<chaser> sech1: sech1: re "Once you get a huge stake, you don't need to spend much resources to maintain it": you ideally launch a staking consensus mechanism with a delay in activation, giving time for stakers to lock coins, and even after launch, first just use it to come to consensus about its own state. this allows honest stake to [... too long, see mrelay.p2pool.observer/e/5sGckLAKSFk5blhX ]

<chaser> when Ethereum transitioned (they switched to full proof of stake, not what we're discussing here, well, not me), they ran the staking consensus layer on mainnet, with real funds in "standalone" mode for ~20 months before it became the primary mechanism. not that Monero should wait that long, but it gives you an idea.

<chaser> my point is, securing a large-enough malicious stake (>33% to stall finality, >67% to take it over) should be economically infeasible, because 1) finite supply at any moment, 2) liquidity constraints. trying to buy up so many coins should drive the price up exorbitantly, eventually pricing the attempt out. in our case, XMR is already highly illiquid.

<ofrnxmr:xmr.mx> 33% of staked* coins

<chaser> ofrn, exactly

<chaser> there's the nuclear option of forking out malicious stake, which is very much social coordination, but the PoW moral equivalent has already happened multiple times (Cryptonite variant 1 fork, Cryptonite-R fork, RandomX fork). both are last-resort ways for the community to render consensus-producing resources useless when centralization threatens the chain.

<ofrnxmr:xmr.mx> which is probably less than an exchange would be able to stake at any givrn point in time

<chaser> IMHO, in the case of forking out stake, even if the community can't agree if they would ever resort to it in the future, the technical possibility is a very strong deterrent for potential attackers.

<ofrnxmr:xmr.mx> Exchanges can, do, and will stake user deposits. both with permission (staking pools) or without (like tradeogre staking zano)

<ofrnxmr:xmr.mx> I imagine protocols like serai would also become stakers

<ofrnxmr:xmr.mx> i dont think it's safe to assume that the stake will be distributed / not concentrated to 1 or 2 entities

<chaser> yes, my points suppose that that the honest portion of self-custodial XMR holders who are willing to stake outweigh CEX holdings. I'm confident that this is currently the case, otherwise Monero is already a social failure and we shouldn't waste time with bolstering the consensus.

<ofrnxmr:xmr.mx> holders? Sure. 80% of the supply was printed in like 4 years. Active? Thats another question.

<ofrnxmr:xmr.mx> 10% of pre-rct outputs remain unspent, thats probably (i havent checked) close* to 10% of the total supply

<ofrnxmr:xmr.mx> Now, what about the other 90%? Churned, spent, who knows. Its private.

<ofrnxmr:xmr.mx> we do know that a single entity donated 400k to monero twice, and spammed thousands of xmr to the generalfund

<chaser> if Serai were to become a staker, which I don't think it would, simply on the grounds of unnecessary protocol complexity, the only way I can imagine that implemented would be using its own consensus, which should be decentralized enough to not pose a threat (otherwise keeping significant XMR there is a threat to LPs and a reas [... too long, see mrelay.p2pool.observer/e/2f_VkLAKN3BZR1lC ]

<ofrnxmr:xmr.mx> serai is an example. Who's to say it wouldnt be a less friendly operation

<ofrnxmr:xmr.mx> and no, i dont think holders willing to stake outweigh cex holdings. And a TFL has limited stakers

<ofrnxmr:xmr.mx> Its not like "anyone with 0.5xmr can stake"

<chaser> it's very probable XMR whales 1) don't keep it on a CEX, and 2) check in a few times a year to see what is going on with the protocol that secures a significant value of their holdings.

<chaser> they also very probably wouldn't behave in a way that destroys the USD value of their XMR, like LP'ing in a scammy AMM DEX chain, but I admit it's a concern.

<chaser> yes, to avoid DDoS, a staking consensus would have a minimum stake requirement. that's not an issue. the power law distribution applies here.

<ofrnxmr:xmr.mx> @chaser: If you can loan your xmr out on kucoin (for margin), and now earn extra from staking, why wouldnt you?. There are a lot of people who only check in every few years

<ofrnxmr:xmr.mx> usually people who have big bags that they bought at low prices, checking in during bull markets, so they can sell some

<chaser> @ofrnxmr:xmr.mx: I already told you. if I'm a large holder, I'm sensitive to the USD valuation of my XMR, so I pay attention to ecosystem news, like a protocol change where leaving my XMR on Kucoin could lead to XMR losing value (my bag) and potentially losing my XMR (be that in-protocol automatic slashing, or getting forked [... too long, see mrelay.p2pool.observer/e/jfuNlrAKY19DdUJX ]

<ofrnxmr:xmr.mx> Sounds idealistic instead of realistic

<ofrnxmr:xmr.mx> Allowing people to borrow your coins is an incentive to loan them out. It doesnt hurt your valuation to earn 10% by loaning your coins out to traders who provide liquidity on orderbooks.

<ofrnxmr:xmr.mx> There are whole services for taking loans against your crypto as well. investors dont care about "xmr", they care about earnings. Pooled staking and margin loans dont hurt that bottom line

<ofrnxmr:xmr.mx> And pooled staking is more of an attraction for people who otherwise dont qualify for the staking minimums.

<monerobull:matrix.org> Imagine spending 2 billion dollars pumping monero up and then you just get forked out. GGs, thanks for the tax money Mr nation state > <@chaser> IMHO, in the case of forking out stake, even if the community can't agree if they would ever resort to it in the future, the technical possibility is a very strong deterrent for potential attackers.

<monerobull:matrix.org> Some with 1 xmr has more xmr than most CEXs > <@ofrnxmr:xmr.mx> and no, i dont think holders willing to stake outweigh cex holdings. And a TFL has limited stakers

<antilt:we2.ee> @unt0ld:matrix.org: Example (checkpoints): arxiv.org/abs/1710.09437, eth2book.info/capella/part2/consensus/lmd_ghost

<monerobull:matrix.org> sech1: once you have enough compute, you can nuke the chain forever on government contracts

<monerobull:matrix.org> amazons cost to mine on older hardware is super low, especially if they get contracted by the feds to do so

<monerobull:matrix.org> they already spent 650k on a chainalysis contract that didnt really produce anything

<monerobull:matrix.org> that money could EASILY be used to contract amazon to erase 3-5 days of monero history to permanently damage trust in the chain

<monerobull:matrix.org> multi-month erasure for a few million

<monerobull:matrix.org> extremely cheap if you really think about it

<monerobull:matrix.org> attacking PoS requires a massive up-front investment and pumps Monero, which puts tons of eyes on it

<monerobull:matrix.org> the PoS-Attack pump would attract fomo-buyers which just makes it even more expensive

<spirobel:kernal.eu> also consider that its just a denial of service. if they try to double spend, even if they have most of the stake it can just be forked and slashed. its not like their shenanigans will be unnoticed by market participants.

