03:10:19 dns patch should be fastest to apply & we shouldn't wait for another attack while a permanent/better solution is found > <@angled:matrix.angled.rip> as in there is a plan to actually implement one of the other non temporary solutions? which one(s)? 03:12:16 @jack_ma_blabla:matrix.org: Wish it was so simple 03:12:36 But the reorg handling was broken (perhaps always has been) and needs a rewrite 03:18:37 the dns patch works and we have the tools. running an active checkpointer can get nodes stuck, effectively, on reorgs, so that must be fixed before using it (see backlog on previous MRL meetings) 07:52:13 https://github.com/monero-project/research-lab/issues/152 07:52:22 doesnt this destroy fee uniformity? 07:57:31 Instead of four fee levels, it adds ~50. I personally think actual fees will cluster around only a few fee levels (depending on market conditions). But.... people are often not rational with fees. Also, different wallets may have detectable bias when it comes to fee selection, so yes, it is likely to hurt fee uniformity in some way. How much it does so is difficult to quantify. 07:59:09 I don't think current fees are governed by consensus at all, but by a gentleman's agreement between most wallets to only use specific fee levels. 07:59:30 Forcing fees to be a power of 2 as a consensus rule is an interesting idea. 08:00:22 @torir:matrix.org: Indeed, on today's chain we still see non-standard fees sometimes. 08:01:54 I think the idea maybe needs to be taken back to the drawing board and properly analyzed for privacy impact and other concerns that were not addressed in the proposal. 08:02:02 "lmao ill have my program use 67 picos as fee so funny" -> all users tagged ✅️ 08:03:53 Having fee levels be a consensus rule is probably not a bad idea, but the flex block space part of the proposal seems to forget that Monero already has a block scaling algorithm in place. 08:05:27 From the proposal: "To add more predictable scaling parameters." 08:05:27 Okay, I suppose the existing algorithm for block space is maybe not very predictable. I guess I just want a comparison of before/after to be able to properly evaluate this proposal. 08:15:04 I don't understand how scaling works presently to understand how this proposal differs. 10:47:45 someone might find it curious, I implemented the low order torsion attack on key image described on https://www.getmonero.org/2017/05/17/disclosure-of-a-major-bug-in-cryptonote-based-currencies.html as part of the ring signature tests (done on original pre-ringct signatures) 10:47:45 https://git.gammaspectra.live/P2Pool/consensus/commit/19f9d795833a7be71a9145fb95735673224c6fcd 10:49:25 it makes a ring of 3 decoys + 1 spend, verifies it; then attempts to forge the same ring (and private key) except with the key image torsioned by a low order point 10:49:52 it confirms it'd pass verification, if not for the explicit torsion checked Verify method 10:51:42 the test uses deterministic rng to ensure the random tries find a point in the given attempts (given this runs on CI) https://paste.debian.net/hidden/7ee64f03/ 13:35:42 hello 13:35:59 what is the difference between this group and #monero-research-lab? 13:37:41 Research lab is pretty strict about being on-topic, but otherwise they are pretty much the same. 13:39:56 Which chanel should I use to ask my questions about Monero Cryptography? 13:40:15 here 13:40:36 ++ 13:41:16 for general questions, unless you are proposing a change or noticed some issues 13:41:48 no, just studying and learning it 13:57:24 I'm learning xmr cryptography for a while, and I already studied the main part (RingCT, ring sig -MLSAG and LSAG-, stealth addresses, pedersen and rangeproofs etc.), and I wanna study FCMP++ now. 13:57:39 The problem is that I cannot get the intuition from raw maths, and only sources I was able to find were the papers of IACR (Curve Trees, ZKP of EC Inner Products from Principal Divisors etc.) -and some notes from dev github repos-. 13:57:50 My workflow is more about having a main article which simplifies the maths and highlights the intuition, and I bounce between the main article and IACR,MRL papers and codebase whenever I need more accurate informations and to make certain points more clear. 13:58:01 So, is there any articles or explanations about FCMP++ which would give me intuition first, so that I can dive into maths with this intuition? 13:58:15 I'm also open for any cryptography, monero and math workflow recommendations. 14:00:43 Start with how Zero Knowledge proofs work: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/ this focuses on intuition, but the ZKP used in FCMP is different from the one demonstrated in the article. 14:02:30 ++ 14:48:39 ArticMine look up what firm Edman works for https://bitcoinmagazine.com/news/tornado-cash-trial-defenses-digi-forensics 14:50:38 I was an expert for Pertsev's defense 14:50:40 stop speculating about crap you don't understand 14:52:00 I do understand what is going on here 14:52:19 BS does not scale big time 14:54:45 @articmine:monero.social: so in your opinion monero would be more vulnerable with FCMP and @sgp_:monero.social proposal, than current day RingCT given our tx volumes 14:55:38 Or do you think monero can be traced right not due to our tx volume and RingCT? 14:56:10 Chainalysis did get some tracing to work 14:57:44 The issue is that if the anonymity set is small enough Monero would be vulnerable. 14:57:45 The real attack is forcing moat transactions of chain onto centralized ledgers 14:58:03 This is what has happened with Bitcoin 14:59:11 By the way I was certified in Blockchain Surveillance as part of my work for the defense in the Sterlingov case 14:59:25 @sgp_:monero.social has said the parameters are flexible, what tx volume is enough to avoid blockchain surveillance in your opinion ? 