<a​r1234fin:matrix.org> Hi, I'm new here, do you have any suggestions for a monero wallet, I don't know the types. Please help, thank you.

<o​frnxmr:xmr.mx> what sort of user are you?

<3​21bob321:monero.social> Apple/andriod/Linux/windows,GUI,CLI

<i​mprevisto:matrix.org> I suggest command like monerod if you can handle it 😄

<d​ormouse:matrix.org> Yep, the cli tools are great.

<d​ormouse:matrix.org> If you can't handle those (which is not an insult), you can use the GUI apps. From GUI frontends among such projects I've seen, Monero definitely rules.

<z​cash:unredacted.org> Consider using Zcash

<z​cash:unredacted.org> Monero is vulnerable after OPSEAD and is no longer secure

o_0

there's a reason why damn near nobody uses zcash

despite it being older and in theory more established

<z​cash:unredacted.org> No one will use Monero soon. Monero shills are hiding the discovery of OPSEAD. Once OPSEAD becomes more well-known, DNMs will switch to Zcash. Ring signatures are not secure compared to zk-snarks

<z​cash:unredacted.org> Monero had a good run

<r​ucknium:monero.social> zcash: It's spelled OSPEAD!

<z​cash:unredacted.org> Monero is vulnerable after OSPEAD and is no longer secure

<z​cash:unredacted.org> No one will use Monero soon. Monero shills are hiding the discovery of OSPEAD. Once OSPEAD becomes more well-known, DNMs will switch to Zcash. Ring signatures are not secure compared to zk-snarks

<z​cash:unredacted.org> Fixed jajaja

<z​cash:unredacted.org> Monero was always vulnerable, btw, and the shills were lying to you. Zcash is seriously better

<z​cash:unredacted.org> It's why Edward Snowden chose Zcash over Monero

<m​onero.arbo:matrix.org> (: bitinfocharts.com/comparison/transactions-xmr-zec.html#alltime

<z​cash:unredacted.org> You're just like the Bitcoiners who show a chart of BTC/XMR whenever valid criticisms come up against BTC

<m​onero.arbo:matrix.org> one of the most important aspect of money is having other users to interact with =p

<z​cash:unredacted.org> No one from this community has provided a valid criticism against Zcash. It's just dubious arguments about transaction numbers, centralization (when everything is open source and free), or misinformation

<m​onero.arbo:matrix.org> I'm just playing, why would anyone seriously engage a troll?

<m​onero.arbo:matrix.org> u show up here and say "debate me or I win" lmao

<z​cash:unredacted.org> You don't understand how zkp work. Zcash doesn't use vulnerable decoy transactions like Monero

<s​huroii:matrix.org> I've never even heard of zcash

<z​cash:unredacted.org> Because of the shills' efforts

<s​huroii:matrix.org> Can you link me some papers that talk about its security strategies and threat models?

<s​huroii:matrix.org> And what it does to protect against those models

<m​onero.arbo:matrix.org> Yeah because it's not even in the top 100, has a for profit company behind it that takes 10% of mining rewards.... and wait, did they abandon PoW yet? smdh

<z​cash:unredacted.org> No, I won't participate in that kind of shilling. I don't know if it's allowed here. I'm not a paid shill like some Monero supporters. DYOR

<m​onero.arbo:matrix.org> shit I remember when XMR and ZEC were like the same price, but Electric Coin Company dumps on y'all hard af

<z​cash:unredacted.org> I'm just here to say Monero isn't vulnerable, Zcash is an option

<z​cash:unredacted.org> I'm just here to say Monero is vulnerable, Zcash is an option

<m​onero.arbo:matrix.org> so true

<s​huroii:matrix.org> I'm legitimately asking for information about how zcash works

<p​lowsof:matrix.org> thanks for sharing

<s​huroii:matrix.org> Is that shilling?