<antilt:we2.ee> for Eth style extreme slashing to be effective, best to assume a startup phase with 67% honest validators. Can we expect that ?

<spirobel:kernal.eu> the problem with pos is that the stake requirements are picked arbitrarily high. higher stake percentages of total market cap and in terms of individual nodes does not necessarily increase security. Especially if it is a result of nominal inflation that is gifted to stakers. Weird second layer concepts like "liquid staking" g [... too long, see mrelay.p2pool.observer/e/6oeHnbAKY2hrZWQt ]

<spirobel:kernal.eu> the question is: how many market participants can the attacker fool for long enough that a certain alternative chain where he double spent is reality? the issue with eth is that the whole system is overcomplicated and most people dont run their own nodes and just trust what ever is preset in their wallet.

<spirobel:kernal.eu> complex slashing systems and liquid staking just make the system harder to reason about. The complexity also comes with the side effect of making bugs and subtle differences between implementations more likely.

<monerobull:matrix.org> last time i looked into eth staking the node would have cost $80k in stake and 800 in gas fees

<monerobull:matrix.org> you also need to do shit like setting up a mev block builder

<monerobull:matrix.org> because otherwise you are missing out on large percentages of the APY

<monerobull:matrix.org> dont have that in monero

<antilt:we2.ee> Another turn: am I the only one who is into recursive reputation systems eg eigentrust ? Too complex to get the idea across ? Basically all these resilient systems try to capitalize on a honest (trusted) startup phase - thats the bottom line of my review of ~50 papers on the topic.

<spirobel:kernal.eu> @antilt:we2.ee: : similar to long range attacks in pos you could eclipse a node and feed him the wrong history. no way to get around the fact that you get the software and a trusted by most initial / current state from a trusted source

<spirobel:kernal.eu> once that is accepted it is best to keep the system as simple as possible. most communities treat this like the floor is made of lava though.

<antilt:we2.ee> @spirobel:kernal.eu: monero community may be not there yet. Many think in terms of perfect decentralization/trustlessness /away

<spirobel:kernal.eu> it is time to wake up. better to accept it and build something that is truly decentralized, not just mental gymnastics to pretend it can side step CAP / FLP impossibility.

<jwinterm:matrix.org> this ignores the fact that millions of XMR have been seized by govts over the years already, and will continue to do so, and also that the govt could quietly pressure kraken and other exchanges that hold significant reserves without ever buying a thing > <@monerobull:matrix.org> attacking PoS requires a massive up-front investment and pumps Monero, which puts tons of eyes on it

<unt0ld:matrix.org> I found a solution: Just psyop people into buying Monero. Increases security budget without introducing any new problems.

<unt0ld:matrix.org> Monero $10k EOY.

<kedihacker-5f270858d73408ce4feb2b57:gitter.im> Imagine monetary base jumping kills your net worth 🤣

<ofrnxmr:xmr.mx> Imagine thinking that it takes 2 billion$ to acquire 34% of the stake > <@monerobull:matrix.org> Imagine spending 2 billion dollars pumping monero up and then you just get forked out. GGs, thanks for the tax money Mr nation state

<kedihacker-5f270858d73408ce4feb2b57:gitter.im> Way less with the seizures of monero

<monerobull:matrix.org> @ofrnxmr:xmr.mx: It's a realistic number for moneros size

<ofrnxmr:xmr.mx> Market cap is not a realistic number. Its the number if all coins were sold at the current market price

<monerobull:matrix.org> It's not about marketcap

<hbs:matrix.org> Acquiring a large stake is one way to bias PoS, but another more subtle is pressuring existing validators representing 33+%, this doesn't cost anything to a willing state actor, and given a small validator set it would be rather easy to identify enough of them. > <@monerobull:matrix.org> the PoS-Attack pump would attract fomo-buyers which just makes it even more expensive

<monerobull:matrix.org> It's about the estimated cost

<ofrnxmr:xmr.mx> If you but 500m worth of coins, the price is likely 2x on exchanges, opposite if you sell that much. Unless you're buying OTC (and not staking your botnet, dnm, or seized xmr), its not 2billion

<jack_ma_blabla:matrix.org> @jwinterm:matrix.org: where isthis figure of "Millions of XMR" have been seized coming from ?

<monerobull:matrix.org> @hbs:matrix.org: If our validators are all behind Tor, that's going to be very annoying

<jwinterm:matrix.org> @jack_ma_blabla:matrix.org: my ass

<ofrnxmr:xmr.mx> @jwinterm:matrix.org: Based ass

<monerobull:matrix.org> @ofrnxmr:xmr.mx: 20 million pushed us over 400$

<monerobull:matrix.org> You have no idea how illiquid monero is

<ofrnxmr:xmr.mx> Exactly

<ofrnxmr:xmr.mx> Youre proving my point

<monerobull:matrix.org> What? That PoS would be insanely expensive to attack?

<ofrnxmr:xmr.mx> if monero was highly liquid, id agree that coins were widely distributed

<ofrnxmr:xmr.mx> 34% STAKE is NOT 34% of the supply

<monerobull:matrix.org> Monroe is distributed because it's used

<jwinterm:matrix.org> sourced from govt-aligned LLM:

<jwinterm:matrix.org> > In summary, while the U.S. government has seized an unknown total quantity of Monero from various darknet market operations, the only publicly confirmed figure to date is the 11,993.15882 XMR from the AlphaBay case.

<jwinterm:matrix.org> that is 12k in 2017

<monerobull:matrix.org> @ofrnxmr:xmr.mx: If you assume similar levels of participation as on other pos systems, ~20-30% of the supply would be staked

<jwinterm:matrix.org> dnm adoption of monero accelerated from there

<jwinterm:matrix.org> and there has been probably dozens of markets shutdown since then

<jwinterm:matrix.org> I feel like a million plus or minus by all govts in the 8 years since then is a pretty good guess

<jwinterm:matrix.org> thx ass

<jack_ma_blabla:matrix.org> K and M a huge difference > <@jwinterm:matrix.org> sourced from govt-aligned LLM:

<jwinterm:matrix.org> @jack_ma_blabla:matrix.org: that's one market from 8 years ago...