15:00:06 @boog900: Maybe we could start with a base level of transactions per day, right now, to answer that Q 15:00:16 BS has started to have issues at Ethereum scaling rates 15:00:21 (ArticMine's suggestion of what that should be today) 15:01:03 The reality is that the greater the anonymity set the greater the privacy 15:01:32 All of this is dynamic because technology does not stay still 15:02:16 suppose this second, there was a demand for a million Monero transactions per second. What would you want the Monero transaction limit to this second, for Monero not to be a failure in your view? 15:02:32 This is why fixed limits are so dangerous 15:03:04 both your proposals allow infinite growth over enough time 15:03:37 so you would want to fully accommodate the million per second in that example? If Monero only did 500k/second, that would be a failure in your view? Again, let's assume this is today and today's infra costs, not 10, 100, etc years from now 15:04:56 It is not possible to reach those rates today. We both know that 15:05:35 I do see VISA transactions rates as realistic in a decade 15:05:49 Yeah but I mean what would you say is reasonable today, so we have somewhere to start. Assuming infinite demand 15:06:43 @articmine: I can try to work back from this if you want me to, discounting by moore's law 15:06:46 There is no sch thing as infinite demand 15:07:08 You will get my proposal 15:07:42 If you work back from VISA in a decade 15:08:23 yeah give me a sec to do that. I'll work back from 300 billion txs a year 15:08:34 ViSA is about 7000 TPS with a surge factor of ~ 20x 15:09:14 what growth rate per year do you want me to use for moore's law? 50%? 15:09:23 Yes 15:09:52 50% is correct 15:11:50 one moment 15:12:46 https://mrelay.p2pool.observer/m/monero.social/SGxprNVjqqMmPpAuVHDoKGIs.png (image.png) 15:14:47 One has to factor in a 20x surge for holiday shopping 15:15:44 https://mrelay.p2pool.observer/m/monero.social/rfPOyYRsoFJWFgvYsRVyLOiM.png (image.png) 15:15:47 like that? 15:16:28 There is a dev draft of the FCMP++ protocol considered the FCMP++ paper @zarathust 15:16:34 Yes 15:17:00 Ok cool, now we have a baseline :) 15:17:16 The surge will be handled by the 16x in the short term median 15:17:27 @kayabanerve:matrix.org: They left right before you responded 15:17:40 So we are looking at the long term and sanity. Medians 15:19:31 2x maximum growth for the long term median and a factor of 256 to 1024 for the sanity median 15:20:15 The thii to keep in mind is that growth will not be constant 15:21:18 ofrnxmr: :( 15:21:24 Can you remind me how long the long term median is? It's not 1 year right? 15:21:49 100000 blocks 15:22:17 Sanity will be 1000000 blocks 15:22:26 so roughly 138 days 15:22:32 Both grow at 2x 15:26:45 I see 193 MB blocks right now and tbh, I'm quite concerned. Even before the 20x surge feature. And I'm concerned about growth at 2x up to ~2.5x a year, even if it's unlikely to grow as fast as allowed 15:28:06 How do you get 192 MB blocks right now? 15:28:49 that's the value when discounting 10 years of moore's law from Visa levels today 15:28:50 Before the surge? 15:29:09 E2 > <@sgp_> https://mrelay.p2pool.observer/m/monero.social/rfPOyYRsoFJWFgvYsRVyLOiM.png (image.png) 15:30:34 FWIW we cannot handle that with the current code, you will hit serialization limits in the P2P network 15:30:43 even with stressnet changes 15:31:09 I know that's not the number used in your proposal, but it's the implied number that's needed to get to your goal of Visa level throughput in 10 years, growing 50% per year 15:31:49 You are assuming a constant rate of growth 15:32:53 We are also dealing with a priced network 15:33:15 I have to leave now. At least some progress 15:35:08 @boog900: And packet size limits 15:35:55 I don't think any rate of growth makes this possible FWIW 15:36:43 off topic: Boog, do me a fav and poke, prod, nudge 0x to wrap up tx relay 🙃 15:36:50 My point in going through this exercise is to help show why Visa rate isn't achievable, even in 10 years, without some major efficiency gain. And while I want efficiency gains, if we find one, we can always change the scaling again to account for that, rather than committing us to a scaling disaster that needs to be averted 15:37:38 @ofrnxmr:xmr.mx: Please and thank you 15:37:46 @ofrnxmr:xmr.mx: lol I have been meaning to give that another review too :) 15:38:20 It has a bunch of review comments that need to be addresses before merge on stressnet 15:49:38 Re: bandwidth and ECC, Curve Forests would effectively flatten the proof size for membership at the cost of much more notable computation. 15:49:38 Moving into the future, the focus will need to be on delegating work out to users, block builders, and even segments of the network via RGC?, IVC, and L2-esque strategies. 16:47:35 @sgp_: Monero has been around since 2014 with far more generous scaling rates and there has been no "scaling disaster". 16:47:35 I find statements that peer to peer electronic cash at scale is not possible in a decade actually very troublesome and such a philosophy does not belong at all in the Monero consensus code 16:53:07 If there is a legitimate reason to temporarily throttle the growth of the Monero network there are many tools available through node relay to do this. Of course the consensus burden will then fall on those who wish to limit growth as opposed to those who wish to allow growth. That consensus would only be achieved if there is a [... too long, see https://mrelay.p2pool.observer/e/mMXwqcMKODFWVkFa ] 16:57:04 I do believe that if Monero were to achieve say 200 transactions per second that would be the end of the Blockchain Surveillance industry, not only in Monero but also in so called surveillance coins 16:59:39 This means that the viability of companies worth billions of dollars is at stake here. 17:01:44 There could have been a scaling disaster. https://github.com/noncesense-research-lab/Blockchain_big_bang 17:02:30 just because something hasn't happened doesn't mean its not possible, stressnet has demonstrated it is possible 17:03:10 It does not justify baking failure into the consensus code 17:03:32 > there are many tools available through node relay to do this 17:03:32 You cannot limit block size by node relay 17:04:24 If the nodes limit bandwidth how can you grow the blocks? 