<m​onero.arbo:matrix.org> try the ZEC channel

<z​cash:unredacted.org> Yes, because I have to provide links to Zcash resources and sites on a Monero channel

<s​huroii:matrix.org> I feel like most of us are adults and can handle criticism

wownero is better than zcash

<p​lowsof:matrix.org> yeah Shuroii stop shilling zcash

<s​huroii:matrix.org> And posting resources can hardly be considered criticism

<m​onero.arbo:matrix.org> 1 WOW = 1 WOW

<s​huroii:matrix.org> 🙏

<z​cash:unredacted.org> Proof that Monero is vulnerable: github.com/Rucknium/OSPEAD

<m​onero.arbo:matrix.org> This guy shows up to FUD us with research that the XMR community paid for

<m​onero.arbo:matrix.org> hilarious

here shuroii reddit.com/r/Monero/comments/1hcv37…of_moneros_privacy_with_fcmp_versus

<o​frnxmr:xmr.mx> I do

<z​cash:unredacted.org> One of many vulnerabilities. You also have to watch Breaking Monero, and there are still some left that haven't been discovered

<p​lowsof:matrix.org> Shuroii:

<o​frnxmr:xmr.mx> zcash wallets cant even rotate the T addr

<z​cash:unredacted.org> I'm committed to providing unbiased information

<m​onero.arbo:matrix.org> Rucknium (the author) is literally in the room with us bro

<s​huroii:matrix.org> I think this post doesn't have an accessible source; I'm prompted to sign into X if I want to read more than just the image

<s​huroii:matrix.org> Surely zcash has a paper?

<m​onero.arbo:matrix.org> Breaking Monero was also made by community members. Nobody hides anything

<o​frnxmr:xmr.mx> zcash has a more centralized supply allocation than the federal reserve

<m​onero.arbo:matrix.org> By all means watch it, I recommend it to people all the time

<p​lowsof:matrix.org> safereddit.com/r/Monero/comments/1h…of_moneros_privacy_with_fcmp_versus Shuroii

<z​cash:unredacted.org> Breaking Monero was created by a one individual from the Monero community, while the other person is connected to law enforcement (FBI)

<o​frnxmr:xmr.mx> How can someone claim zcash to he decentralized when it has a 20% tax on emissions

<z​cash:unredacted.org> False

<p​lowsof:matrix.org> Shuroii: before you ask, xcancel.com/iAnonymous3000/status/1867117434718568747

<o​frnxmr:xmr.mx> ???

<s​huroii:matrix.org> Thanks, but the Reddit page wasn't what I took issue with; the actual meat of the discussion was on the thread posted on X, which us behind a-

<s​huroii:matrix.org> Thanks!

<z​cash:unredacted.org> You haven't kept up with Zcash developments in some time, and I can tell

<o​frnxmr:xmr.mx> Whats zcash' dev tax rate today?

<z​cash:unredacted.org> 0%

<z​cash:unredacted.org> The Zcash Foundation is actually facing financial challenges, and it's not without its flaws

<o​frnxmr:xmr.mx> Source?

<z​cash:unredacted.org> DYOR

<z​cash:unredacted.org> I can't post links

<o​frnxmr:xmr.mx> This isnt TG. You can post links

<m​onero.arbo:matrix.org> Zcash Foundation? What happened to Electric COin COmpany

<o​frnxmr:xmr.mx> All i'm getting is "plans" to reduce (which they've been promising for many years)

<m​onero.arbo:matrix.org> Did they switch over to Proof of Stake yet btw? That's about when I actually did stop following development

<z​cash:unredacted.org> It still exists

PoS = Poop on Stick

<s​huroii:matrix.org> This is interesting, I'd like to read more about FCMP. Moreover, the thread mentions shielded transactions are optional. Isn't that a pretty big flaw?

<z​cash:unredacted.org> No, not really. Unlike Monero, Zcash doesn't use decoy transactions

<s​huroii:matrix.org> Isn't a big requirement of shielded transactions that it has other shielded transactions to hide themselves with?

<m​onero.arbo:matrix.org> yes

<p​lowsof:matrix.org> Shuroii is on to something

<s​huroii:matrix.org> Or am I understanding the thread wrong

<s​huroii:matrix.org> This reminds me a lot of PKCE in OpenID Connect

<p​lowsof:matrix.org> anonymity pools are bad

<s​huroii:matrix.org> Where it's technically optional to implement, but not implementing it means you're left open to a suite of MITM attacks

<m​onero.arbo:matrix.org> I think the standard ZEC wallet went to shielded by default when Halo2 launched

<s​huroii:matrix.org> That's good

what happened to all the tx that were exposed?

<s​huroii:matrix.org> But what about malicious users intentionally disabling this security feature? Would that have an effect on the privacy of shielded transactions?

