03:29:16 Please to meet you, parazyd: :) 09:53:59 kayabanerve[m]: Likewise :) 13:30:56 tevador: how does monero prototype the crypto? using sage? 13:31:05 i have a curve trees sage impl 13:31:21 it's just missing the proofs for EC inner product, which you can do using bulletproofs 13:31:34 the optimization i proposed is an upgrade, we can do that in parallel 13:33:25 I don't think we've ever done a prototype before, but it's better this way. The Same impl can serve as a template for the C/C++/Rust implementation later. 13:34:01 s/Same/Sage 13:35:13 If you have Sage code for Curve Trees, that's cool and would be a good start. But our case would use 4 curves instead of 2. 13:46:17 sarang made a python implementation of bulletproofs, and I believe of more things. 13:46:44 The skunkworks repo has those. 14:08:56 https://github.com/darkrenaissance/darkfi/blob/master/script/research/zk/curve_tree.sage 14:09:21 i just made some proofs myself but they are horrible (plz don't use as is) 14:09:24 https://github.com/darkrenaissance/darkfi/blob/master/script/research/zk/curve_tree_proofs.sage 14:09:41 also there's no ECIP which is missing 15:34:40 i will focus my attention on the ECIP part 15:35:16 and post updates here 21:37:27 big new paper analyzing ringct: https://eprint.iacr.org/2023/321 21:45:50 Rucknium[m]: have you seen this? https://eprint.iacr.org/2021/760 21:54:12 UkoeHB: Yes. Mentioned it here: https://libera.monerologs.net/monero-research-lab/20220706#c117416 21:55:56 ah :) 21:57:29 If I understand the paper correctly, it is saying that RingCT & ring size >= 11 implies chain reaction-like attacks are mostly ineffective. 22:09:35 https://crypto.unibe.ch/archive/theses/2022.msc.francois-xavier.wicht.thesis.pdf 22:09:35 I just skimmed through another masters thesis researching monero. This is like the 4th one I’ve seen pop up this month. “Blockchain Privacy Notions Using the Transaction Graph Model” 22:09:35 Tl;dr they define untracability, unlinkability, and confidentiality to create a model to formally compare cryptocurrencies. After a lot of math their results are: 22:09:56 * xmrack[m] uploaded an image: (115KiB) < https://libera.ems.host/_matrix/media/v3/download/matrix.org/iLsAstHdOFSLyTtJgBZHuxnm/ima_5013ef1.jpeg > 22:10:08 Nothing groundbreaking but overall a good paper 22:24:00 "big new paper analyzing ringct..." <- Wow this is thorough(80 pages). Once it is peer reviewed we should link this as part of the security audits for ringCT on the github. 22:30:17 i had a student do a seminar on monero with focus on dandelion++, but also overall anonymity. nothing spectacular, but it explains stuff realy well i think. 22:30:17 i can ask my professor, and the student if i can make it public once i graded it if there is any interest... 22:32:00 * realy well and is a good introduction i think. 22:38:35 atomfried[m]: maybe you could get it hosted on the monero community workgroup youtube 22:42:28 I can't find it in the logs, but I think koe suggested that MAGIC add "Security proofs around Monero's existing constructions" as a fundable research category to https://monerofund.org/apply_research . Cremers, Loss, and Wagner (2023) may have gotten us a lot of that without MAGIC funding :) 22:42:41 The paper says it does not try to cover Bulletproofs 22:42:53 UkoeHB: would be ~15 minutes. i will ask them. maybe he is lurking in here hahaha 22:43:11 * in here and already nervous were this is going hahaha 23:02:59 Rucknium[m]: bulletproofs has its own security proofs 23:39:30 Rucknium[m]: oh I see, they don't prove that bulletproofs satisfies their security requirements