17:04:32 Allowing 2x bloc growth ~2.5 times a year means that current scaling proposals would allow what, ~6x growth every year? A 10x increase at maximum than even the Moore Law calculation? 17:05:29 You forget there has been no growth in the last 5 years due to the lobbing effects of the BS companies 17:05:40 @articmine: failure here means it does not support enough txs (like bitcoin in your opinion). The real failure is being too aggressive with scaling and causing nodes to fall out of consensus with each other. 17:06:25 At 6x growth per year, why even have limits 17:08:36 Bitcoin is a failure not only as peer to peer electronic cash but also as a central bank reserve asset 17:08:49 It is only a matter of time 17:09:43 @sgp_: We need to catch up to undo the harm done by the BS companies for starters 17:10:12 >undo 17:10:14 @articmine: it is still alive, can we say the same of a coin that allows double spends due to nodes falling out of sync? 17:10:18 >blockchain 17:10:34 i think it's too late 17:10:58 @articmine: Even accepting that, why not set the current max block size to "the value Monero should be at this point" (calculated in my sheet at 193 MB blocks) and then set the max growth rate to 50%/yr? 17:11:15 Who do you think is behind the lobbying of governments to delist Monero from exchanges? 17:11:31 @articmine: police? 17:11:37 (ik BS) 17:12:34 No those who profit from selling blockchain surveillance even though it does not work. 17:12:34 It is a multi billion dollar industry 17:13:20 I was arguing the danger of blockchain surveillance back in 2018 17:13:27 *it does work at low tx levels 17:13:32 It does not work in Bitcoin 17:13:49 @boog900: Kind of 17:14:45 Enough to fool governments to part with their money 17:15:24 probabilities becomes certainty, and suspicions turns into culpability 17:15:54 maybe controversial opinion but we should not be limiting ourselves to VISAs txs/s, if we can do more we should do more 17:15:56 ... and the innocent get convicted 17:16:12 @boog900: Of course 17:16:23 if we can't, we should do less 17:17:09 @boog900: Or wait until we can 17:17:19 @articmine: I won't wait 17:17:30 Which why I am so opposed to consensus limits 17:17:35 I've the finger on the red button waiting to release Seraphis 17:17:55 @articmine: again the limits are not bandwidth or CPU currently 17:18:00 it is code 17:18:12 is 6x scaling a compromise then in your view, with the alternative being no limits? 17:18:34 @boog900: Which is and can be fixed 17:18:56 @boog900: so baking in scaling that we are not sure if we can hit is not a great idea 17:19:15 @sgp_: My position will be in my personal 17:20:00 @boog900: although a sufficiently "slow" expansion of blocks is probably ok 17:20:22 @boog900: Scaling was baked in since the genisis block 17:20:58 exactly and how often has it been in play? 17:21:14 last time was the spam IIRC and that broke wallets 17:21:15 People bought into Monero on that understanding 17:21:18 as we had bugs 17:21:37 Which were fixed 17:22:03 testing in production isn't a great idea for Monero ngl 17:22:21 @articmine: if there is one thing i've understood since i joined the monero community is that the colossal majority of people using monero understands what they want to understand, so no guarantee about that 17:23:06 @articmine: yeah a sufficiently slow expansion of blocks I would support 17:23:12 I bought in for the transparent amounts /s 17:23:44 fwiw I 100% agree that scaling up capacity is an important value for Monero to retain 17:24:21 but it's obviously not the only value, or else RingCT would have never happened 17:24:34 What determines capacity especially in the future? 17:26:02 Privacy is a huge value in the Monero community. Privacy is heavily dependent on scaling 17:27:18 its just not, the scaling code has rarely been activated 17:27:41 more txs are better sure, but not heavily 17:28:33 and no parameters have been selected yet 17:29:11 surly the best thing for privacy is 10 GB blocks right now? 17:29:31 It works both ways . If one cripples scaling one is also testing in production. This is what Bitcoin did in 2010 with its "temporary" 1 MB block size limit > <@boog900> testing in production isn't a great idea for Monero ngl 17:30:34 @articmine: I mean, are we bound to be literally dev consensus ddosed like bitcoin core? 17:30:36 fwiw, I think that the Monero community has demonstrated a strong willingness to change things that need to be changed 17:31:14 I would suggest that there should at least be hard agreement between the scaling design and the actual daemon performance in the short term. 17:31:14 A simple rule might be that the daemon must be capable of handling the most extreme limits of the scaling design until the long term median adjusts. 17:31:24 We could pick 10% growth rate now and choose 20% later. Or a one-time jump. Or really whatever makes sense 17:31:36 @sgp_: It has not diverged from its social covenant 17:31:59 @articmine: we have changed the scaling code making block growth smaller before 17:32:35 @sgp_: i would pick 10%.. per day 17:32:46 @sgp_: fwiw there are already theoretical improvements cooking in the back of the kitchen. So it's not like we're putting a limit now that we don't know if it will be changed, we have short/mid term plans for improving things 17:32:51 e.g. curve forests 17:32:52 With a daemon able to handle the full potential of the scaling design with a default long term median, a hard guarantee of ~2 months is in place for a development response without there being an issue. 