<ofrnxmr:xmr.mx> @monerobull:matrix.org: So an entity would need 7-10% of supply, and 80% of supply was printed in 4 yrs (jwintem, confirm?) And 10% is still unspend pre-rct inputs

<ofrnxmr:xmr.mx> Widely distributed, my ass

<jwinterm:matrix.org> how many xmr are sitting on kraken rn? a million?

<jack_ma_blabla:matrix.org> @jwinterm:matrix.org: count the number of busts where xmr was recovered

<jwinterm:matrix.org> how much do you expect plebs to stake?

<jwinterm:matrix.org> @jack_ma_blabla:matrix.org: it's undisclosed and therefore ucountable

<monerobull:matrix.org> Staking is not much more complicated than running a node

<jack_ma_blabla:matrix.org> @jwinterm:matrix.org: enough, if there is a incentive ; without incentive we have 12k nodes

<jwinterm:matrix.org> @monerobull:matrix.org: or mining, and no one mines...

<ofrnxmr:xmr.mx> @jwinterm:matrix.org: Theyd have to use staking pools, or stake on a cex, since TFL staking has limoted stakers

<monerobull:matrix.org> @jwinterm:matrix.org: Fuck mining

<monerobull:matrix.org> I'm mining

<monerobull:matrix.org> But my PC can only pull 65 watts

<monerobull:matrix.org> I can't scale it up

<ofrnxmr:xmr.mx> @jack_ma_blabla:matrix.org: We have like 4k nodes. 8k are spy nodes

<jwinterm:matrix.org> anyone in this channel is an ultranerd and therefore not representative of "most people", even most xmr users imo

<jack_ma_blabla:matrix.org> @ofrnxmr:xmr.mx: 4k connectable ? there are plenty behind nat and not active 24/7

<ofrnxmr:xmr.mx> @jack_ma_blabla:matrix.org: Right. More like 1.5k LOL

<monerobull:matrix.org> The fact is that the people just don't have nearly enough compute compared to the data centers

<monerobull:matrix.org> It's easier for individuals to add 1k$ of network security via staking than mining

<ofrnxmr:xmr.mx> Old report has 80% of monero neteork traffic handled by 10% of the network, "super nodes"

<jack_ma_blabla:matrix.org> @jwinterm:matrix.org: yes but you are representative

<ofrnxmr:xmr.mx> @monerobull:matrix.org: No it isnt

<monerobull:matrix.org> It definitely is

<jwinterm:matrix.org> @jack_ma_blabla:matrix.org: neigh weigh jose

<jack_ma_blabla:matrix.org> @ofrnxmr:xmr.mx: remote nodes ?

<ofrnxmr:xmr.mx> @jack_ma_blabla:matrix.org: What?

<monerobull:matrix.org> Me as a hardcore monero supporter can be out hashed for pennies

<ofrnxmr:xmr.mx> @monerobull:matrix.org: Bro, are you not keeping up?

<ofrnxmr:xmr.mx> TFL is not "staking for everybody"

<jack_ma_blabla:matrix.org> @ofrnxmr:xmr.mx: super nodes are those public nodes like cake ?

<ofrnxmr:xmr.mx> eth is a 32 eth minimum. You need 110k to become a validator

<monerobull:matrix.org> Staking adds security asymmetricly

<ofrnxmr:xmr.mx> @jack_ma_blabla:matrix.org: No, they {were} nodes that serve >1000 connections

<monerobull:matrix.org> @ofrnxmr:xmr.mx: How many times is monero smaller than eth

<jwinterm:matrix.org> > As of 2025, centralized exchanges (CEXs) account for 24.0% of all staked ETH, representing 8.13 million ETH.

<ofrnxmr:xmr.mx> @monerobull:matrix.org: monero staking is intended to be like 100 validators

<monerobull:matrix.org> Bullshit

<ofrnxmr:xmr.mx> Thats not you. Your little bag aint worth 1 piconero

<monerobull:matrix.org> Serai can do 150 per network already

<jack_ma_blabla:matrix.org> everyone with enough xmr, for example 16xmr is not a huge amount > <@ofrnxmr:xmr.mx> TFL is not "staking for everybody"

<ofrnxmr:xmr.mx> @jack_ma_blabla:matrix.org: Again wrong. Its not intended to scale to 1000+ users

<monerobull:matrix.org> Who says thay

<ofrnxmr:xmr.mx> kayaba

<jack_ma_blabla:matrix.org> @ofrnxmr:xmr.mx: why so ?

<monerobull:matrix.org> Kayba said 109 validators?

<monerobull:matrix.org> When serai can do 150?

<jwinterm:matrix.org> serai doesn't exist afaik...but kind of beside the point imo, people are lazy and most people leave coins on exchanges, especially when the exchange offers to stake for them and take a small cut of their stake rewards

<jwinterm:matrix.org> which leads to the govt being able to just pressure regulated exchanges to control the network

<monerobull:matrix.org> Monero has barely any exchanges anymore

<kedihacker-5f270858d73408ce4feb2b57:gitter.im> You can buy it overtime and with other sources( staking and seizures) > <@ofrnxmr:xmr.mx> If you but 500m worth of coins, the price is likely 2x on exchanges, opposite if you sell that much. Unless you're buying OTC (and not staking your botnet, dnm, or seized xmr), its not 2billion

<jwinterm:matrix.org> which makes it even more of an issue

<jack_ma_blabla:matrix.org> @jwinterm:matrix.org: wont they be slashes if they do anything funny ?

<ofrnxmr:xmr.mx> All pleb stake goes straight to kucoin + kraken

<jack_ma_blabla:matrix.org> @ofrnxmr:xmr.mx: easist way to buy xmr

<jwinterm:matrix.org> how do you slash the slasher?

