14:03:31 looking for some feedback - for new org page, is it preferable to have at github, gitlab, or repo.getmonero.org ? 14:03:58 surprisingly early feedback suggested github because it would have higher user engagement 14:04:56 Kind of have to agree with that 16:35:37 vtnerd_: Why not all three? 16:58:18 Lendri: wouldn't that split up discussion? 17:01:13 Hmm thats true 17:01:27 I am new to open source, so I didn't even think of that 17:16:36 yeah just I created on github - cifro-codes 17:20:28 maybe a coincidence but i recently got my ledger working with the 'pgp / ssh agent' app. it required me to install a python script (ledger_agent) ~ i can now login via ssh with my ledger / do pgp things 17:34:30 interesting org, vtnerd 17:38:11 What's an org ? 17:38:33 organization? 17:38:54 I thought about that one, but it didn't help make sense of the lines above :D 17:40:14 i stalk vtnerd on github and noticed a repo about unlocking a LUKS partition with hardware keys 17:40:35 yeah it works, and Im going to push out the code today 17:40:47 currently only with trezor, but I wouldn't be surprised if ledger works too 17:41:17 the hive mind in action, thanks! 17:41:38 *sorry, ledger won't work until I add the code, but Im not aware of any technical limitations 17:42:15 and plowsof[m] - yup - the difference is this code is designed to be statically built for linux initrd 17:43:11 so the only dependency is libusb - protobuf code is hand-rolled and uses the same interface that json serializer in monero-lws uses 17:43:23 Reminds me, I wanted to have a patch that'd read 32 bytes of a raw partition to xor with a key when loading a wallet. 17:43:53 yeah thats another thing Im trying to work on - a C++ interface for decrypting wallets, etc 17:44:14 because nearly every wallet should be decrypting metadata with these devices but arent doing it 17:44:18 Me being me, it'd have been a straight linux read(2) :D 17:44:30 and last I checked - all of the hardware wallets have shit privacy (except for monero related stuff) 17:44:40 But that sounds like a great addition, thanks. 17:45:56 anyway thats the point of the org - maybe come up with some ideas that turn $$$, to lessen my CCS requests OR at the very least have some projects that once stabilize and reviewed can be pulled into monero-project possibly 17:46:42 monero-lws is the big unknown because some have requested it go in monero-project, but if it can't Ill just re-assigned to this org 17:48:06 Well, another thing I had in my TODO (in fact, one of the first lines...) is a SSS scheme for monero-wallet-cli (really an extension of the "read 32 bytes off a partition" thing). 17:48:49 yeah that would be nice too 17:48:52 Never got round to it. IIRC it needs modular arithmetic and I'm not sure it can be done easily with EC. 17:48:58 SSS scheme? 17:49:20 Shamir's secret sharing. You split a secret in N parts so that M < N can be used to restore it. 17:49:28 Ah, ok 17:49:34 Kinda like multisig I guess... 17:49:54 Yeah, just wanted to say, can't possibly be any more complicated than multisig :) 18:05:23 https://github.com/cifro-codes/macer 18:05:23 I really should sign that code, but for the daring 18:05:23 its posted. it needs docs, and an official tarball I suppose 18:07:47 for those interested, instead of ECDH it does a ed25519 (deterministic) signature in the `macer://USER@HOST` namespace 18:09:28 since the USER@HOST is displayed on-screen, it helps with the scenario where one compromised machine can dump _other_ machine keys (the user must confirm display message) 18:10:51 a custom msg can also be displayed as well, which gets mixed into the signature output (verified by looking at trezor source) 20:02:46 moneromooo: I'd legitimately reuse multisig keygen for this, and then for recovery, just spawn n signing sessions yet leak the key share as you do it :p 20:04:26 It's potentially overkill regarding keygen as you have a trusted dealer yet act otherwise, and it'd be better for a proper key recovery function existed, yet the quickest hack to impl it is modifying the signing session code by duplicating it and renaming it :p It also just means we don't have two keygen share protocols laying around. 20:05:47 Though I will note, not to be an ass yet just to be honest, I actually already have this exact code available. That's not being an ass. The ass part is it's in Rust :p 20:05:55 So I'm not actually sure it's useful for you lol 20:12:16 A rust program for this might be welcome. It's self contained so oesn't reqiure maintainers to read/write/debug rust like it it were, say, part of the daemon being written in rust. 20:12:48 Though if it's a separate program it can also live as a separate repo and be linked. 20:12:56 But useful. 20:14:41 It's currently a library and I wrote private key recovery just for testing purposes. It'd just need to be composed into a C FFI OR hooked up to some JSON RPC server/file reader for whatever program you'd want in those regards. 20:16:19 `./monero-shamir generate --t 3 --n 5 new_keys` Print view key and address. "Please perform a test transaction before sending funds." 20:16:55 `./monero-shamir recover new_keys` Reads files in that directory to recover the key, printing the private spend key/view key/address. 20:17:02 Would that be good for you? 20:17:46 *new_keys in both of these examples are directories. It'd get populated with new_keys.1-5.json, new_keys.2-5.json... and then expect those JSON files to be there for recovery. 20:24:17 Well, I think it's a useful thing. But since I'm not contributing much at all nowadays, it's not for me to say yes/no to Rust stuff. But if people were to OK it, a standalone program would be the best way to do it. 20:27:34 I meant more specifically the API I was proposing :p 20:27:54 It sounds like this'll be mildly useful and honestly, it should only take half an hour to do if it's just those two commands. 20:31:31 I'd have got input on stdin but hey, it's personal preference really. 20:31:40 That's secondary :D 20:36:34 Fair enough :p I have my reasons against it but I'll get a proto and let you know 20:40:15 FWIW, I don't read/write/debug rust. 22:05:47 In case anyone is interested, I did successfully implement the above (albeit untested). It relies on work I have yet to disclose so I'll probably publish it in a week or so, when I publish the rest of it.