17:33:08 10% per year is WORSE than using our current low fee tier 17:33:31 worse how, specifically? 17:33:59 Low fee tier will raise block size by > 10% per year 17:34:23 10% per year might as well be 0 17:34:34 oh you just mean more restrictive in terms of max scaling 17:34:38 yea 17:34:50 @ofrnxmr:xmr.mx: I suspect that is the idea 17:35:00 @ofrnxmr:xmr.mx: too boring, we should make yearly block increase by O(n!) 17:35:14 So that spam that we had, at low fee tier, has more scaling than 10% per year 17:35:27 And crippled the network 17:35:45 I don't consider that an argument in your favor lol 17:35:57 @ofrnxmr:xmr.mx: tbf the network stayed connected and in consensus 17:36:01 that we should cripple the network throughput intentionally? 17:36:21 no no no, that's a fundamental misunderstanding of fees 17:36:27 @boog900: When i say crippled, i mean, if the spam was consistent and reached 600+mb, then all new txa would be immediarwlt dropped 17:36:46 Because the spam was incompetent, ir never reached > 200mb, and txs werent rejected 17:36:55 users would need to pay higher fees than the spam to be confirmed with priority, like in any case 17:37:08 @ofrnxmr:xmr.mx: so do you think we need more scaling? 17:37:19 @boog900: more than current? No 17:37:28 More than low fee scaling? Yes 17:37:30 @ofrnxmr:xmr.mx: do you think we need less? 17:37:54 one major advantage of my proposal is the far greater ability for a fee market to address transaction priority, since there are so many more fee levels permitted 17:38:08 @boog900: i dont know what the actual limits are 17:38:20 I thought it was 30mb until 100k blocks, but i hit 40mb on testnet 17:38:22 @ofrnxmr:xmr.mx: stressnet fully broke after what, a week? 17:38:31 replace by fee would be nice sometimes 😳 17:38:44 @boog900: Much less than that. Broke in like 2 days on my private testnet 17:39:04 Took like 1700 blocks to realize a lot of things dont work 17:39:06 In no circumstances should a backlog of spam cripple the network. Lee few txs should be deprioritized (and dropped from the mempool if necessary) 17:39:24 @sgp_: Well then fiz the txpook 17:39:36 Because at current, a large txpool cripples nodes 17:39:46 🦀 17:40:04 That seems unrelated to either of these proposals, that's just a bug that needs fixing lol 17:40:16 @sgp_: Related 100% 17:40:23 Bugs effect scaling 17:41:08 Without these issues, like spamming 9tb per day for 900mb of txs, scaling aint so bad 17:41:09 Or if fluffyblocks were broken 17:41:20 Werent* broken (they are) 17:41:45 The network cant stay in sync because we ddos ourselves 17:42:05 Decentralized denial of service 🥲 17:42:08 FWIW I don't necessarily support any proposal, I just think we should be working with the limits of Monero rather than some arbitrary targets. 17:42:34 I think we should work on fixing monero so that it can operate at max efficiency 17:43:01 Then use the limit of efficiency or bandwidth 17:43:10 No, I want to purposefully add bugs to lower efficiency 17:43:12 :) 17:43:15 Not "10% per year" which we can already do on 1 leg 17:45:09 I understand that at current, monero is terribly inefficent, to the point it feels negligent or malicious 17:45:13 Your argument is basically "We could easily handle more transactions if these basic bugs were fixed, so I'm in favor of aggressive scaling" 17:45:25 @sgp_: half right 17:45:29 Maybe 3/4 17:46:02 Essentially, yes. If these basic bugs were fixed, stressnet can go from 3mb breakage to 40mb smooth sailing 17:46:43 where the issue would be storage 17:47:03 Just a cool 10.5 TB per year 17:47:29 @blurt4949:matrix.org: exactly why the limit there would have to account for non-code related bottlenecks 17:47:32 (assuming consistent 40MB usage, which may not happen) 17:48:01 40mb blocks are like 5x bitcoins bandwidth on fcmp++ 17:48:21 5x bitcoins tx volume** 17:48:25 which is pathetic 17:48:33 So no, not something i expect overnight 17:48:45 We average 40 tx/block 17:49:21 Bitcoin does an equivilent of 15x our throughout at 600tx per 2min 17:49:22 I know but needing 40mb (200mb BTC equivalent) blocks just to 5x it is absolutely pathetic 17:49:46 @blurt4949:matrix.org: Its more like 20x if were talking about fcmp 17:50:15 Which these discussions apply to. I dont think anyone is talkibg about changing scaling numbera before fcmp hf 17:50:31 ??? 17:50:54 If we say an FCMP tx is ~10kb, then 40mb blocks can handle ~30-35 TPS 17:50:57 Gimme a sec, not sure my head is on straight 17:51:03 that's about 5x bitcoin? 17:51:36 @blurt4949:matrix.org: 30-35tps is about 5x btc, yea 17:51:38 I've been using 10kB for my FCMP estimations 17:51:58 @sgp_: same 17:52:02 yeah so 200MB BTC blocks just to compete with 2MB BTC blocks 17:52:06 (counting segwit) 17:52:16 err, sorry, ~10MB 17:52:30 this is why Monero's competitive advantage is not efficiency, or even low transaction fees 17:52:32 Yea. 20x 17:53:05 oh I thought you meant 20x the tx volume, which is what I was referring to 17:53:25 but yeah anyway, point is FCMP doesn't scale unfortunately 17:53:40 but RingCT doesn't either so it's okay :) 17:53:57 ringct scales enough that nobody has noticed how broken our protocols are 17:54:24 like, how has fluffyblocks been broken since implementation and nobody ever noticed? 