<monerobull:matrix.org> @jack_ma_blabla:matrix.org: Haveno

<jack_ma_blabla:matrix.org> @monerobull:matrix.org: not easy as a cex

<ofrnxmr:xmr.mx> @monerobull:matrix.org: Thats just plain false

<monerobull:matrix.org> Definitely is

<ofrnxmr:xmr.mx> Definitely is not

<p-q:matrix.org> @jack_ma_blabla:matrix.org: not easy as mining

<monerobull:matrix.org> Way easier to set up haveno than registering a KYC cex account

<jack_ma_blabla:matrix.org> @jwinterm:matrix.org: that will be answered by the book

<monerobull:matrix.org> @p-q:matrix.org: Nobody mines because you get 3 cents per day

<jwinterm:matrix.org> color me skeptical

<jack_ma_blabla:matrix.org> @monerobull:matrix.org: its easier for plebs to open a kyc acc

<monerobull:matrix.org> Barely anyone invests in monero like that

<monerobull:matrix.org> Monero is not a pleb coin

<monerobull:matrix.org> Most plebs who use it use it to buy drugs

<ofrnxmr:xmr.mx> Barely anyone in THE MONERO MATRIX COMMUNITY

<monerobull:matrix.org> Not to make 1.5% apy

<ofrnxmr:xmr.mx> Get out of your bubble for 13seconds

<jack_ma_blabla:matrix.org> no incentive to invest > <@monerobull:matrix.org> Barely anyone invests in monero like that

<ofrnxmr:xmr.mx> We, the community, produce like 100tx/day

<ofrnxmr:xmr.mx> There are another 29900 txs that arent us

<monerobull:matrix.org> Historically Monero is a shit investment

<monerobull:matrix.org> Id rather buy eth for number go up

<ofrnxmr:xmr.mx> @monerobull:matrix.org: Thats also false

<jack_ma_blabla:matrix.org> @ofrnxmr:xmr.mx: i spam the rest 29000 for it to look active

<monerobull:matrix.org> @ofrnxmr:xmr.mx: Tell that to my eth I sold for monero

<jack_ma_blabla:matrix.org> @monerobull:matrix.org: since randomx

<ofrnxmr:xmr.mx> @jack_ma_blabla:matrix.org: at least 5k of those are some service that only sends txs every other day

<monerobull:matrix.org> I believe without PoS we will sooner rather than later get hit with a multi day reorg

<monerobull:matrix.org> It's not even that expensive

<monerobull:matrix.org> You could probably make profit by shorting at the same time

<monerobull:matrix.org> And double spending

<jack_ma_blabla:matrix.org> we are just waiting for it > <@monerobull:matrix.org> I believe without PoS we will sooner rather than later get hit with a multi day reorg

<jack_ma_blabla:matrix.org> @monerobull:matrix.org: not enough oi to make profit

<monerobull:matrix.org> Especially once serai is live

<monerobull:matrix.org> A multi day reorg could be very profitable

<monerobull:matrix.org> Fuck I didn't even consider that

<monerobull:matrix.org> Serai will make it more likely to happen

<ofrnxmr:xmr.mx> Can you go 24hrs without glazing serai

<jwinterm:matrix.org> 4.1M xmr seized by govts prove me wrong pastebin.com/yHc0dpLi

<jack_ma_blabla:matrix.org> serai will not launch or with 720 block conf > <@monerobull:matrix.org> Especially once serai is live

<monerobull:matrix.org> @ofrnxmr:xmr.mx: "serai will create a doublespend Honeypot that makes a 51% attack profitable" -ofrn cAn yOu stOp gLaZinG

<ofrnxmr:xmr.mx> Thats 3 serais in 5mins, can we go for 4?

<ofrnxmr:xmr.mx> 3mins*

<monerobull:matrix.org> Strawman

<ofrnxmr:xmr.mx> im not using serai glazing as a counter arguement

<monerobull:matrix.org> You're completely derailing the discussion with petty insults

<ofrnxmr:xmr.mx> This discussion has been derailed for hours

<basses:matrix.org> PoS = cfb won

<monerobull:matrix.org> Cfb could have already successfully double-spend

<monerobull:matrix.org> The data center risk is so much higher than the theoretical case of the feds holding a ton of monero for some reason

<unt0ld:matrix.org> Guys, if you can't mine and want to secure Monero with a stake, I just found out Monero actually already has a superior version of PoS that does not have any of its problems... It's called buying the coin. (which raises the price, which raises the miner reward, which raises the hash rate)

<monerobull:matrix.org> Doesn't change the fact that globally Amazon and Google have more compute than all individuals combined

<jwinterm:matrix.org> @monerobull:matrix.org: this is a false dichotomy

<monerobull:matrix.org> Which is really the core issue with PoW

<ofrnxmr:xmr.mx> @monerobull:matrix.org: so switch to zano

I really need to add colors to the nicks :D

<monerobull:matrix.org> @monerobull:matrix.org: A single rack probably has 100x more compute than everyone talking here rn

<monerobull:matrix.org> @ofrnxmr:xmr.mx: Scam

<unt0ld:matrix.org> Having more than 3 data center providers mine 50% of Monero is already better decentralization than Bircoin BTW.

<monerobull:matrix.org> They would mine a secret chain and just nuke us one day

<monerobull:matrix.org> Nobody would be aware until it's already too late

<monerobull:matrix.org> If we lose Monero because we cling to an insecure consensus mechanism that would be such a tremendous shame. We already lost what Bitcoin could have been.

<jwinterm:matrix.org> PoS seems much more insecure than dedicated hardware based PoW, considering govts have seized approx millions of XMR and they could easily apply pressure to large exchanges which also hold tons of XMR (and plebs have proven they prefer to leave coins on exchanges to "secure the network" when PoS is involved)

<jwinterm:matrix.org> when is the last time doge or btc was attacked in this manner? basically never

<ct:xmr.mx> monerobull needs to rebrand as monerobear 😭 can keep the mb initials still

<jwinterm:matrix.org> cfb can't even manage to attack ztrash

<monerobull:matrix.org> Yeah, I am literally so bearish

<monerobull:matrix.org> Even though everything aside from PoW is mega bullish

<monerobull:matrix.org> But it doesn't matter if you have serai and fcmp and all that stuff coming if the chain could be voided

<monerobull:matrix.org> Cfb mining 20 blocks in a row is what made me realize RandomX can't be it

<monerobull:matrix.org> The first time our consensus mechanism is attacked and it immediately folds

<monerobull:matrix.org> Great 👍

<monerobull:matrix.org> The community response doesn't even register on the total nethash

