hmmm, another discussion about matrix not working

<o​frnxmr:xmr.mx> Yea, i'm pretty sure the monero.social homeserver is just broken :)

OK, let's form an issue statement to work on. This looks like a start? "<k​ewbit:matrix.org> I lost connection to Monero community workgroup help. Is it overloaded? Nah just forever loads on laptop, phone it’s gone"

To start I'll look at the metrics and then I'll try to login as well

Need to check something unrelated first.

it honestly appears as if the state of the rooms is being rolled back, or certain info is being dropped

Monero-website is missing the profile pic for monero.social users, even though it was just added

state resets is a known problem with matrix. the protocol and server implementation is just broken

<r​ecanman:kernal.eu> Yep

<o​frnxmr:xmr.mx> its werid tho, bcuz if youre on a different homeserver (like xmr.mx) the rooms and users on other homeservers appear to be fine

<o​frnxmr:xmr.mx> Example: ofrnxmr:monero.social cannot seen plowsof:matrix.org's pfp, but the pfp is older than the sky

<p​igeons:monero.social> I'm not having any of the connection or latency issues, but I can reproduce some of the missing profile pictures, so that gives me a place to start looking.

<o​frnxmr:monero.social> The conn issues arent easily reproducible. They happen to random ppl at random times.

<o​frnxmr:monero.social> quickex was dropped from this room, i was as well. I think someone else too, all at different times

<o​frnxmr:monero.social> While many others (like syntheticbird) had accounts that were unaffected

<s​yntheticbird:monero.social> this so much true

<f​r33_yourself:monero.social> Could you elaborate on this? What would this look like in practice?

<o​frnxmr:xmr.mx> 1. Blocking port 18080 2. inspect packets for monero p2p traffic and block it

<o​frnxmr:xmr.mx> 3. Mitm "fire sheep" [self-signed] rpc traffic

<s​yntheticbird:monero.social> this so much true

<b​asses:matrix.org> change port, use Tor or VPN

<s​yntheticbird:monero.social> Use tor or vpn => block connection guard nodes/block wireguard/openvpn connections

<s​yntheticbird:monero.social> It's more than easy for any country to make a GFW

<s​yntheticbird:monero.social> look there is even an open source re implementation of china GFW: github.com/apernet/OpenGFW

<s​yntheticbird:monero.social> > **Use cases**

<s​yntheticbird:monero.social> > Help you fulfill your dictatorial ambitions

<o​frnxmr:xmr.mx> No incoming connections is you use tor or most centralized VPN

<o​frnxmr:xmr.mx> And if you use a centralized VPN that does have port forwarding, your node will share an ip with many others

<o​frnxmr:xmr.mx> And if your vpn provider is using an ISP that blocks monero, well, youre SOL

<o​frnxmr:xmr.mx> if monero had onion/i2p blockchain sync, it would cause issues with network speed / scaling

<o​frnxmr:xmr.mx> "change port" requires upnp to work, disregarding firewalls, and doesn't do anything about packet analysis

<o​frnxmr:xmr.mx> When he says VPN, he means mullvas. Rando doesnt believe in traditional VPN connections :D

<s​yntheticbird:monero.social> The only combination that would work out would be Wireguard over Shadowsocks + DAITA and it's supposing the firewall don't store the IP addresses of mullvad servers

<b​asses:matrix.org> "change port" was my solution to port blocking which is a common thing, VPN/Tor can easily bypass it countries that doesn't block them

<b​asses:matrix.org> yes DAITA by mullvad is the only VPN that can protect you against traffic analysis

<b​asses:matrix.org> "change port" was my solution to port blocking which is a common thing, VPN/Tor can easily bypass it in countries that doesn't block them

<o​frnxmr:xmr.mx> Mullvad needs to exit to clearnet

<r​ecanman:kernal.eu> Here's the actual paper: dl.acm.org/doi/pdf/10.1145/3603216.3624953

<s​yntheticbird:monero.social> Also a report from a mullvad dev: pulls.name/blog/2024-06-05-eval-first-daita-servers

<r​ecanman:kernal.eu> Adding random traffic can actually make you stand out at times, best to look at the actual research done

<s​yntheticbird:monero.social> I plan on adding MaybeNot to Cuprate in the future. Iirc there is also someone working on monerod traffic obfuscation

<r​ecanman:kernal.eu> Cool!