17:54:44 Supposed to save bandwidth, but never worked 17:54:49 @ofrnxmr:xmr.mx: also the fact the scaling code hasn't been used very much 17:54:49 yeah because a literal actual self-described sh*tcoin (Doge) does 2x our daily transactions 17:54:57 @ofrnxmr:xmr.mx: which bug? 17:55:07 Fluffyblocks relay the full block 17:55:08 obviously we won't notice scaling limits at this scale 17:55:25 @ofrnxmr:xmr.mx: that only affects miners 17:55:33 everyone else relays the blocks properly 17:55:47 if you get sent it over RPC tho you send the block full 17:55:49 @boog900: no, it effects the whole chain from my observations 17:56:18 My intermediate and tx-origin nodes both receive the full block 17:56:22 There's also the fact that pruning doesn't automatically enable --sync-pruned-blocks which save >60% bandwidth 17:56:26 @ofrnxmr:xmr.mx: almost certain it doesn't 17:57:08 so why is my tx-origin nodes received data jumping by 40mb when i mine a block? 17:57:35 When the origin node has all of the txs 17:57:52 I think it was because your node lied about not having the tx due to D++ 17:58:00 it hides stem txs 17:58:20 not 100% but that would be my guess 18:02:25 Looks like the fix agrees with you > <@boog900> that only affects miners 18:02:25 https://github.com/seraphis-migration/monero/pull/155 18:03:04 I havent tested on private testnet, but it fixed the fact that block sizes were crippled at 4mb 18:03:23 Since fluffy blocks had a 4mb cap 18:03:46 https://github.com/seraphis-migration/monero/pull/159 18:04:41 https://tee.fail/ 18:04:41 In TEE we trust! 18:05:53 https://github.com/seraphis-migration/monero/issues/140 18:05:53 Note how many minutes it too for a peer to successfully send me the block 18:08:39 "The problem is that the node is relaying the full fluffy block to its peers, and that full fluffy block can exceed the byte limit of 4mb:" 18:08:39 Im 100% sure that many nodes in the above log werent all sending me the mined block. Looks to me like they were (probably) sending full blocks (which were above the fluffyblock 4mb limit) 18:10:09 Anyway, just an example of a small bug that crippled scaling 18:31:55 https://www.amazon.com/Seagate-3-5-Inch-Enterprise-ST12000NM000J-Renewed/dp/B0BNW797DN > <@blurt4949:matrix.org> Just a cool 10.5 TB per year 18:34:24 something something ssd 18:37:11 a new one of those each year isn't exactly promising for my wallet 18:37:48 @spirobel:kernal.eu: best way to make your node unusable 18:37:55 remember 18:37:56 hdd 18:38:01 is very... VERY slow 18:38:16 Just use nvme cache 18:38:16 problem solved 18:38:34 IMO I would just say no because it say Seagate 18:39:49 With FCMP++, old blocks can be moved to slower storage and the output DB can be pruned. 18:40:30 @syntheticbird: someone needs to test cuprate with a HDD 18:40:38 and with our new DB changes 18:40:46 @boog900: you literally did that 18:40:52 @boog900: ah yes 18:40:59 @boog900: Are you only caching write? 18:40:59 please say yes 18:41:06 no 18:41:08 (say no boog) 18:41:14 😢 18:41:19 I tested USB SSD > <@syntheticbird> you literally did that 18:41:28 haven't done a HDD yet tho 18:41:39 @boog900: oh 18:43:20 should not be a bottleneck to participating in consensus. > <@syntheticbird> is very... VERY slow 18:43:23 @ravfx:xmr.mx: I don't know what you mean but I got our DB around 40 to 50 GBs smaller than monerod 18:43:51 >enter 18:43:57 >"our db is 50gb smaller than monerod" 18:44:03 >leave 18:44:03 boogchad.gif 18:46:24 @boog900: reading all over the place to verify transaction pollute the cache and make normal hdd extremely slow for nodes. If you only cache write, then only the most recent part of the blockchain is cached (The decoy distribution is balanced to use more recent tx), assuming at least 32GB of write cache you can make an hard drive to sync the blockchain in like 12-15 hours. 18:46:24 That being said, that methode of acceleration will get deprecated with FCMP+ 18:48:22 @ravfx:xmr.mx: I store ringCT outputs in a tape, contiguous, so they can be indexed and don't need to be searched for 18:49:01 A cache for random reads as currently seen, combined with a migration from fast to slow storage, would presumably restore HDD usage decently. 18:49:12 also from what I have read LMDB can have high write amplification which wouldn't help with syncing times 18:49:25 We'd only require some limited amount of fast storage for key data structures and recent blocks. 18:49:30 I tested id, about two years ago 18:49:37 with 16GB worth of write cache 18:49:44 Wallet syncing is a sequential iteration so HDDs hopefully aren't problematic there? 18:50:28 @boog900: we also move block/tx blobs out of LMDB into a tape which should lessen the write amplification there 18:51:30 Outputs are extra nice as they're fixed-size though 18:52:14 oh yeah 100%, I would be interested to see how well the OS caches the outputs too, as we use a memory map and most used outputs will be at the top .... 18:52:37 @boog900:monero.social: You can probably make blocks fixed-size too, if you set a default size and then have an extension node for large blocks. 18:53:31 So all blocks are the presumed case of 200 TXs, but then anything greater gets flagged, so we have fixed-size block indexing except for large blocks 18:54:04 optional walking 18:54:11 could be great indeed 18:54:12 I'm not saying worth it, I'm saying possible 18:54:18 the benefit probably isn't there, under normal operation you don't really pull just block headers 18:54:27 you do at startup tho 18:55:14 @kayabanerve:matrix.org: this is part of the reason I didn't change the whole DB, storing everything in a different file is more effort than it is worth for most tables 18:55:22 even tho it would save some GBs 18:57:56 also consider this: if demand really scales this much, we can just communicate which outputs the wallet received out of band. So wallets dont have to check every single output on chain. All the information is still there and if someone really wants to scan the whole chain they can. It wouldnt be like lws. More like you selfhos [... too long, see https://mrelay.p2pool.observer/e/hti5rcMKOVQyV1pa ] 18:59:36 tevador: This is like 6 years old. We added the long term median in 2 HF ago response to this theoretical attack that never happened 19:02:18 The long term median is valuable in that it solved the MRL issue 70 19:04:25 The one spam attack that had happened was in ZCash where the blocks were grown by a factor of 300x in a spam attack that lasted a year 19:04:56 This proves the utter failure of the Bitcoin approach 19:06:07 Interestingly the spam did not kill ZCash 19:06:34 ZCash was never alive in the first place 19:08:45 In my view with Monero we have a scaling system that actually works. 