13:22:05 <bhayek[m]> hi there! i have to write a paper to conclude my CS undergrad degree. I'm very passionate about Monero and decided i'd like write about how it works under the hood in technical detail (the cryptography behind ring signature works, bullet proofs, stealth addresses, zk proofs). However, I'm afraid the scope could be too broad or that I find myself into deep waters which I don't have the base knowledge to dive in. Can someone here
13:22:05 <bhayek[m]> with experienced knowledge in the cryptographic mechanisms of Monero provide me with some guidance please? Or, where can I find somebody that I can talk to about it? tks :)
13:26:11 <moneromoooo> "Zero to Monero" describes all the crypto and related things in monero.
13:26:39 <moneromoooo> Unless your goal is to learn it yourself from the code to be able to explain it.
13:26:55 <bhayek[m]> moneromoooo: not, that is not the goal haha
13:27:10 <bhayek[m]> i downloaded a copy of Zero to Monero, seems very complete
13:27:12 <moneromoooo> Then that and possibly the papers for Bulletproofs, etc.
13:39:37 <bhayek[m]> I just wanted to talk to somebody to help me limit the scope of the paper and select specific cryptography concepts. My main concern is if I pick a topic which requires very advanced math knowledge... (My knowledge of math behind cryptography is very basic: modular arithmetic, chinese remainder theorem, euclidean algorithm, elliptic curves, Galoa field. Regarding cryptography, I've studied simetric and assimetric keys, block and
13:39:37 <bhayek[m]> stream cipher, digital signatures, MAC codes, ZK proofs, key exchange protocols, hashing algorithms, etc). 
14:10:00 <moneromoooo> Then wait here for a day or two and see if anyone reads this and has suggestions.
14:19:38 <Mason[m]> <moneromoooo> ""Zero to Monero" describes all..." <- Was reading the whitepapers already but this looks fantastic, thanks!
15:09:29 <UkoeHB> bhayek[m]: idk much about CS degrees - are you supposed to tie into CS topics or something?
15:48:53 <dartian[m]> Hi ! I have a question about the future for monero's development plan.... (full message at <https://libera.ems.host/_matrix/media/v3/download/libera.chat/e045da03c1e9f532b07b746cd0099bed1e07e644>)
15:50:32 <dartian[m]> my question for you all is this: is the fork in direction understood by you all as I stated? Or am I missing something.
15:50:32 <dartian[m]> is it clear at all as to which direction needs to be pursued? any disagreement?
15:50:51 <dartian[m]> jberman94: Rucknium: 
17:53:12 <bhayek[m]> <UkoeHB> "bhayek: idk much about CS..." <- yes. In my case, the requirement is that I write a paper about some topic in CS. I'm interested in learning the cryptography behind the privacy features of Monero, that's why I choose it
17:54:17 <UkoeHB> ah did not realize cryptography was considered a CS topic
17:58:14 <ghostway[m]> <bhayek[m]> "yes. In my case, the requirement..." <- Read about bulletproofs. I'm doing so myself currently, so if you want I can share a few sources, but I don't understand this fully yet. I think the whitepaper might be a very good way after all, or the zero to monero thing, which I did not check yet
17:59:04 <ghostway[m]> UkoeHB: Applied cryptography :)
18:01:54 <Rucknium[m]> dⱮartian: IMHO, you are basically correct. Mimicking the "Patterns of Life" was called simply "the Monero problem" by gingeropolous in 2016: https://bitcointalk.org/index.php?topic=1139756.msg14588629#msg14588629
18:03:21 <Rucknium[m]> MRL Research Bulletin #4 discussed the timing/age problem specifically.
18:05:16 <Rucknium[m]> Ronge, V., Egger, C., Lai, R. W. F., Schröder, D., & Yin, H. H. F. (2021). "Foundations of ring sampling." mathematically analyze the strength of a mimicking decoy selection algorithm
18:05:16 <Rucknium[m]> https://moneroresearch.info/index.php?action=resource_RESOURCEVIEW_CORE&id=19
18:05:43 <ghostway[m]> I don't feel right using ml for this. What would be the outputs? You have to basically have a history and keep adding somewhat of a score, and then score again each account, any other practical way?
18:06:50 <Rucknium[m]> It's not obvious that machine learning models would do a better job than more traditional statistical methods.
18:07:09 <ghostway[m]> Yea, that's what I'm going for
18:07:18 <ghostway[m]> I feel maths is more right for this
18:08:30 <ghostway[m]> As in, statistical models..
18:09:21 <Rucknium[m]> Right now OSPEAD's focus is on univariate age data. It does not take into account other variables like fee, coinbase/noncoinbase, input#/output#. It focuses on single tx inputs independently, yet the real spend of txs inputs are not independent. 
18:10:35 <Rucknium[m]> Borggren, N., & Yao, L. (2020). "Correlations of multi-input monero transactions." investigate that last point. https://moneroresearch.info/index.php?action=resource_RESOURCEVIEW_CORE&id=57
18:11:50 <Rucknium[m]> A full mimicking decoy selection algorithm would probably take into account those other variables and deal with the dependence of multi-input transactions.
18:14:27 <ghostway[m]> Yep. Maybe would keep track of the decoys's urgency (good name for it btw). Problem is, you don't really want to change the behavior of the user, so it might be the other way around. Find a set of decoys matching the usee
18:14:40 <ghostway[m]> User*. And generally normalize
18:14:51 <Rucknium[m]> Machine learning is not my preferred tool. I won't look into the field for solutions unless there is a compelling reason. Others of course are welcome and encouraged to try machine learning or other tools. Then we can see which perform the best, theoretically and empirically.
18:15:10 <ghostway[m]> Completely agree :)
18:16:06 <Rucknium[m]> The line between machine learning and traditional statistics is blurry in many places.
18:16:49 <Rucknium[m]> dⱮartian: Here is the current draft of the OSPEAD estimation specification in case you didn't see it: https://github.com/monero-project/research-lab/issues/93