<b​asses:matrix.org> Windscribe also does that but it is not as advanced with AI 🚀

<b​asses:matrix.org> blog.windscribe.com/combating-traffic-correlation-attacks-decoy-mode

<s​yntheticbird:monero.social> rando DAITA do not use AI

<r​ecanman:kernal.eu> Lol

<r​ecanman:kernal.eu> Read the paper before making conclusions

<b​asses:matrix.org> oh lool

<s​yntheticbird:monero.social> MaybeNot is just a unified framework of network state machine that give you instruction on padding, delays and fragmentation

<r​ecanman:kernal.eu> Now here's the thing: There is no technical background on this blog post. Adding random traffic can make you stand out!

<r​ecanman:kernal.eu> Adding random traffic only (can) protect you against one type of correlation attack, but many others exist

<s​yntheticbird:monero.social> See reference implementation of defenses used by researcher: github.com/ewitwer/maybenot-defenses

<b​asses:matrix.org> stand out as someone using this feature, because more traffic isn't that much suspicious.

<s​yntheticbird:monero.social> That mostly. Also if you add truly random noise in your traffic you can just noice cancel it and it would add no protection.

<s​yntheticbird:monero.social> The main point is not to add noise. but make your traffic looks like noise

<r​ecanman:kernal.eu> SyntheticBird explained it, and additionally, it depends on the amount of information adversary has

<r​ecanman:kernal.eu> SyntheticBird explained it, and additionally, it depends on the amount of information/access adversary has

<o​frnxmr:xmr.mx> As if conatantly streaming blockchain traffic doesnt already standout

<r​ecanman:kernal.eu> It does, and that is a big problem for people in certain places

<o​frnxmr:xmr.mx> With 15 outgoing connections and 100 incoming

<r​ecanman:kernal.eu> An option is tor

<o​frnxmr:xmr.mx> Tor doesnt so incoming

<r​ecanman:kernal.eu> But even then, yes, incoming/outgoing connections can be suspicious

<r​ecanman:kernal.eu> Oops, yes, you're right

<o​frnxmr:xmr.mx> I2p at least runs a relay by default, so (if we had blockchain sync over tor/i2p) your traffic would be mixed in with relay traffic (afaik)

<s​olar:monero.social> That's right

<b​asses:matrix.org> >The paper was written responsibly using ChatGPT, Github Copilot, and Grammarly.

<b​asses:matrix.org> Respect the honesty

<s​yntheticbird:monero.social> I just want i2p written in Rust with modern crypto algorithm that are fast and safer. Is that so much to ask ?

<o​frnxmr:xmr.mx> LOL

<s​yntheticbird:monero.social> LMAO

<r​ecanman:kernal.eu> Yes haha

<s​olar:monero.social> Which algorithms would you like to see implemented?

<b​asses:matrix.org> used AI 🤣

<s​yntheticbird:monero.social> replace every hash by Blake3 would be a start

<s​yntheticbird:monero.social> then also use muh Falcon or Kyber post quantum

<b​asses:matrix.org> github.com/samuel-lucas6/Cryptograp…s?tab=readme-ov-file#use-in-order-4

<b​asses:matrix.org> BLAKE3-256: the fastest cryptographic hash in software at the cost of having a lower security margin and being limited to a 128-bit security level. It's also rarely available in cryptographic libraries. However, it improves on BLAKE2 in that there’s only one variant that covers all use cases (it’s a regular hash, PRF, MAC, KDF, and XOF), but depending on the cryptographic libr<clipped message>

<b​asses:matrix.org> ary you use, this probably isn't something you’ll notice when using BLAKE2b anyway. I'd only recommend this when speed is of utmost importance because it's not conservative.

<s​yntheticbird:monero.social> Interesting. I didn't know Blake3 had a 128bit security level. So only relevant for pre-quantum applications.