19:20:34 hard limit 100mb for getblocks.bin response as well. > <@boog900> FWIW we cannot handle that with the current code, you will hit serialization limits in the P2P network 19:27:42 DataHoarder: I think some of the most recent blocks listed as unknown are from cubist https://blocks.p2pool.observer/ 19:28:02 as they limit the # of txs in a block 19:28:54 they are, and they are detected by the api I have nioc 19:29:27 probably monero-blocks ignored them as it's a slow call 19:30:05 I see some just changed from unknown to cubist 19:30:29 yeah, it takes time 19:42:50 nioc: there is some entity mining blocks that is unknown, though 19:42:55 not merge mining, either 19:43:13 yes 19:43:37 which qubic is 19:43:43 maybe some pool blocked the api lemme see 19:43:59 some of the unknown looked like unkown and some looked like cubist 19:44:27 if they are recent, say, 30m 19:44:28 that's fine 19:45:07 the old ones I see seem to be from nanopool 19:45:08 whose api returns 502 bad gateway 19:45:08 and whole site apparently 19:45:08 link to specific ones, nioc, I can look them up 19:45:30 for example https://blocks.p2pool.observer/block/c6df50dc60ef3d5bb9a7d731927cb8dc72a5c725ea1f819c79f0398ea18e67fb 19:45:35 this is very likely nanopool 19:45:45 https://blocks.p2pool.observer/block/a1666a20180f445f9c4adec72f4f5d3c3438bdbfafd84aec3d31b21e34edcd71 19:45:52 here is one 19:46:02 that is not qubic 19:46:11 it's not merge mining 19:46:54 plus other details 19:46:55 they can also have max ~24 txs (they limit themselves to 20tx) due to their inability to have templates larger than 896 bytes 19:47:03 are you asking for cubist or non cubist 19:47:12 the ones you think are qubic 19:47:39 cause I should be catching them fine, although delayed (somehow monero-blocks took 30+ minutes in some areas to complete lol) 19:48:34 nanopool mining stratum is up, site is down 19:48:56 can't track blocks they get without miner proofs but they are mining (and hopefully API backfills data, though I can fill it via other means) 19:51:06 the older ones I suspected because of limited txs are not cubic, they were filled with large txs 19:51:43 Qubic is back at around 1.4 GH/s recently 19:56:28 it's less tx size and more just number of txs 19:58:18 they should get repopulated once https://xmr.nanopool.org/api/v1/pool/blocks/0/500 returns proper values 19:59:50 anything on here with view keys https://blocks.p2pool.observer/proofs is automatically detected regardless of their API (but I check if it exists on API or not, I have flagged several non-reported blocks on MO and NanoPool in the past, even when they reported the corresponding Tari found merge mine (and block is in Monero) 20:06:01 this is a 20 tx block at 316kB https://blocks.p2pool.observer/block/687f020825e42f62935a3166212b86b507c2ecbf19ac8e23d7f2f8ae0882bd6a 20:07:20 11 txs and 327kB https://blocks.p2pool.observer/block/01aa6e490c29c3866777bad7698477509716c0c51e386f76ca1d415bf630eead 20:09:46 @rucknium:monero.social Even if the price in USD is an externality, this still prices out many people. If the USD price increases by a lot and we have a base fee, wouldn't it price out people from using Monero? I'm not an expert at economics, so if I'm wrong, I'd love to learn 20:10:02 not merge mining, both are not qubic nioc 20:10:08 but thanks for looking into it :) 20:10:11 yep 20:10:33 @namenet:matrix.org: Recently I have suggested using network hashpower as an oracle for the purchasing power of 1 XMR. 20:11:03 @rucknium: Do you have a proposal I can read? 20:11:05 That sounds cool 20:11:37 No, not a full proposal yet. 20:12:15 Will hashpower act like a proxy for energy prices? 20:12:33 Empirically and theoretically, hashpower is strongly correlated with XMR purchasing power. @namenet:matrix.org Yes, basically. 20:13:02 It doesn't have to be perfect. Just needs to get the right general area. 20:19:43 @rucknium: Over time hash power will drift away from purchasing power because of Moore's law 20:20:28 For peer to peer transactions blocksize is a stronger indicator 20:21:25 The assumption of course is that the distribution of economic activity does not change 22:42:10 @blurt4949:matrix.org @ 1.4mb blocks, thats 368gb per year on a full node. 22:42:11 Is it a lot? Yes, but you're paying for it. 22:42:11 currently 1.4mb is only 0.094416xmr 22:43:55 Privacy's #1 tradeoff atm, is chain growth 22:45:49 That's still 5x less tx volume than BTC, not to mention costs beyond strictly storage like CPU, bandwidth, or scanning time. Also a serious attacker and/or parasitic activity like mordinals have proven themselves willing to spend lots of money on their nonsense. 