04:20:08 <br-m> <rbrunner7> @silicon.dystopia:matrix.org: https://www.youtube.com/playlist?list=PLsSYUeVwrHBnAUre2G_LYDsdo-tD0ov-y
04:20:41 <br-m> <rbrunner7> Although those are not really attempts to crack the "math". How would you even do that?
05:48:56 <br-m> <silicon.dystopia:matrix.org> @rbrunner7: i mean who knows
05:48:56 <br-m> <silicon.dystopia:matrix.org> on paper it might be solid, but the implementation might give cracks to sophisticated attacks
05:48:56 <br-m> <silicon.dystopia:matrix.org> maybe there are still some signals that are possible to extract
05:50:27 <br-m> <silicon.dystopia:matrix.org> ig i should be speaking in the past tense- i ofc dont mean any unfixed 'vulnerabilities'. im strictly interested in the past/fixed ones
07:31:46 <moneromooo> There is a tool in src/blockchain_utilities that attempts to determine which outputs are spent by examining small rings. Ideally, spent status should not be knowable, but historically, the combination of very small rings (1 and 3 members IIRC) allowed chain reactions. While theoretically possible nowadays still, the larger rings used mean the probability of still doing so with modern 
07:31:52 <moneromooo> outputs is vanishingly small.
07:32:45 <moneromooo> It's not a flaw in the math though, so might not be what you're after.
07:33:59 <moneromooo> Another one closer to a flaw in the math is the ability to spend an output up to 8 times. AFAIK it was not actually exploited before we patched it.
07:35:58 <moneromooo> Then there's presumably a lot of private work into probabity theory to break rings, but the people doing that are typically siding with the fash and not us, so that work isn't public.
07:38:56 <moneromooo> There's an interesting use of change outputs if you're sending regularly to some party. If that party often sees, in a tx sent to them, a recurrence of an output created a change to another output they received earlier, they know there's a fair chance the tx comes from the same party. The same applies if the earlier output is a recent possible-ancestor of the output sent in the newer 
07:39:02 <moneromooo> tx, but probability goes down (rather fast I think) with ancestry depth.
07:40:35 <moneromooo> All this attack surface is going to go with fcmp. AFAIK the other two layers of monero (stealth addressing and amount commitments) offer no purchase.
07:41:52 <moneromooo> About implementation side issues, there are a lot of small fingerprinting things that can help group txes probabilistically too, such as "this tx was likely created by version x of monero-wallet-cli", etc. Nothing to do with math though.
12:37:23 <br-m> <rucknium> @silicon.dystopia:matrix.org: Can you be more specific? Depending on what you mean, there have been a lot of attempts or zero. Do you mean the privacy (and deterministic or probabilistic), counterfeiting and theft protection, network stability, etc.? > <@silicon.dystopia:matrix.org> hi
13:22:51 <br-m> <milas900:matrix.org> Hello I have a question .. can ai agents exploit the private key on monero on your device ?
13:34:59 <br-m> <-----0:zano.org> @milas900:matrix.org: yes
13:40:14 <br-m> <milas900:matrix.org> @-----0:zano.org: Can you elaborate more
13:45:32 <br-m> <-----0:zano.org> @milas900:matrix.org: no. just don't do it
13:45:50 <br-m> <-----0:zano.org> haha. joking. yes i will elaborate
13:46:21 <br-m> <-----0:zano.org> most people recommend running your agents on a standalone set up, to avoid this and other issues
13:46:58 <br-m> <plowsof:matrix.org> #monero.social:monero.social  hardly an MRL topic is it . 'is my hot wallet safe' type of question
13:47:46 <br-m> <-----0:zano.org> good point
13:48:15 <br-m> <-----0:zano.org> @milas900:matrix.org: ask in the social lounge
14:17:47 <br-m> <silicon.dystopia:matrix.org> @rucknium: hiii
14:17:47 <br-m> <silicon.dystopia:matrix.org> (I'll respond to the earlier messages by moneromoo later when I have a chance to sit down :3)
14:17:47 <br-m> <silicon.dystopia:matrix.org> honestly I'm deiven by curiosity; dont have any goal in mind[... more lines follow, see https://mrelay.p2pool.observer/e/gKHmyvwKb0pRYjJl ]
14:18:39 <br-m> <silicon.dystopia:matrix.org> probabilistic is also good tho
14:22:50 <br-m> <rucknium> Biggest cryptography one is https://www.getmonero.org/2017/05/17/disclosure-of-a-major-bug-in-cryptonote-based-currencies.html
14:32:43 <br-m> <rucknium> Here is an example of what happens if you don't implement Monero's cryptography correctly: https://github.com/kayabaNerve/zephyr-verify-bulletproofs
14:33:01 <br-m> <rucknium> Check out https://moneroresearch.info/ too
14:37:00 <br-m> <rucknium> For probabilistic, see https://github.com/Rucknium/OSPEAD and https://github.com/ACK-J/Monero-Dataset-Pipeline/blob/main/Lord_of_the_Rings__An_Empirical_Analysis_of_Monero_s_Ring_Signature_Resilience_to_Artificially_Intelligent_Attacks.pdf