<ofrnxmr:xmr.mx> what abt when bitmain had 90%

<monerobull:matrix.org> Because individuals just don't have that much compute

<monerobull:matrix.org> @ofrnxmr:xmr.mx: Right now Amazon and Google have 99%

<ofrnxmr:xmr.mx> @monerobull:matrix.org: whould woulda thought that renting hashrate that is already mining monero, wouldnt increase the hashrate

<monerobull:matrix.org> You'd think that all the people jumping on gupax to help ward off a pre-announced, direct attack would be noticeable

<ofrnxmr:xmr.mx> No you wouldnt

<ofrnxmr:xmr.mx> Simple math

<monerobull:matrix.org> You'd think it would "activate sleeper agents" who care about monero but don't mine because it's not profitable

<monerobull:matrix.org> But even if it did, it doesn't even make a dent

<ofrnxmr:xmr.mx> what movie are we watching

<ofrnxmr:xmr.mx> This convo isnt remotely research related

<monerobull:matrix.org> The facts are qubic mined 20 blocks in a row

<ofrnxmr:xmr.mx> no they didnt

<monerobull:matrix.org> They literally did

<monero.arbo:matrix.org> 10,000 people giving 10 kilohash each would only be 100 MH, under 2% of the current hashrate total

<ofrnxmr:xmr.mx> They mined + orphaned enough blocks to commit 20 in a row

<ofrnxmr:xmr.mx> They didnt mine 20 in a row

<monerobull:matrix.org> Holy semantics

<ct:xmr.mx> true, last 24h backlock is 95% offtopic > <@ofrnxmr:xmr.mx> This convo isnt remotely research related

<monerobull:matrix.org> The chain has 20 blocks in a row, all by qubic

<monerobull:matrix.org> That's what matters

<monero.arbo:matrix.org> that doesn't actually matter so much is selfish mining mititagtion is successful, because they don't have the hashrate to do that honestly

<monerobull:matrix.org> They already did do it?

<monero.arbo:matrix.org> ok? the chain is still working. you're acting like the sky has already fallen

<ct:xmr.mx> if I had 10MH I could flip on at any time, but I would loose money because power costs more then coins I get, what would be the best time to switch it on to defend the network?

<ct:xmr.mx> while qubic hash rate skyrockets?

<monerobull:matrix.org> At night when qubic announced a marathon

there is no announcing

the marathons come at times set in code

regularly.

<ofrnxmr:xmr.mx> If you switch on 24hrs before the attack, you can raise the difficulty.

<ofrnxmr:xmr.mx> if you switch on during the attack, you may be able to help create a longer chain especially if you are successful in selfish mining an extra block (and ignoring the reorg)

<monerobull:matrix.org> @monero.arbo:matrix.org: I wouldn't be so concerned if not for the fact that we literally can't protect against it if Amazon decides to attack

<monerobull:matrix.org> And we wouldn't even be aware they even are attacking

<ct:xmr.mx> or would it help more to raise the long term average by mining prior for a bit longer (lower total hash rate = more coins = not as expensive to mine)

<unt0ld:matrix.org> Amazon and Google do not own anything close to 99% of compute. They're like 25-30 each at best. There is Azure, there is Alibaba or whatever the chinese cloud is (you bet they would be mining with plausible deniability even though mining is banned in China), there is Hetzner and OVH in Europe... etc. > <@monerobull:matrix.org> Right now Amazon and Google have 99%

<monerobull:matrix.org> Trust in monero could be destroyed in a single block

<monerobull:matrix.org> @unt0ld:matrix.org: Google has more than Amazon and Microsoft combined

<ofrnxmr:xmr.mx> #monero:monero.social please

<monero.arbo:matrix.org> that's been true, not a new development by any means. that was probably true when RandomX was deployed > <@monerobull:matrix.org> I wouldn't be so concerned if not for the fact that we literally can't protect against it if Amazon decides to attack

<monerobull:matrix.org> Compared to our network they have total dominance

<monero.arbo:matrix.org> using commodity hardware like CPU already implies your miners will be dwarfed by non-miners

<monerobull:matrix.org> @ct:xmr.mx: Burst helps the most against a burst attack

<ofrnxmr:xmr.mx> @monerobull:matrix.org: How do you figure?

<monero.arbo:matrix.org> immediately speaking energy would best be used getting mining pools to coordinate on detective mining

<ct:xmr.mx> wasnt asking you mb

How about tweaking the mining algo to favor ARM devices while at the same time keeping the RAM requirement? It could be the most decentralized PoW. Billions of phones would mine. Or a multi-pow: 50% same old RandomX, 50% tweaked RandomX favoring ARM. Is there anything in the ARM architecture that can be taken advantage of to implement this idea?

<monerobull:matrix.org> @ofrnxmr:xmr.mx: Attackers who just want profit don't want to spend hundreds of thousands for sustained majority

<monerobull:matrix.org> They rent a ton of short term hash for tens of thousands, attack and leave

<monero.arbo:matrix.org> user000: nobody wants to melt their phone to mine Monero. phones have terrible thermal synamics

<monero.arbo:matrix.org> dynamics

<monerobull:matrix.org> @monerobull:matrix.org: I agree that pow still works against these kinds of threats in the long term

<monerobull:matrix.org> A 3 hour reorg won't destroy monero

user000: datacenter ARM cores are going up and have extreme amount of cores and ram

<monerobull:matrix.org> But if someone really wants to destroy it, they can.

they are even more out of hands of people

<monerobull:matrix.org> How about riscv

<monero.arbo:matrix.org> economically speaking, it's on receivers to wait until enough PoW has been accumulated e.g. you'd want to wait a full 24 hours to confirm 100k in XMR. If you let $1000 worth of poW confirm your $100k transaction, that's on you

<monerobull:matrix.org> I'm not worried about short term doublespends

<unt0ld:matrix.org> data center ARM would completely mog phones. actual solutions: 1. increase price 2. increase miner rewards

<monerobull:matrix.org> I'm worried about a months long reorg

> months long reorg

<monerobull:matrix.org> Maybe checkpoints can prevent that

that is already done with regular releases and checkpoints

<unt0ld:matrix.org> increase fees

<monero.arbo:matrix.org> @ct:xmr.mx: somebody wanted to use like USB sha256 ASICs or something to supplement RandomX but I think that was tabled for various reasons

<monerobull:matrix.org> That makes me slightly less worried

<kayabanerve:matrix.org> For Monero, I'd hope to target hundreds, more ~500 : :

<monerobull:matrix.org> See ofrn

<captaincanaryllc:matrix.org> has there been serious discussion about fee increases? I'm all for it as a simple countermeasure

<monerobull:matrix.org> Won't help

<unt0ld:matrix.org> long reorgs are prevented by DNS checkpointing if you want an immediate solution. i don't even think it's even that centralized if there are enough domains. it's like a social finality layer of something. no need to overcomplicate in short term imo

<monerobull:matrix.org> Fees make up a tiny fraction of the block rewards

<ofrnxmr:xmr.mx> @monerobull:matrix.org: See what?