<o​frnxmr:xmr.mx> Unless you interact with a cex 🥲

<m​onero.arbo:matrix.org> I think Monero's layered approach is good though like, even if Ring Signatures are completely broken, addresses and amounts stay hidden. Plus I notice mr zcash is avoiding talking about fcmp. I don't see how ZEC possible remotely catches up in adoption before fcmp, even ignoring everything else

<s​huroii:matrix.org> I feel like that'd be a pretty reasonable attack; make fake fog with transactions that go back and forth

<o​frnxmr:xmr.mx> zcash sir

<o​frnxmr:xmr.mx> Wheres source for 0%

<s​huroii:matrix.org> Security should have a layered approach for sure; this is how it's handled in secure corporate environments

<o​frnxmr:xmr.mx> I even tried to askgpt

<s​huroii:matrix.org> Don't put all your eggs in one basket, and all that

<o​frnxmr:xmr.mx> All i can find is a community vote saying to keep it

<z​cash:unredacted.org> FCMP++ is super complex and the X post oversimplified it. It will heavily bloat the chain, increase transaction time for merchants/swaps, and there's still more to it

<m​onero.arbo:matrix.org> electriccoin.co/blog/eccs-position-on-the-zcash-dev-fund

<m​onero.arbo:matrix.org> Ended November of last year apparently

<s​huroii:matrix.org> Obviously there's a requirement to compromise between speed/convenience and security

<s​huroii:matrix.org> But I feel like fragmentation is a good thing in this case?

<m​onero.arbo:matrix.org> just kidding, 10% no longer goes to ECC but zcash foundation and.... grants committee still get some percent???

<m​onero.arbo:matrix.org> so they just changed who the dev tax goes to

<z​cash:unredacted.org> "It will increase transaction times to over 40 minutes for merchant and swap services

<z​cash:unredacted.org> It will increase transaction times to over 40 minutes for merchant and swap services

<m​onero.arbo:matrix.org> nah we about to get transaction chaining it's gonna be sexy

<s​huroii:matrix.org> Currency 1 could be more security focused whilst currency 2 makes some tradeoffs in favour of speed

<s​huroii:matrix.org> Isn't that still faster than an average BTC transaction? I feel like I have to wait an eternity on mine

<r​ucknium:monero.social> zcash: Are you getting your information from a LLM chat bot?

<s​huroii:matrix.org> And where are you even getting that number from?

<z​cash:unredacted.org> No

<r​ucknium:monero.social> A lot of your info on FCMP is incorrect

<z​cash:unredacted.org> No it isn't

<r​ucknium:monero.social> FCMP tx sizes are smaller than Zcash Orchard txs

<s​huroii:matrix.org> 40 minutes as a flat increase? Will this get better or worse over time as more transactions are made?

<r​ucknium:monero.social> And FCMP doesn't change tx confirmation times

<z​cash:unredacted.org> It will require merchants and swap services with multiple inputs to consolidate their transactions, which can take up to 40 minutes or longer for many of them. As I mentioned earlier, this is just one aspect of the issue

<z​cash:unredacted.org> The increase in transaction times is not flat; rather, it depends on the number of inputs

<r​ucknium:monero.social> Oh, that. Only a very small number of txs would be affected by a max inputs rules.

<s​huroii:matrix.org> I feel like this could be solved by just checking the timer on your transaction API and not chaining transactions if your API isn't being used enough to justify it? Or is this mandatory/should be mandatory for security?

<z​cash:unredacted.org> It won't significantly impact most ordinary users

<m​onero.arbo:matrix.org> are you including consolidation transactions in the confirmation time somehow??

<z​cash:unredacted.org> That's why I focused on merchant and swap services specifically

<z​cash:unredacted.org> It's mandatory

<z​cash:unredacted.org> Seraphis/JAMTIS, a more efficient alternative to FCMP++, was abandoned in favor of FCMP++ due to the black marble flood attack vulnerability. Numerous security concerns...

<s​huroii:matrix.org> What's the black marble flood attack?

