Please to meet you, parazyd: :)

kayabanerve[m]: Likewise :)

tevador: how does monero prototype the crypto? using sage?

i have a curve trees sage impl

it's just missing the proofs for EC inner product, which you can do using bulletproofs

the optimization i proposed is an upgrade, we can do that in parallel

I don't think we've ever done a prototype before, but it's better this way. The Same impl can serve as a template for the C/C++/Rust implementation later.

s/Same/Sage

If you have Sage code for Curve Trees, that's cool and would be a good start. But our case would use 4 curves instead of 2.

sarang made a python implementation of bulletproofs, and I believe of more things.

The skunkworks repo has those.

i just made some proofs myself but they are horrible (plz don't use as is)

also there's no ECIP which is missing

i will focus my attention on the ECIP part

and post updates here

big new paper analyzing ringct: eprint.iacr.org/2023/321

Rucknium[m]: have you seen this? eprint.iacr.org/2021/760

UkoeHB: Yes. Mentioned it here: libera.monerologs.net/monero-research-lab/20220706#c117416

ah :)

If I understand the paper correctly, it is saying that RingCT & ring size >= 11 implies chain reaction-like attacks are mostly ineffective.

I just skimmed through another masters thesis researching monero. This is like the 4th one I’ve seen pop up this month. “Blockchain Privacy Notions Using the Transaction Graph Model”

Tl;dr they define untracability, unlinkability, and confidentiality to create a model to formally compare cryptocurrencies. After a lot of math their results are:

Nothing groundbreaking but overall a good paper

<UkoeHB> "big new paper analyzing ringct..." <- Wow this is thorough(80 pages). Once it is peer reviewed we should link this as part of the security audits for ringCT on the github.

i had a student do a seminar on monero with focus on dandelion++, but also overall anonymity. nothing spectacular, but it explains stuff realy well i think.

i can ask my professor, and the student if i can make it public once i graded it if there is any interest...

* realy well and is a good introduction i think.

atomfried[m]: maybe you could get it hosted on the monero community workgroup youtube

I can't find it in the logs, but I think koe suggested that MAGIC add "Security proofs around Monero's existing constructions" as a fundable research category to monerofund.org/apply_research . Cremers, Loss, and Wagner (2023) may have gotten us a lot of that without MAGIC funding :)

The paper says it does not try to cover Bulletproofs

UkoeHB: would be ~15 minutes. i will ask them. maybe he is lurking in here hahaha

* in here and already nervous were this is going hahaha

Rucknium[m]: bulletproofs has its own security proofs

Rucknium[m]: oh I see, they don't prove that bulletproofs satisfies their security requirements