<kayabanerve:matrix.org> Separately, thanks : for your twitter replies I was pinged on calling that bs

<kayabanerve:matrix.org> Separately, I agree this conversation isn't really research. It's eternal debate on if PoW or PoS would actually be better.

<monerobull:matrix.org> Oof ok

<monerobull:matrix.org> So that would be ~11k xmr per staker

<monerobull:matrix.org> That is a lot higher than I would have imagined

<kayabanerve:matrix.org> My opinion is even if Qubic hasn't themselves 'broken' PoW, though I believe they could have done a 10+ block reorg, they've demonstrated it is breakable if not broken. I believe a PoS layer is far less likely to be broken, but we could get a PoS layer and it could immediately be broken.

<kayabanerve:matrix.org> My personal goal for now is to not fundamentally conclude PoS is off the table, and to do research on a finality layer to best explain the topic and step us forward _if_ we were to adopt it.

<monerobull:matrix.org> Slightly below 10k xmr if we assume 10% is lost

<kayabanerve:matrix.org> @monerobull:matrix.org: How did we get here?

<monerobull:matrix.org> Assuming 30% of float is staked

<monerobull:matrix.org> Split that across 500

<kayabanerve:matrix.org> If we have 1.4b USD of stake?

<monerobull:matrix.org> Roughly

<kayabanerve:matrix.org> Eh. It gets better when you consider one validator could have multiple stakes, and when you consider cutting off everyone below X.

<monero.arbo:matrix.org> @captaincanaryllc:matrix.org: Fees make up average of 1.2% of block reward, so 10x fees would make effective block reward more like 0.72 XMR instead of 0.6

<monerobull:matrix.org> @kayabanerve:matrix.org: Makes sense

<monerobull:matrix.org> It would be vastly higher than eth in any case

<monerobull:matrix.org> To be fair, eth staking is in direct competition with all the other ways you can make money on eth

<monerobull:matrix.org> So there will be less staking demand on eth than monero

<monero.arbo:matrix.org> ETH also has the advantage of having options like Rocketpool which I don't think Monero has the capabilities to support

<monerobull:matrix.org> We could probably build a custom solution into the protocol

<monerobull:matrix.org> Thorchain has one

<monerobull:matrix.org> Although that again just adds complexity

<monero.arbo:matrix.org> @unt0ld:matrix.org: it won't solve anything but it's not bad imo.... potential issue is while ~10 cent fees may make sense now, if XMR were 10k it'd be more like $3

<monero.arbo:matrix.org> although if XMR were 10k I guess you'd expect dynamic blocks + fee algo to kick in

<kayabanerve:matrix.org> The work of FCMP++ already separates membership from ownership. Support of delegating whole stakes would be trivial and inherent to the concept of security (don't require the private Monero spend keys be hosted by an always-online node).

<monerobull:matrix.org> We get a fee increase with fcmp right

<kayabanerve:matrix.org> For partial stakes, transaction chaining and multisig may be sufficient.

<unt0ld:matrix.org> Monero mining budget has just been too pathetic. Sorry it's true. I know so many potential miners forgo mining Monero.

<kayabanerve:matrix.org> Depends on the changes made to fees

<ofrnxmr:xmr.mx> @monerobull:matrix.org: depends whether you mean per tx or per byte

<ofrnxmr:xmr.mx> In either case, "maybe, maybe not"

<unt0ld:matrix.org> Even increasing fees is useful, but cope. I hate the anti-moonboy and not caring about the price culture because the price is absolutely crucial for the security.

<unt0ld:matrix.org> PoW PoS doesn't matter.

<monero.arbo:matrix.org> I don't think that's why XMR price is suppressed

then all some entity has to do to attack the coin is to short it :)

it doesn't matter if it's like 1% that is liquid if that's what's used to print a "price" somewhere in a tracker

<unt0ld:matrix.org> Central banks, finance regulation NGOs, and academics literally wrote paper specifically singling Monero as a threat and proposing price suppression and obscurity as attack measures. And then Monero people play right in their hands and say "we don't care about price". Well, you should.

<monero.arbo:matrix.org> I mean I agree but caring about price isn't going to get us a Coinbase listing, you know

<monero.arbo:matrix.org> what's your actual proposal

<unt0ld:matrix.org> You don't need listings. Liquidity being so low is also an advantage to pump the price.

<monero.arbo:matrix.org> although for what it's worth increasing the price won't change the fact that we have 0.8% inflation which means security budget relative to network size will stay small at any price

<spirobel:kernal.eu> @jwinterm:matrix.org: @jwinterm:matrix.org: how so? they seize the coins and then what?if they do this a monero fork appears where the gov coins are slashed to 0. the old chain loses value rapidly as the liquidity moves to the new one. I dont understand why this is still not clicking with people. The government can also j [... too long, see mrelay.p2pool.observer/e/3M7xpLAKX1NOT1FB ]

<ct:xmr.mx> @unt0ld:matrix.org: people say it to differentiate us from the gambling crypto culture, which is universally hated by normies

<spirobel:kernal.eu> @unt0ld:matrix.org: tbh both pro and anti moonboy is cringe. price talk is reflexive on the way up and on the way down. it does not really solve anything. it is just noise in the background > <@unt0ld:matrix.org> Even increasing fees is useful, but cope. I hate the anti-moonboy and not caring about the price culture because the price is absolutely crucial for the security.

<spirobel:kernal.eu> water under a bridge

<spirobel:kernal.eu> and even the meta debate about it is just noise

<unt0ld:matrix.org> I kinda agree. There just need to be culture shift to recognize hoarding monero as a means of securing it.

<unt0ld:matrix.org> Too much "oh I will just swap to monero and spend it, don't need to keep it" mentality.