<o​frnxmr:xmr.mx> electriccoin.co/blog/a-proposal-for-the-next-zcash-dev-fund posted right after

<z​cash:unredacted.org> Using remote nodes introduces an additional risk of insecurity. To clarify, I recommend reviewing the OSPEAD and watching Breaking Monero, as well as forming your own informed opinion on which coin to use

<s​huroii:matrix.org> @Rucknium your repository is very informative, thank you for posting it

<s​huroii:matrix.org> I'll read through it when I can

<z​cash:unredacted.org> Using remote nodes introduces an additional risk of insecurity. To clarify, I recommend reviewing the OSPEAD report and watching Breaking Monero, as well as forming your own informed opinion on which coin to use

<s​yntheticbird:monero.social> spam early 2023 is suspected to be a black marble attack. This attack consists into placing a lot of outputs on the chain that you know is belonging to you in an attempt to reduce the security margin of decoy selection (since you can eliminate in future transactions outputs decoys that you know is belonging to you)

<o​frnxmr:xmr.mx> Still better than using electrum

<s​huroii:matrix.org> I see

<s​yntheticbird:monero.social> Rucknium made a detailed analysis of the implication of a black marble attack in the condition of this spam that occured

<o​frnxmr:xmr.mx> This is wrong

<z​cash:unredacted.org> Monero's Electrum wallet alternative is highly susceptible to a supply chain attack

<s​yntheticbird:monero.social> Of course it is

<s​huroii:matrix.org> I'm not familiar with zcash's systems, but is a similar attack possible on zcash? If it isn't, why not?

<s​yntheticbird:monero.social> zcash transform lie or concerns into "unbiased informations"

<s​yntheticbird:monero.social> Monero's Electrum wallet?

<s​yntheticbird:monero.social> we don't have that

<o​frnxmr:xmr.mx> Seraphis/jamtis uses ringct. Its a more efficient version of ringct. Both seraphis and jamtis can bebused with fcmp

<s​yntheticbird:monero.social> too bad

<z​cash:unredacted.org> Feather Wallet

<s​yntheticbird:monero.social> Feather Wallet have forked from Electrum long ago, so idk what is your supply chain attack concern about

<o​frnxmr:xmr.mx> No.. thats a normal wallet

<s​yntheticbird:monero.social> from scratch?

<r​ucknium:monero.social> Probably means Feather, whose UI is Electrum-like, yet doesn't use BTC's electrum server "backend".

<s​yntheticbird:monero.social> thats nice

GUIX build process?

<r​ucknium:monero.social> Did Feather ever start from the Electrum code base?

<o​frnxmr:xmr.mx> I mean, it doesnt use electrum servers, it uses monero nodes

Someone already tried to host a feather wallet phishing site. Didnt last long

<o​frnxmr:xmr.mx> i think it was just inspired by, but not sure

<r​ucknium:monero.social> That's what I think, too

<z​cash:unredacted.org> tobtoht can easily introduce a backdoor. It is only maintained by one developer and has not been audited. For all we know, the wallet could use insecure RNG to steal funds

<z​cash:unredacted.org> When generating the polyseed

<s​huroii:matrix.org> Do zcash and Monero both have a reference wallet to compare against one another? How do they have supply chain security?

<s​huroii:matrix.org> I.E. signed builds/commits, transparent change history

<s​huroii:matrix.org> If CI is used, where is that hosted, on whose hardware

<s​yntheticbird:monero.social> sorry sir, Supply chain security is about third-party, not first-party

<s​huroii:matrix.org> Is that signed in any way

<o​frnxmr:xmr.mx> Yes and yes ...

<o​frnxmr:xmr.mx> And feather is bootstrappable lol.

<o​frnxmr:xmr.mx> Fully reproducible

<s​yntheticbird:monero.social> "Oh no! the maintainers of an application can backdoor it" => yes, yes that's not a vulnerability

<s​huroii:matrix.org> How can I verify that the copy of the source code of say, Montero's GUI wallet, is not altered by the platform hosting it?

<s​yntheticbird:monero.social> dumbass

<s​huroii:matrix.org> That's great!

<o​frnxmr:xmr.mx> GUI on linux ans mac is reproducible

<o​frnxmr:xmr.mx> you verify the hashes of your build against the signed hashes

<z​cash:unredacted.org> A wallet with insecure RNG can still be compiled and used, as long as it has not been rigorously audited it's not secure

<z​cash:unredacted.org> I'll list the known vulnerabilities without getting into semantic debates

<s​huroii:matrix.org> That's good

<s​huroii:matrix.org> And what about the validity of those signatures? Have developers of these projects gotten compromised before?