<o​frnxmr:xmr.mx> Aren't our seeds /privkeys limited to 128bit?

<o​frnxmr:xmr.mx> I don't remember, maybe just a polyseed thing?

<t​rojanvolta:hackliberty.org> yes , and thats why a quantum day would reverse our public keys to private keys .

<s​yntheticbird:monero.social> Yes. Our keys and overall cryptography is based upon Curve25519 which offers 128bit security

<r​ecanman:kernal.eu> seed/polyseed is a representation of the private key

<r​ecanman:kernal.eu> Here's a nice resource: getmonero.dev/cryptography/asymmetric/private-key.html

<o​frnxmr:xmr.mx> docs.getmonero.org/cryptography/asymmetric/private-key

<o​frnxmr:xmr.mx> FIFY

<r​ecanman:kernal.eu> Oh, cool, new website

<r​ecanman:kernal.eu> Thanks ofrnxmr

<o​frnxmr:xmr.mx> 83.md.monerodevs.org/mnemonics/polyseed here too

<o​frnxmr:xmr.mx> My point was that the argument between 12 vs 24 word bitcoin seeds was (iirc) something about 24 being pointless due to the security of the key being limited to the security of 12 words

<r​ecanman:kernal.eu> Ohh

<r​ecanman:kernal.eu> Okay

<r​ecanman:kernal.eu> Thanks for clarifying

<o​frnxmr:xmr.mx> And polyseed being less words because more words doesnt actually increase the security. I think that may have been the reason for the bump from 14 to 16 words for polyseed (checksum, birthday, features + privkey)

<s​yntheticbird:monero.social> I still want a simple cli program that convert 25 words seeds + birth date into 16 word polyseed

<r​ecanman:kernal.eu> Why not do it?

<r​ecanman:kernal.eu> What's the issue?

<r​ecanman:kernal.eu> There should be a reference implementation of polyseed somewhere

<r​ecanman:kernal.eu> github.com/recanman/docs/blob/main/…monero-convert-between-wordlists.md

<r​ecanman:kernal.eu> Convert between 25-word seed wordlists

<s​yntheticbird:monero.social> I love you

<r​ecanman:kernal.eu> Someone asked how to convert old english to english a few months back, so I made this

<o​frnxmr:xmr.mx> 83.md.monerodevs.org/mnemonics/polyseed

<o​frnxmr:xmr.mx> i dont think its possible ?

<r​ecanman:kernal.eu> I don't even know how polyseed words, let me read

<o​frnxmr:xmr.mx> You can go from poly to legacy, but not legacy to poly

<o​frnxmr:xmr.mx> github.com/tevador/polyseed more detailed here

<o​frnxmr:xmr.mx> iiuc

<r​ecanman:kernal.eu> Not directly because of the wallet birthday embedding

<r​ecanman:kernal.eu> github.com/DiosDelRayo/polyseed-python

<o​frnxmr:xmr.mx> For that youd just need to convert the restore height to an approximate date

<r​ecanman:kernal.eu> Yeah

<o​frnxmr:xmr.mx> Date after nov 2021

<r​ecanman:kernal.eu> I need to look into the code to look at the representation of the private keys

<o​frnxmr:xmr.mx> > The wallet birthday has a resolution of 2629746 seconds (1/12 of the average Gregorian year). All dates between November 2021 and February 2107 can be represented.

<r​ecanman:kernal.eu> matrix.monero.social/_matrix/media/…/kernal.eu/uYFEgKcBiAfzhkbXhhLzZthQ

<r​ecanman:kernal.eu> `feature` bits are pretty clear along with `birthday`

<o​frnxmr:xmr.mx> Yeah

<o​frnxmr:xmr.mx> tevador/polyseed 90f0a46

<r​ecanman:kernal.eu> Ah, here are some tests: github.com/DiosDelRayo/polyseed-python/blob/master/test_polyseed.py

<r​ecanman:kernal.eu> In a couple of hours I think I can get something working but don't have the time unfortunately

<r​ecanman:kernal.eu> Well, possibly on Monday... not sure as always

<o​frnxmr:xmr.mx> Definitely cant use seeds older than 2021(?)