<ofrnxmr:xmr.mx> Adoption > hoarding

<unt0ld:matrix.org> Solution: Narrative of Monero as a better than Swiss bank account. That's an adoption.

<ofrnxmr:xmr.mx> .. but this is casual #monero:monero.social discussion

<monero.arbo:matrix.org> @unt0ld:matrix.org: actually true, been saying this for awhile

<spirobel:kernal.eu> the narrative needs to make sense. The issue if you have a bunch of overinvested tweakers is that the thing self regulates. they will look overeager and there will be drama on twitter and that will lead to less new people after a while

<spirobel:kernal.eu> I am not against it. Its most likely a distraction though and better to focus on fundamentals

belief is the wound that knowledge heals

I used to believe that. Then the knowledge that people tend to disregard knowledge contrary to their beliefs cured that wound.

Now, I... oh wait.

(a nice way to put it btw)

<monero.arbo:matrix.org> I can't think of a reason Coinbase wouldn't list XMR at least in the US at this point. it unironically might be worth pursuing. Kraken gets away with it and nobody in power in the US gives a shit about regulating crypto anymore. Gemini even supports shielded Zcash withdrawals

<unt0ld:matrix.org> If Monero starts to get some real weight behind it, you may discover things move and turn out that a lot of the anti-monero is just "precautionary" smoke. Monero is a threat to a significant part of the system, yes, but a lot of anti-monero is just smoke with no teeth behind it.

<monerobull:matrix.org> the cheapest fud you can get away with to keep it out of the public's consciousness

<jwinterm:matrix.org> > <@spirobel:kernal.eu> @jwinterm:matrix.org: how so? they seize the coins and then what?if they do this a monero fork appears where the gov coins are slashed to 0. the old chain loses value rapidly as the liquidity moves to the new one. I dont understand why this is still not clicking with people. The government can also [... too long, see mrelay.p2pool.observer/e/0-WuprAKX1BJb0ts ]

<jwinterm:matrix.org> Repeatedly hardforking on short notice is impossible for decentralized network, this would kill it imo

<jwinterm:matrix.org> And if they're seizing coins and applying pressure to a few exchanges you may not even know

<jwinterm:matrix.org> It's not at all the same as seizing legal hardware and then expending constant energy to run it imo

<monerobull:matrix.org> @jwinterm:matrix.org: you would always know

<monerobull:matrix.org> you cant exactly censor specific transactions in monero

<monerobull:matrix.org> so if you are going for a minority stake attack all you can do is stall out block production

<monerobull:matrix.org> which is of course immediately noticed by everyone

qubic has started mining selfishly and including spam transactions

as last time if anyone wants to monitor if they are on any active big reorgs, you can check qubic-snooper.p2pool.observer/tips.txt (refreshes automatically)

<jwinterm:matrix.org> @monerobull:matrix.org: Not exactly, but at least for now you can approximately

<spirobel:kernal.eu> > <@jwinterm:matrix.org> Repeatedly hardforking on short notice is impossible for decentralized network, this would kill it imo

<spirobel:kernal.eu> @jwinterm:matrix.org: if there is no ambiguity around what the right chain is, it is not an issue. Both Eth and sol had downtimes. More stake would not have prevented these down times. At the same time bitcoin had down times as well. The chain even had to be reverted in 2010

<spirobel:kernal.eu> On August 15 2010, it was discovered that block 74638 contained a transaction that created 184,467,440,737.09551616 bitcoins for three different addresses.[1][2][3] Two addresses received 92.2 billion bitcoins each, and whoever solved the block got an extra 0.01 BTC that did not exist prior to the transaction. This was possibl [... too long, see mrelay.p2pool.observer/e/w8fop7AKbzExYXl5 ]

<spirobel:kernal.eu> so the goal should be to make the protocol as simple as possible to make these kinds of bugs unlikely and quick to detect and recover from

<monerobull:matrix.org> @jwinterm:matrix.org: Fcmp

<spirobel:kernal.eu> @jwinterm:matrix.org: regarding seizing stake vs seizing legal hardware: yes its not the same. One can be counteracted with the stroke of a fork. The other can't.

If you're quick enough and the seizing party does not have body armor, it can be counteracted with the stroke of a fo<rk.

<spirobel:kernal.eu> maybe it will work in minecraft or in townforge

<spirobel:kernal.eu> but IRL fork stroking against the government to protect proof of work is most likely ill advised

even with the typo it was clear

any update on the dns checkpointing?

<spirobel:kernal.eu> the more interesting question in pos land: is the community willing to entertain the idea that there will be down times eventually. Eth seems to be more conservative on this while sol tip toes into this more openly

<unt0ld:matrix.org> DNS checkpoint questions:

<unt0ld:matrix.org> 1. Is it going to be enabled by default in the next version?

<unt0ld:matrix.org> 2. How are you going to prevent chain splits between nodes that have it enabled and not?

<unt0ld:matrix.org> I suppose the solution is to make sure the top pool operators enable it so the checkpointed chain always wins.[... more lines follow, see mrelay.p2pool.observer/e/z7bNqrAKaFVZN0Z4 ]

<ofrnxmr:xmr.mx> 1. No

<ofrnxmr:xmr.mx> 2. The longest chain wins. Non-enabled nodes will reorg back to the checkpointed chain, providing that the checkpointed chain has majority hash and is ahead of attacking chain

<ofrnxmr:xmr.mx> 3. Yes

<ofrnxmr:xmr.mx> 4. Yes

I thought that it would be enabled with opt out as an option

nioc: i know that jeffro at least is strongly against it

if it only requires the big pools who dont like their blocks being orphaned to use it and exchanges/monero accepting services then it wouldn't have to be opt out. as DataHoarder mentioned today "that is already done with regular releases and checkpoints" reg "months long reorgs" so the checkpoints updated here are neither opt in or out, they just

are? im not sure

yeah, but those release checkpoints are in the deep past

not close to active / fresh tip

I see them being opt-out now, but not long term (once time has been put in removing the bandaid)

if bandaid is not applied across all major wounds it won't do much

<ofrnxmr:xmr.mx> plowsof: Yes @plow

<ofrnxmr:xmr.mx> i'm not sure if you can opt-out of harscoded checkpoints for reorg depth. --fast-block-sync=0 opts out for block sync, but idk if it also works for reorgs

<rucknium> I'll write a monero-project/monero issue about DNS rolling checkpoints. Does that sound good? It will contain pros & cons and a tentative TODO list. Or does someone else want to do it?