<m​onero.arbo:matrix.org> feather actually has a very cool feature to let you use physical dice rolls as an additional source of entropy

<s​huroii:matrix.org> Is there any protection mechanism in place for if a private key were to be compromised?

<o​frnxmr:xmr.mx> We have "build partied" where multiple devs produce the same binaries

<s​huroii:matrix.org> That's cool

<o​frnxmr:xmr.mx> The signed hashes (for nearly allntop cryptos) are attested to and uploaded to a git repo by multiple people

<m​onero.arbo:matrix.org> yeah I participate in builds for Monero and feather and I'm nobody, it's an open process, more people the better

<s​huroii:matrix.org> So if a developer were to produce a binary that differs from the rest despite using "the same" codebase, we'd be able to tell that they're compromised in some form?

<o​frnxmr:xmr.mx> Feather has build parties too

<o​frnxmr:xmr.mx> Yes

<s​yntheticbird:monero.social> The hash would mismatch

<s​huroii:matrix.org> Seems fair

<s​yntheticbird:monero.social> zcash other FUD you have in mind

<s​huroii:matrix.org> Is this standard practice for both zcash and Monero projects?

<z​cash:unredacted.org> Who cares when there is only one developer with access to the codebase? What they can do is change the source code, introduce a vulnerability, and even if all builds are the same, it doesn't matter unless it's audited. Open source isn't magic

<s​huroii:matrix.org> That's true

<s​huroii:matrix.org> But if you're using software written and audited by only a single person for such a high security requirement situation, that may not be the right choice

<s​huroii:matrix.org> And it may be wise for the developer of such software to invest in measures to prove they're not compromised

<z​cash:unredacted.org> No one is actively reviewing all the libraries and code that tobtoht has written. I tried, but it's too long

<s​huroii:matrix.org> Such as the aforementioned build parties

<o​frnxmr:xmr.mx> "too long" ;)

<s​huroii:matrix.org> Who is tobtoht?

<s​huroii:matrix.org> Is zcash written by a single indiviual?

<s​yntheticbird:monero.social> maintainer of Feather wallet

<r​ucknium:monero.social> The GUI CLI desktop wallet are the "official" wallets released by the Monero Project, not Feather.

<s​yntheticbird:monero.social> and monerod developer

<s​huroii:matrix.org> Ah

<z​cash:unredacted.org> The reason why I'm concerned about Feather Wallet is that tobtoht is the only active developer there. Monero-cli and Monero GUI, however, do not suffer from the same issue because they have more developers watching over them

<s​yntheticbird:monero.social> "Look guys there is this wallet that is handled by one guy that cul dbe compromised". conclusion? MONERO IS COMPROMISED!

<z​cash:unredacted.org> No

<r​ucknium:monero.social> Shuroii and zcash seem to be sock-puppeting. Seen that before in this room.

<e​longated:matrix.org> Change your username first to ztrash

<o​frnxmr:xmr.mx> Does bro think that linux libs are maintained by groups of 30 people with 10 auditors?

<o​frnxmr:xmr.mx> What about ywallet or nighthawk

<s​yntheticbird:monero.social> did Shuroii joined recently?

<z​cash:unredacted.org> Many people are using Feather Wallet, but it only supports Polyseed. No other wallet supports Polyseed, except for Cake Wallet, which is even worse

<s​huroii:matrix.org> I've been here for a while

<s​huroii:matrix.org> I just don't talk often

<o​frnxmr:xmr.mx> Bullshit

<m​onero.arbo:matrix.org> incorrect, feather supports 3 diff seed formats including standard 25 word seeds

<m​onero.arbo:matrix.org> u just making shit up dude

<e​longated:matrix.org> Only supports polyseed lol, go back to ztrash

<z​cash:unredacted.org> Monero GUI and Monero CLI do not support Polyseed

<s​huroii:matrix.org> I've talked with the dev of XPG for implementing it in a application I've made, which is why I initially joined

<o​frnxmr:xmr.mx> Polyseed is by tevador, creator of randomx and tor pow

<z​cash:unredacted.org> Polyseed is the default

<m​onero.arbo:matrix.org> you can get 25 words from a polyseed wallet

<z​cash:unredacted.org> I apologize, you're correct. It's not the only one

<o​frnxmr:xmr.mx> Monfluo, anonero, feather, cake, stack, and wownero all support polyseed

