18:58:31 <who-biz> hey guys - I submitted a hackerone report about this some time ago - and as I'm researching a bit more I thought it best to open it for discussion (not looking for a bounty or anything)
18:59:29 <who-biz> In my independent work, I found that using a hex-encoded value of zero to seed privkey generation, generates a private key = rct::identity
19:02:05 <who-biz> after learning some more about algebraic group models (multiplicative).. I'm curious if anyone else sees an issue with a private key = rct::identity... if its not a problem (anonimal gave me a "thanks" on H1, moneromoooo said it was not a vuln but wrote a soft-check into codebase to prevent users from doing this)
19:02:39 <who-biz> can anyone explain why it is not an issue? or weigh in on possible problems with allowing keys = identity?
19:02:54 <moneromooo> If anyone sees an issue with 0, they'll see an issue with 1. And if with 1, then 2, etc.
19:03:07 <who-biz> I
19:03:28 <who-biz> Sorry, not saying there is an issue. I am just curious as to others' thoughts on this.
19:04:15 <who-biz> I don't have anything indicating it may mess with the math. Is a key = 1 the same as a point at infinity? I get the feeling I am conflating things there
19:05:53 <who-biz> We didn't discuss a whole lot - and a soft-disallow seemed fine to me. I am more interested in what issues it could present, or why it doesn't. I am not a group theory mathematician but am seeking to understand things
19:08:19 <who-biz> I don't know that 0, or 2, are issues. But 1 seems a unique case to me
19:09:48 <who-biz> on a non-tech/math note - is anonimal still around?
19:10:00 <moneromooo> Not that I know of.
19:10:17 <who-biz> good to see you still around btw!
19:10:49 <who-biz> it has been a few years :)
19:25:28 <who-biz> logging off, but will monitor logs for discussion. thanks folks