22:46:53 Runes, ordinals, etc on Bitcoin are an even better example 22:48:16 Qubic too, they spent money on a different type of attack, but the point stands 22:48:19 Right? and its still > 10% above the proposal 22:48:47 Cpu, bandwidth, and scanning arent an issue at these levels 22:49:38 We save 75% bandwidth by fixing txrelay, cpu and scanning even at 10+mb blocks isnt really an issue 22:49:49 Scanning is already one of Monero's worse UX elements and you're saying that at 4x tx volume it'll still be fine? 22:49:54 yes 22:50:04 Also I was more referring to IBD but yes real-time propagation is another factor 22:50:05 Because, again, we have crippled software 22:50:34 On stresnet, wallet scanning is like 100x'd in speed 22:50:53 What used to take 30mins, takes 5 seconds 22:51:12 So "monero bad" = yeah, but its not like were running optimized software 22:51:46 I wasn't aware of that, is there anything you can point to on that improvement or has that not been documented yet? 22:52:12 the merged prs and open/closed issues on the fcmp++ repo 22:53:12 fcmp exposes a lot of efficiencies in monero, and people like jberman and jeffro are fixing them. Monero gets away with it atm, because were not having to deal with the throughput 22:53:40 But i ran private testnets on both master and fcmp, and discovered that a lot of the issues that i thought were fcmp related, were actually present on master 22:55:36 fixing them doesnt require a hard fork, and improved monero with or without fcmp. Not fixing them, would have been an unbearable experience to a lot of people (with a little bit of volume) 22:56:21 well, fair enough on that point then, but I think the other issues are still major ones, unless CPU usage has also been vastly improved on stressnet (I suspect it's worse due to FCMP++ but maybe I'm somehow wrong on that) 22:56:49 rucknium has a monitor that shows his nodes cpu usage 22:57:20 And in my experience, its not noticable at all, even under intense spamming. Wallet cpu usage is much increased though 22:57:42 I'm not concerned with CPU for propagation, but instead IBD. Large blocks will build up quickly 22:58:23 we havent tried to sync fcmp with checkpoints yet (monero ibd skips validation by using checkpoints) 22:59:09 But when i checked the number on my private testnet, fcmp 300 kb blocks were about as fast to sync as ringct 300kb ones 22:59:20 I know but even a few month's worth of uncheckpointed blocks can be a lot 22:59:22 (with fast sync disabled) 22:59:46 sure but that's byte for byte then, not tx for tx which is more important 22:59:55 So i dont think there is a noticable increase in cpu per kb, but just more kb 22:59:59 https://www.naxo.com/who-we-are 23:00:34 Just a little investigation 23:01:34 @blurt4949:matrix.org: Thats a tradeoff of using fcmp. 23:02:11 Either you accept that 40tx under ringct is 1/4 the size of fcmp, or you dont 23:03:02 FCMP isn't terrible WRT RingCT but RingCT is already pretty terrible WRT Bitcoin or pretty much any transparent chain 23:03:06 We do ~40tx/block today, so we are accepting a 4x in chain growth as soon as we fork 23:03:08 (in terms of scaling) 23:03:34 My point isn't about FCMP specifically but that it's digging us deeper in an already very deep hole 23:04:13 The difference between RingCT in transaction size has already been addressed many time by Nielsen's law. This is not the real issue here 23:04:20 Fcmp digs us deeper, and i believe we are accepting that as a tradeoff for the enhanced privacy 23:05:01 @articmine: Exactly. The 4x increase doesnt hurt anything 23:05:39 If monero tx volume increased by 4x, we'd have the same issues exposed as people are positioning as unfixable 23:06:15 They are not unfixable 23:06:39 In fact a lot of progress has already been made 23:07:26 a lot imo, and a lot more to go 23:07:37 And dont need a hard fork to fix most 23:07:43 After reviewing this 10% proposal I am really very concerned. 23:08:17 Yes but like I said my point is that Monero already scales poorly (meaning, in practice. The algorithms are clearly well thoughtout for theoretical scaling). FCMP doesn't make it an absurd amount worse, especially for the benefit it gives, but again that's not the point. 23:08:58 For example it may in the future not be possible legally to increase the scaling rate of Monero 23:09:00 @ofrnxmr: "a lot more to go" is doing a lot of heavy lifting there, any progress is great of course, but we are still nowhere near sustainable scaling 23:11:14 @blurt4949:matrix.org: Its honestly just a lot of poor coding choices or bugs 23:11:25 Not rebuilding the ship 23:11:54 Fixing bugs is one thing, but a hard fork to allow a privacy coin to take on a CBDC is very different 23:12:07 there are, of course, bigger changes that can be made to improve things, but atp there are big wins from small issues 23:12:22 @articmine: Cdbcs scale though :D 23:12:45 More like, a hard fork to turn monero into a meme 23:13:05 If we undo scaling we may not be able to get it back 23:13:59 If governments prohibited such a hard fork 23:15:02 If Monero relies on government approval then it's useless to begin with so I don't follow? 23:15:40 monero is the stronghold 23:16:08 Every other coin with talking about has already thrown in the towel 23:16:24 A government grandparents the existing consensus. Only allows fixing bugs 23:17:16 Okay yeah but who cares what they allow? If Monero has to listen to governments then it's useless. 23:17:28 Imo, if monero didnt exist, then full-privacy coins would be labelled as illegal 23:18:16 ofrnxmr how so 23:18:18 That's in the process of happening across most of the developed world AFAIK 23:18:25 The reason monero still is bot illegal, is the same reason that https or encryption is not illegal. Because its normalized. 