working on PoC/code for ring binning (MRL #84), I will try to coordinate that effort. I still need to improve the theoretical justifications for this. However, are there any open points of concern on this topic?
-
UkoeHB
- I received an email from someone expressing interest in working on parts of tx uniformity (#6456), but have not heard anything recently.
-
UkoeHB
- Need to discuss fee changes (some disagreement about max rate of long-term block size growth).
-
UkoeHB
- Need to start thinking about Triptych vs Seraphis/Spark/etc.
-
isthmus
@wfaressuissia[m] here's the OG analysis by jollymort but it's several years old
-
isthmus
-
isthmus
Mastering Monero provides a very brief description, and I think that Zero To Monero discusses it in more detail
-
isthmus
ArticMine has also done some great analyses around fee markets, though I'm not sure if this is documented centrally, maybe on GitHub issues?
-
gingeropolous
well damn thats quite a list folks
-
isthmus
Although those are, for the most part, exploring and explaining what currently exists rather than what could/should
-
UkoeHB
Regarding Triptych vs etc., it feels a bit in limbo since Seraphis/Spark/etc. are still WIP preprints. Should we table the question of 'what tx protocol to use next' until preprints are available for possible alternatives to Triptych?
-
gingeropolous
is it worth considering triptych in the meantime regardless of multisig snafu?
-
Rucknium[m]
isthmus: We are already at 0.9 XMR reward per block. I suppose if there is a concern at 0.6, we should already be concerned.
-
luigi1111w
I think it's too much a developing field to settle right now
-
wfaressuissia[m]
isthmus: At first glance, those links don't contain fundamental analysis. short term heuristics aren't interesting for me
-
gingeropolous
from what i'm hearing from the grapevine, most monero multisig things are running into problems
-
isthmus
@Rucknium[m] yea, I already am concerned, a 10 block reorg costs less than $2000 in electricity, so I wouldn't trust monero for anything over $10k right now
-
luigi1111w
you mean after 10 blocks?
-
luigi1111w
you can wait longer
-
tobtoht
^ services are free to change their desired number of confirmations
-
UkoeHB
> is it worth considering triptych in the meantime regardless of multisig snafu?
-
UkoeHB
Do you mean, consider upgrading to Triptych without multisig support?
-
isthmus
Sure, though I'd rather have more hashrate than longer wait times :- P
-
gingeropolous
yep
-
luigi1111w
strongly disagree
-
luigi1111w
there's huge cost to upgrade
-
tobtoht
I echo that sentiment, it's worth doing right.
-
Rucknium[m]
isthmus: Are botnets active now? Or is it harder with the requirements of RandomX? Would the biggest concern be botnets? Or what are the most likely 51% attack scenarios now?
-
kinghat[m]
there was talk about increasing the ring size before triptych integration but i think was tabled in favor of waiting for triptych. does this change now that triptych is in limbo?
-
tobtoht
I'd like to see BP+, ring size bump, and fee adjustment in a hardfork in 6-9 months from now, then decide after what to do wrt Triptych / Seraphis / Lanantus 3 when the tradeoffs have become more clear.
-
kinghat[m]
for next HF*
-
isthmus
I have to run out for an appointment but can drop back later today.
-
sgp_[m]
tobtoht: Why 6-9 mo from now? Why not 3 mo from now?
-
sgp_[m]
Those things are all ready to go
-
luigi1111w
3 mo meants it'll be down to the wire as always -_-
-
kinghat[m]
ya i thought we were thinking this summer or this fall for the HF
-
sgp_[m]
luigi1111w: In what way, I thought the code was effectively ready to go
-
sgp_[m]
And we can use the opportunity to force the update for the improved wallet selection algo
-
luigi1111w
maybe if it's actually moved on in the next few weeks, but historically that never happens
-
tobtoht
Shorter timeframe is fine if we can get the ecosystem on board in time
-
sgp_[m]
Is there anything we're waiting on?
-
luigi1111w
if it's 3mo from when the release process starts that would be ok
-
UkoeHB
would be nice to get multisig address gen fixes into next big release, but it isn't a blocker
-
sgp_[m]
Setting a mid Nov upgrade date seems reasonable imo
-
kinghat[m]
dev meeting soon? or is that a community meeting 🤔
-
luigi1111w
dev
-
sgp_[m]
I'd rather not stall on the fixes for longer, take the wind now while the bigger discussions are stalled/ongoing
-
ErCiccione
maybe a large dev meeting would be useful
-
sgp_[m]
Yeah this is dev meeting stuff now
-
gingeropolous
yep
-
tobtoht
yeah
-
ErCiccione
we can set one for next week?
-
gingeropolous
if there's talk of a release soon, prolly time to have them weekly etc
-
gingeropolous
well, fork i mean
-
wfaressuissia[m]
UkoeHB: What's the state of the art for anonymous payment system design now ? If it's too hard question then it can be ignored as everything else. I'm about cryptography part
-
ErCiccione
yeah. We also need a clear list of what's going to be included in the network upgrade
-
ErCiccione
-
UkoeHB
wfaressuissia[m]: imo and afaik 1) active protocols: RingCT; 2) published research: Triptych; 3) WIP research: Seraphis/Spark/etc., Halo 2 + Orchard
-
gingeropolous
so it seems the rough consensus is to hold out for seraphis / spark / ? , mainly due to multisig complexity of triptych?
-
sgp_[m]
<gingeropolous> "if there's talk of a release..." <- Agreed
-
sgp_[m]
<ErCiccione> "btw should we talk about
https:" <- What is the Wagner attack?
-
sgp_[m]
gingeropolous: Seems to, people want to make a decision when more options are on the table
-
wfaressuissia[m]
it's impossible to make a decision without deep unbiased comparison of all weaknesses / advantages for all of them
-
ErCiccione
sgp_[m]: I don't know more than what i wrote in the issue, but luigi1111 looked into it, he definitely knows more than me about it
-
UkoeHB
-
UkoeHB
-
UkoeHB
It's the reason the multisig MRL paper requires a commit-and-reveal pattern.
-
ErCiccione
yeah UkoeHB is the one who informed us about it
-
UkoeHB
Tbh I also don't have a great understanding, but since the papers say we should use commit-and-reveal, then better to do that.
-
sgp_[m]
Do we need to inform people the old/current multisig wallets are vulnerable?
-
sgp_[m]
Okay
-
sgp_[m]
I have more questions on this but none for now
-
UkoeHB
Maybe.. unfortunately right now I don't know if anyone knows under what conditions a problem will occur.
-
UkoeHB
It's past the hour, so I will call close on the meeting.
-
sgp_[m]
Ty for having one :)
-
sgp_[m]
Let's have that dev meeting asap
-
ErCiccione
yeah
-
luigi1111w
I don't have anything to add about wagner right now.
-
wfaressuissia[m]
Regarding fees, there are 2 questions: 1. How to do it in the best way for public pow blockchain. 2. Which subset of this can be implemented in private anonymous blockchain?
-
wfaressuissia[m]
There are a lot of papers for the 1., 2. is thing specific to monero