<s​huroii:matrix.org> But now I'm also learning about what Monero is implementing in the future and what alternatives are doing

<z​cash:unredacted.org> I haven't seen any implementation of Polyseed. You would have to implement it yourself or use a less secure wallet. None of the official wallets support it

<z​cash:unredacted.org> Not official

<s​yntheticbird:monero.social> yeah it seemed to me I've seen you before

<z​cash:unredacted.org> I haven't seen any implementation of Polyseed -> 25 words. You would have to implement it yourself or use a less secure wallet. None of the official wallets support it

<s​huroii:matrix.org> I don't immediately recognise you, sorry

<o​frnxmr:xmr.mx> Take a guess who will add it to the "official" wallets?

<s​huroii:matrix.org> 🙏

<s​iren:kernal.eu> 25 words 🤔

<s​yntheticbird:monero.social> all fine you don't have to

<z​cash:unredacted.org> tobtoht

<o​frnxmr:xmr.mx> Syntheticbird

<s​yntheticbird:monero.social> it's just that plowsof suspect sock puppeting, but i don't think it the case

<o​frnxmr:xmr.mx> 24?

<z​cash:unredacted.org> I'm not Shuroii

<s​iren:kernal.eu> Oh man...

<s​huroii:matrix.org> I can't vouch for myself with such a claim, but it's definitely a pretty grave accusation

<o​frnxmr:xmr.mx> I do

<z​cash:unredacted.org> I'll be off now. Please don't believe the hype. Keep Zcash in mind @shuroii:matrix.org

<s​yntheticbird:monero.social> he isn't accusing, just emitting the hypothesis.

<z​cash:unredacted.org> DYOR don't listen to the shills

<s​iren:kernal.eu> He is a troll/sockpuppet but unrelated to you

<o​frnxmr:xmr.mx> That ztrash is a sock? Like 98% chance

<o​frnxmr:xmr.mx> ztrash isnt their normal handle

<s​huroii:matrix.org> And I can't lie that it's tempting to go along with zcash (the user) for the meme because much like the troll from last month, this one is also moderately entertaining

<z​cash:unredacted.org> I can DM on Twitter. My main account is active, and it's often discussing Zcash using a Luffy profile

<z​cash:unredacted.org> I won't leak my username

<z​cash:unredacted.org> I think you already know me

<s​huroii:matrix.org> I remember getting dm'd by the guy from last month and he disabled encryption in the room stating that it's not relevant because I'm on matrix.org

<m​onero.arbo:matrix.org> it's literally implemented in feather wallet, which has amazing documentation btw docs.featherwallet.org/guides/seed-scheme

<s​huroii:matrix.org> Then he deleted all his messages despite message deletion being voluntary for servers and clients

<s​yntheticbird:monero.social> bruh

Meow

<s​yntheticbird:monero.social> OH NI NIOC

<s​yntheticbird:monero.social> HI*

<s​iren:kernal.eu> I occasionally get the same

<s​huroii:matrix.org> Brilliant remark, truly

<s​yntheticbird:monero.social> ???????

<s​huroii:matrix.org> I wonder if they're the type to turn off all security measures because of one possibly not being effective

<s​huroii:matrix.org> But this is getting off topic now

<s​yntheticbird:monero.social> Brilliant leak, truly

<s​yntheticbird:monero.social> ofrnAI am i misunderstanding?

<z​cash:unredacted.org> Not me, this is my first time on the Matrix here. I use Twitter and SimpleX

<s​huroii:matrix.org> One sec maybe I still have his room somewhere so I can get his name

<s​huroii:matrix.org> Ok I do not, damn past me, that would've been funny to bring up now

<s​huroii:matrix.org> @monerobull knows

<s​huroii:matrix.org> The troll from before the spamming in this room

<m​onerobull:matrix.org> what

<s​yntheticbird:monero.social> else

<s​huroii:matrix.org> What was his name

<s​huroii:matrix.org> He made like 5 accounts on the same day

<m​onerobull:matrix.org> kewbit?