<r​ecanman:kernal.eu> Well, the birthday would be messed up, yeah

<o​frnxmr:xmr.mx> Afaik you cant convert a pkey into a polyseed,

<s​yntheticbird:monero.social> i'll make a new wallet then

<r​ecanman:kernal.eu> Why not?

<o​frnxmr:xmr.mx> Pkey is deroved from the polyseed ping vthor and detherminal

<s​yntheticbird:monero.social> I think you can. I better hope Polyseed is a mapping function not just an encoding one.

<o​frnxmr:xmr.mx> Because the pkey is a derivation of the feature bits, birthday etc, not the other way around

<s​yntheticbird:monero.social> oh in that sense

<r​ecanman:kernal.eu> hmm

<o​frnxmr:xmr.mx> I remember (maybe) tevador saying it was a 1 way function, and detherminal's writeup on poly states that, unlike legacy, the key is a derivation of the seed. Legacy seeds can be created by knowing the key, but polyseeds cant be created by knowing the key

<r​ecanman:kernal.eu> That's a very interesting approach

<s​yntheticbird:monero.social> by just knowing the key? or with every features?

<o​frnxmr:xmr.mx> tobtoht might also know the answer, but he's not in this room

<s​yntheticbird:monero.social> oh no I think you're right

<s​yntheticbird:monero.social> there is a argon2 story behind it

<r​ecanman:kernal.eu> Looks like you're right

<r​ecanman:kernal.eu> >The private key is derived from the 150-bit secret seed using PBKDF2-HMAC-SHA256 with 10000 iterations

<s​yntheticbird:monero.social> ah PBKDF2 I see tevador is racist.

<r​ecanman:kernal.eu> Wait, 10k iterations only?

<r​ecanman:kernal.eu> NIST recommends 600k lol

<s​yntheticbird:monero.social> OWASP*

<s​yntheticbird:monero.social> not NIST

<r​ecanman:kernal.eu> Really? I remember seeing it on NIST website

<s​yntheticbird:monero.social> I found cheatsheetseries.owasp.org/cheatshe…ord_Storage_Cheat_Sheet.html#pbkdf2

<s​yntheticbird:monero.social> and their NIST link do not redirect to any 600k reference

<r​ecanman:kernal.eu> 🤷

<s​yntheticbird:monero.social> > Therefore, the iteration count SHOULD be as large as verification server performance will allow, typically at least 10,000 iterations.

<s​yntheticbird:monero.social> from NIST website

<o​frnxmr:xmr.mx> > The KDF parameters were selected to allow for the key to be derived by hardware wallets.

<r​ecanman:kernal.eu> Yeah I saw that. Just unusual for me

<o​frnxmr:xmr.mx> I do think its strange and contradictory to use a low number BECAUSE of supposed high security devices

<o​frnxmr:xmr.mx> Like "we could have used 600k, but because we want secure devices, we'll use the bare minimum of 10k"

<r​ecanman:kernal.eu> No idea

<s​yntheticbird:monero.social> I suppose it probably doesn't matter that much. The entropy of the 150bit secret seed is high enough unlike a password

<s​yntheticbird:monero.social> It's more a matter of getting more bit from it than really making it hard to do the reverse

<o​frnxmr:xmr.mx> my password is password4321

<o​frnxmr:xmr.mx> And for those tricky websites its pass1234*/-+

<o​frnxmr:xmr.mx> I always forget if its +- or -+ (±)

<j​ohnjoy66:matrix.org> Hey there! I wanted to let you know that I have a Telegram channel where I share some amazing Verified sauce and soft cashout

<j​ohnjoy66:matrix.org> Here are some of the things you can find on my channel:

<j​ohnjoy66:matrix.org> - Apple Pay

<j​ohnjoy66:matrix.org> - Bank logs/ bank drops

<j​ohnjoy66:matrix.org> - Chime transfer

<j​ohnjoy66:matrix.org> - Cashapp

<j​ohnjoy66:matrix.org> - Clone card

<j​ohnjoy66:matrix.org> - Credit Cards( Cvv )