23:18:25 every other notable chain is normalizing surveillance 23:18:48 .. exactly and if Monero could not scale making Monero scale could be illegal 23:20:23 nioc: Name me 2 services that accept the private versions of optional privacy coins @nioc 23:20:30 they tried to make encryption illegal back in the day (and IIRC places like UK have been trying it even recently?) but gave up because 1) obviously that's impossible and 2) encryption has a lot of uses that align with the government's goals. #2 is blatantly not the case for Monero and #1 depends on how centralized we make it. 23:20:54 except, in crypto, they are winning the propaganda race 23:21:27 I looked at the 10% proposal. It would take ~ 20 years to reach Bitcoins's transactions per second 23:21:32 all of these privacy coins have added surveillance backdoors into their projects, and regulated entities are not safe accepting the private versions 23:21:45 ofrn I am clueless about the world of optional privacy coins 23:22:06 nioc: that's for your own good, keep it that way 23:22:17 nioc: If you send ltc mweb to binance, they just steal it. Wont refund it, wont credit jt 23:22:34 At the same time they accepted xmr 23:22:46 Why? Because regulations tell them its not a good idea to allow someone to hide their balance 23:23:35 @articmine:monero.social: Yes the 10% proposal is bad (it's literally worse than dashjr's proposal for BTC!) but allowing massive effectively unbounded growth is not a good idea either 23:24:14 AIUI the 10% is not set in stone 23:24:16 and yes, 6x compounding per year (assuming that is accurate) is effectively unbounded 23:25:07 nioc: The idea of proposing 10% is asinine 23:25:46 @blurt4949:matrix.org: Ive said a few times, but the upper bound of scaling shoukd cooincide with what we can handle 23:25:48 Monero is very heavily priced. This is why the "unbounded" Monero had minimal spam when compared to the "bounded" ZCash 23:26:43 Fcmp can offload historical blocks onto slower storage. Fcmp works better on hdd than ringct. Bandwidth is a non-issue. Verification has to be fast enough to not cause chain splits 23:27:26 Monero has a sane fee system unlike ZEC, sure, but ZEC at least had a limit on the spamming rate. 23:27:34 (Yes I know Monero has short term limits but I mean long term) 23:27:48 @articmine: yay monero didn't get spammed enough where it would have caused issues with nodes! (~4 MB?) 23:28:14 @ofrnxmr: Connecting the dots back to those close to government is even more asinine 23:29:07 @ofrnxmr: Could the tiny tree root (or whatever the correct term is) plus the entire key image set feasibly be cached in RAM? Unless I'm missing something it should be right? If so that's at least great news 23:29:21 Like a few gb I think? 23:30:18 @blurt4949:matrix.org: iiuc, yes, but dont quote me 23:31:54 Napkin math says caching the full KI set in ram wont work at scale unfortunately 23:31:56 @boog900: sustained 100mb txpool, 1.5mb blocks (broke IBD), 4mb blocks (broke fluffyblock relay), etc 23:32:17 As I said earlier I don't necessarily support any specific scaling proposal I just want us to actually take moneros limits into account rather than just targeting arbitrary payment networks numbers. 23:32:25 I would rather blocks be too small than too big 23:32:37 one is catastrophic one is not. 23:32:50 Well put 23:33:10 I do support assuming the limits will rise over a sufficient amount of time FWIW 23:33:50 @boog900: Have you considered the possibility of not being able to reverse a change in the future for legal reasons? 23:34:12 I have and it scares me 23:34:20 @articmine: have you considered not having a chain to propose a change to? 23:34:43 @boog900: It is nowhere that drastic 23:35:07 I still don't follow your point with legality. Either we have to listen to the government (meaning Monero is useless) or we don't (in which case their declaration that a HF is illegal is irrelevant) 23:35:25 @articmine: nodes falling out of consensus allowing double spends is one of the worst things for a crypto 23:35:55 We have to listen to t government but we do not need to 23:36:03 and like whats the point? 23:36:13 we can't handle txs above the limit anyway 23:36:24 So 5% :P? > <@boog900> As I said earlier I don't necessarily support any specific scaling proposal I just want us to actually take moneros limits into account rather than just targeting arbitrary payment networks numbers. 23:36:49 Starting at 300kb :P (im joking. Dont shoot) 23:37:04 @ofrnxmr:xmr.mx: Don't be crazy. 1%. Starting at 100kb. 23:37:08 Lets get to 0.65 tps in 2035 23:37:44 30kb blocks NOW 23:37:45 @blurt4949:matrix.org: If the government says no hard fork, but what we want is already there then the question is moirt 23:38:04 assuming a government would freeze the protocol but can't also enforce changes is silly IMO 23:38:09 Moot 23:38:24 It could just ban monero outright in that case 23:38:25 they could just nuke scaling by forcing a change 23:39:05 @boog900: This and banning is way harder 23:39:43 its not really, it could be a soft fork 23:39:55 no hard fork needed 23:40:09 if they can prevent a HF then they can also ban it. If they can't ban it then they can't prevent a HF 23:41:03 Not necessarily 23:41:50 In an adversarial situation one wants the status quo in one favor 23:41:53 A government right now could spam monero enough for all nodes to fall out of sync within a week 23:42:08 these arguments are stupid 23:42:44 hell they wouldn't need to spam txs they can just mine 23:42:49 @boog900: ... and loose in their own courts 23:42:54 which govt are we talking about, the world govt? 23:44:04 @articmine: relying on the legal system to keep monero alive is crazy 23:44:24 not all governments play fair 23:45:42 You want inertia on your side not against you 23:45:52 I have already said I support "infinite" scaling FWIW 23:46:04 it just has to take a sufficient amount of time 23:46:16 and before then we need to work with our limits 23:54:15 15 years ago "spam" was given as the reason for crippling Bitcoin with a 1MB blocksize. The goalposts of the limitations have moved drastically. The 1MB limit remains in Bitcoin 23:54:34 This is a lesson I will not forget 23:56:27 so do you support allow more tx/s than monerod can handle? 23:56:47 in blocks fwiw* 23:57:17 on the months scale* 23:58:14 It has worked for over 11 years. So yes 23:58:33 The alternative is far worse 23:58:54 fair, crazy. 23:59:23 we have had vulnerabilities for years should we just not fix them?