<rucknium> Does the domain registrar (Gandi) sign DNSSEC records or does the domain owner, i.e. Monero core team, sign the DNSSEC records? Wondering what someone could do if the domains were seized.

pls dont forget the Proof Of DNS comment libera.monerologs.net/monero-research-lounge/20250829#c576611

<ofrnxmr:xmr.mx> Idk anything about dns, but iirc they are signed by domain owner team

<ofrnxmr:xmr.mx> I think the main struggle right now is deciding on the best way to update the checkpoints. I'll attack again in a few mins to see if i can get to another broken state

<rucknium> Gandi's lowest TTL is 5 minutes: docs.gandi.net/en/domain_names/faq/….html#what-is-the-minimum-ttl-value

<rucknium> I'm using a TTL of 5 minutes for the TXT records now.

<br-m> <rucknium> Does the domain registrar (Gandi) sign DNSSEC records or does the domain owner, i.e. Monero core team, sign the DNSSEC records? Wondering what someone could do if the domains were seized.

at the moment is gandi

but you could delegate the subdomain to your own records

doesn't matter much as root could swap DNSSEC keys if seized

and update records

DNSSEC as it is nowadays protects against active mitm

<rucknium> A smart way to do it, which would require node code changes, it to sign with someone's PGP key that cannot be seized. Then the node checks for the PGP sig.

<ravfx:xmr.mx> For DNSSEC, It's better to have our own DNS servers.

<ravfx:xmr.mx> As many registar managed DNS, you get the issues on where the registar make the keys and the DNS records (they can still change your entry and DNSSEC will be bypassed).

<ravfx:xmr.mx> monerod could use Monero DNS servers by itself instead of using system configured DNS.

I believe the signing of the DNS data with a different key is intentional. Get hold of one key and you not have enough to subvert everything. DNS zone for, er, update hashes on DNS. GPG for binaries. I seem to recall there was a third thing somewhere too. Pony would know details of the setup.

I suppose checkpoints aren't in the way though.

<ravfx:xmr.mx> We can use many DNS servers, like one managed per "really trusted" people, monerod could have a list of them and check many to prevent a malicious change

22:36:19 <br-m> <rucknium> A smart way to do it, which would require node code changes, it to sign with someone's PGP key that cannot be seized. Then the node checks for the PGP sig.

that's quite heavy on TXT records :D

DNSSEC already is heavy unless you use ECDSA ones or Ed25519 (with lackluster support on resolvers when I tested it, 50% or so)

maybe adding one Ed25519 key is fine

no need to have GPG verification within monero daemon then :)

<unt0ld:matrix.org> authoritative name servers for all the monero pulse domains seems to be cloudflare. make sure to spread the domains to different servers.

you can have split nameservers for the subdomain in question too

<ofrnxmr:xmr.mx> @rucknium: They update faster than 5mins afaict

<ofrnxmr:xmr.mx> But probably a good idea for the uodate frequency to be lower than the check frequency (?)

<gingeropolous> i think all qubic has does is verify a known flaw of PoW. Its not new. Its not novel.

<gingeropolous> someone just decided to dump a lot of resources into the effort in the hopes of profit

<karakter:envs.net> @gingeropolous: It's true, but, nobody cared enough until it happened

it's indeed not novel

<preland> I agree; let’s just increase the recommended confirmation time to 20, then 30, then 100, then 720

<preland> And when Wubic gets 51% and basically shuts down Monero 50% of the time (which is exactly what they will do), we will just alter our design.

<preland> After all, if Monero is just a gigantic mixer for criminals with no use case outside that…..who cares if it is down 50% of the time?

<ofrnxmr:xmr.mx> @preland: Can you fk off

<preland> @ofrnxmr:xmr.mx: Fine.

<ofrnxmr:xmr.mx> leave the trolling to the troll-tolerant rooms

<lordx3nu:matrix.org> qubic is ahead 7 blocks

<ofrnxmr:xmr.mx> Where do you see that>

<ofrnxmr:xmr.mx> The snooper appears to be unreachale @datahoarder

<ofrnxmr:xmr.mx> nvm, finallt loaded

<ofrnxmr:xmr.mx> @lordx3nu:matrix.org: only a 2 block reorg at this time

oh, they are trying to make a nice one

+11, they could do 10 here

usually their strat if they are ahead is wait until monero is at 9 blocks possible, then release

<ofrnxmr:xmr.mx> @rucknium:monero.social i think i know how the checkpoints broke

<ofrnxmr:xmr.mx> 1. Your node created checkpoint 106

<ofrnxmr:xmr.mx> 2. Your node did not check for the new checkpoint yet

<ofrnxmr:xmr.mx> 3. My node did not check for the new checkpoint yet[... more lines follow, see mrelay.p2pool.observer/e/263CtrAKYVdkdGxW ]

<rucknium> I think we need a better way for the checkpointing node to not get "attacked", i.e. prevent re-orgs to the attacking chain. I don't know if I can self-feed checkpoints without DNS.

<rucknium> --block-notify, with something maybe.

<ofrnxmr:xmr.mx> It may also have had an unexpected behavior during the rollback

<ofrnxmr:xmr.mx> 2025-08-29 19:06:17.352 I Synced 2822112/2822112

<ofrnxmr:xmr.mx> 2025-08-29 19:07:50.965 W CHECKPOINT FAILED FOR HEIGHT 2822106. EXPECTED HASH: , FETCHED HASH: <f2101eec2c48d9aa0fe799

<ofrnxmr:xmr.mx> 05ec63ea579e67dbb4391d7780d6e38c4757dd687e>

<ofrnxmr:xmr.mx> 2025-08-29 19:07:50.965 E Local blockchain failed to pass a checkpoint, rolling back!

<ofrnxmr:xmr.mx> I think this might be a bug

<ofrnxmr:xmr.mx> It should have rolled back further than the wrong 106

<rucknium> Without context, that looks like the expected behavior.

8 blocks

<ofrnxmr:xmr.mx> But it seems to have rolled back to the wrong block

reorg incoming I think

9 now

it's here

they could have done 11 on this one

<shortwavesurfer2009> 9 detected @lordx3nu:matrix.org

<lordx3nu:matrix.org> > two of those were moneroocean

<lordx3nu:matrix.org> sigh

<ofrnxmr:xmr.mx> @rucknium: i'm liking 144 more and more