<j​ohnjoy66:matrix.org> - CC sites

<j​ohnjoy66:matrix.org> - PayPal transfer

<j​ohnjoy66:matrix.org> - Wellsfargo sauce

<r​ecanman:kernal.eu> Does this actually work?

ofrnxmr: "Afaik you cant convert a pkey into a polyseed" <- you can't

<j​ohnjoy66:matrix.org> Hey there! I wanted to let you know that I have a Telegram channel where I share some amazing Verified sauce and soft cashout

<j​ohnjoy66:matrix.org> Here are some of the things you can find on my channel:

<j​ohnjoy66:matrix.org> - Apple Pay

<j​ohnjoy66:matrix.org> - Bank logs/ bank drops

<j​ohnjoy66:matrix.org> - Chime transfer

<j​ohnjoy66:matrix.org> - Cashapp

<j​ohnjoy66:matrix.org> - Clone card

<j​ohnjoy66:matrix.org> - Credit Cards( Cvv )

<j​ohnjoy66:matrix.org> - CC sites

<j​ohnjoy66:matrix.org> - PayPal transfer

<j​ohnjoy66:matrix.org> - Wellsfargo sauce

<o​frnxmr:xmr.mx> Dm me

<o​frnxmr:xmr.mx> I'm interested

<o​frnxmr:xmr.mx> I dont use telescam tho

<o​frnxmr:xmr.mx> Thanks vthor

"ah PBKDF2 I see tevador is racist" <- ? Wuut :D

<r​ecanman:kernal.eu> No idea what that meant. Anyways, why was PBKDF2 the choice?

<j​ohnjoy66:matrix.org> Hey there! I wanted to let you know that I have a Telegram channel where I share some amazing Verified sauce and soft cashout

<j​ohnjoy66:matrix.org> Here are some of the things you can find on my channel:

<j​ohnjoy66:matrix.org> - Apple Pay

<j​ohnjoy66:matrix.org> - Bank logs/ bank drops

<j​ohnjoy66:matrix.org> - Chime transfer

<j​ohnjoy66:matrix.org> - Cashapp

<j​ohnjoy66:matrix.org> - Clone card

<j​ohnjoy66:matrix.org> - Credit Cards( Cvv )

<j​ohnjoy66:matrix.org> - CC sites

<j​ohnjoy66:matrix.org> - PayPal transfer

<j​ohnjoy66:matrix.org> - Wellsfargo sauce

<o​frnxmr:xmr.mx> xmrscott

hey moron, can you stop flooding the channel while I'm reading?

<r​ecanman:kernal.eu> He's sharing Verified sauce and soft cashout vThor, hear him out 😄

<s​yntheticbird:monero.social> matrix.monero.social/_matrix/media/…ero.social/rBRtwAQWpvGWTObqEJXsIYFm

<s​yntheticbird:monero.social> legendary

<s​yntheticbird:monero.social> plowsof: can i be mod

<s​yntheticbird:monero.social> pretty please

<r​ecanman:kernal.eu> I'd like to have those powers as well plowsof

<s​yntheticbird:monero.social> recanman deserve them

yepp it is seed -> PBKDF2 -> pubkey. And polyseed has also an encryption, what seems not to be used not in feather nor in ANONERO, but the password is then applied as an offset when I recall right (still something I need to fix to keep it compatible).

<s​yntheticbird:monero.social> private key not pubkey vThor

<r​ecanman:kernal.eu> heh

yes, did I write pubkey :/

<r​ecanman:kernal.eu> yep

yes ...

Time to do more drugs then :D

<s​yntheticbird:monero.social> best choice

whatever you do, never allow syntheticbird any kind of power here

<s​yntheticbird:monero.social> LMAO

*rofl*

meant meds, but it's the same as drugs, comes only in a blister instead of milar or a bag :D

<o​frnxmr:xmr.mx> Syn, check you dm

<s​yntheticbird:monero.social> there is nothing