14:56:33 Meeting 2hr. If I don’t make it on time someone else should lead 17:00:02 meeting time https://github.com/monero-project/meta/issues/736 17:00:02 1. greetings 17:00:02 hello 17:00:28 Hello. 17:00:37 Hello 17:03:28 Hi 17:05:26 hmm low turnout today 17:05:49 well, let's continue 17:05:51 2. updates 17:07:57 me: wrote the first unit test of a seraphis tx spending legacy enotes, need to add a bunch more unit tests and update tx builders further (multisig will be a bit of work); also plan to write a serialization proof of concept for seraphis txs 17:08:49 In a few hours I will send the OSPEAD fully specified estimation plan to the scientific review panel, thus completing Milestone 1 of the CCS. It's about 80 pages. The plan is next week I will release a public version with about half of the content removed (for now). 17:09:00 This week I have been studying Seraphis again and opened a CCS (please upvote if you think it is useful). Although I have never contributed officially to Monero, it feels much less scary the tasks I am proposing to do in comparison to the work I did for moneroinflation. I should start getting my first results (or some problems) by next week regarding the audit framework. 17:10:48 Rucknium: I know you are a specialist in advanced statistics and probability. I have a question about gentian builds on the monero code which are done before a new verison is released. How many iterations of the checksums would be conclusive that the code is in fact valid? Keep in mind the code base is quite extensive and just a misplaced letter, or extra space, throws the checksum really askew. 17:11:31 Yes, but I'm not a specialist in cryptographically-secure probability. 17:11:32 one-horse-wagon[: do you mean how many people reporting the same checksum? 17:11:47 So thanks for the question, but there are probably better people to ask 17:11:55 UkoeHB: yes 17:12:34 presumably only one is needed - one out of the group of people you trust 17:13:47 My naive guess is that it is (Pr(Checksum is valid for one run of the compilation))^N, where N is number of people who ran the compilation. Since it is presumably independent and identically distributed. 17:13:59 3. we can do discussion; it will be a short meeting 17:14:15 UkoeHB: I felt it was very low and one would work, in thinking about it. 17:15:11 the best way is to build your own reproducible builds so that you don't have to trust others 17:16:02 dangerousfreedom: Could you explain task (1) in your CCS in more detail? The audit framework. So the goal is that the framework could be passed on to an audit firm or something? Is there a distinction between audit and peer review? 17:16:13 selsta: Absolutely. But the vast majority of Monero users don't have that capability and are dependent on others. 17:16:57 If someone releases binaries with a checksum that collides with the binaries produced by compiling from source, then no amount of re-confirmations will help you. The checksum only works in this case if you can't do a second preimage attack. 17:17:04 hi sorry I'm late. me: working through a bug from daemon/wallet hf compatibility check + finishing background sync mode + getting quotes on security proofs (and a comprehensive audit) for multisig from veorq and co (email going out today or tomorrow) 17:17:12 Rucknium[m]: No, the goal is to generate the proofs that you spend, received or that you have ownership on some inputs/outputs. 17:17:20 After I'm done with the first 2, planning to turn attention toward Seraphis 17:17:46 Very much like chapter 8 in ZtM2 17:18:06 But for Seraphis and providing code and information 17:18:50 So "audit" as in the same thing you did for moneroinflation? 17:19:51 If you concern is checksum-signers are colluding to claim that released binaries are compiled from public source code, then all you need is one checksum signer you trust to corroborate the other signers (or to reach a threshold of signers where you think 'collusion between all these people is very unlikely') 17:20:46 Rucknium[m]: No. It will be the code and some explanation regarding how to prove ownership of inputs and outputs. 17:21:04 Like the SpendProof that you have in your wallet 17:21:25 Ah ok 17:22:13 Sounds good...but general question: are we getting closer to formalizing Seraphis for peer review? 17:22:25 Koe still didnt do it so there are remaining tasks for me :p 17:22:39 Rucknium[m]: no progress has been made there 17:22:52 I need to update the paper once I am done with all this programming stuff 17:23:29 also here - updating my serialization branch/patch to work with json and remove the tons of macro changes on the branch 17:23:35 Ok. 17:23:48 and I started working on the noise protocol stuff for p2p, the code is a mess but in progress 17:24:16 vtnerd: Is there a written specification for the noise protocol? 17:24:20 there might be a discussion on which mode to use, because there are some interesting tradeoffs with privacy and whether the protocol even bothers to do authentication 17:24:23 yes 17:24:34 its been formally verified, etc, and there's a website, pdfs 17:24:59 UkoeHB Good point 17:25:06 I also have an open PR of our slightly modified version - some of the mods have to do with backwards compatability (i.e. detecting non-encrypted mode) 17:25:42 and some theres an i2p like modification for obscuring the first ephermal key, which isnt strictly necessary but makes fingerprinting slightly harder 17:25:55 How do I look up the protocol? Is it just called "noise protocol"? 17:26:00 otherwise its whatever noise protocol says 17:26:21 noiseprotocol.org 17:26:45 Thanks 17:26:49 https://github.com/monero-project/monero/pull/8028 17:32:34 discussion about seraphis integration is slowly ramping up, it would be great if people could chime in/participate https://github.com/seraphis-migration/wallet3/issues 17:33:13 https://matrix.to/#/#no-wallet-left-behind:haveno.network 17:34:57 ok I think we can call it here, thanks for attending everyone 17:35:23 Thank you!