<s​huroii:matrix.org> Maybe? I feel like it started with a B

<s​huroii:matrix.org> It was from before the massive spam in this room

<m​onerobull:matrix.org> there was a lightning shill

<s​huroii:matrix.org> Yes that guy

<m​onerobull:matrix.org> idk i dont store information this trivial :P

<s​huroii:matrix.org> Fair lol

<o​frnxmr:xmr.mx> Did anyone notice super_testnet suspended on x

<s​yntheticbird:monero.social> no i don't

<m​onerobull:monero.social> kek

<s​yntheticbird:monero.social> i have a life

<s​yntheticbird:monero.social> 👍️

<m​onerobull:matrix.org> same, dont follow these guys lol

<m​onerobull:matrix.org> <del>same</del>, dont follow these guys lol

<k​evino:tchncs.de> Which guys

<s​yntheticbird:monero.social> me

<s​yntheticbird:monero.social> I am the lightning shill

<s​huroii:matrix.org> No, it was me all along

<s​huroii:matrix.org> Why are you reacting with a rocket emoji, it should be a lightning emoji

<o​frnxmr:xmr.mx> I dont either, someone liked an old comment and it was from acct that no longer exists

<s​huroii:matrix.org> Lightning is the future!!! ⚡

<o​frnxmr:xmr.mx> I checked and it was ST, and clicking profile showed that they were suspended

<s​yntheticbird:monero.social> Some1 ELI5 wtf is CTV + CSFS ?

<s​yntheticbird:monero.social> bitcoinist are fucking drooling over this

<s​huroii:matrix.org> These are all magic words to me

<s​huroii:matrix.org> What is any of that?

<s​yntheticbird:monero.social> idk, i saw SethForPrivacy and IIdentifyAsRNG renaming themselves with this and they started going on a crusade about activating CTV + CFSF

I was jokin with Shuroii - the troll was trying to keep him ontopic

<t​obtoht:monero.social> nope, electrum is written in python. feather in c++. projects have no code in common.

<r​ucknium:monero.social> tobtoht: Thanks. That's what I thought.

<t​obtoht:monero.social> You're welcome to participate in the verified reproduction process :) github.com/feather-wallet/feather/blob/master/contrib/guix/README.md

<t​obtoht:monero.social> You may also be interested in: monerosecurity.org

<s​huroii:matrix.org> Ooo dedicated guix docs

<s​huroii:matrix.org> codeberg.org/stagex/stagex

<s​huroii:matrix.org> What about using something like this for CI builds?

<b​asses:matrix.org> OpenSnitch (Linux firewall) developer started accepting donations in Monero 🚀

<b​asses:matrix.org> github.com/sponsors/gustavo-iniguez-goya

<s​huroii:matrix.org> Thank you!

<t​obtoht:monero.social> we run guix in CI (as slow as that is). stagex is cool tho, I follow its development.

<t​obtoht:monero.social> Zcash only has reproducible builds for a single target (Linux x86_64), using Gitian. Their 'build parties' usually have no more than 2 participants. github.com/zcash/gitian.sigs

<t​obtoht:monero.social> There are eyes on the code. Ask the Fedora package maintainer. Or the Debian Cryptocoin Team. I will seek audits after FCMP++ and the wallet2 rewrite. There is too much code in flux now to make it worthwhile.

<b​asses:matrix.org> tobtoht have to thought about adding a contribution guide/doc

<o​frnxmr:xmr.mx> Also "one developer with access to the codebase" is misleading, at best. Makes it sound as though feather code was proprietary

<t​obtoht:monero.social> Setting up a dev environment is documented. I could expand on that with general guidelines, best practices, etc.

<b​asses:matrix.org> coding style, git etc

the plan is to retire both depends and gitian in favor of guix?

<t​obtoht:monero.social> guix replaces gitian. gitian is already gone on master. there are no plans to replace depends.

Thanks

Hello chat, is monero.social instance down ?

ofrnxmr plowsof tobtoht ping

SyntheticBird: wouldn't you know... as that's your home server?

that is not my homeserver...

" <syntheticbird:monero.social> Some1 ELI5 wtf is CTV + CSFS ?"

what are you on about?

ah nvm

yes I can't connect to monero.social but i don't know if its some DNS issue on my end or if the instance is globally down

thus asking in the chat

lol didn't know where your account was hosted?

no I did, but I understood "as that's your home server?" as "you are the maintainer of monero.social"

idk, im tired lol

matrix.monero.social shows a 404 os this bad?

I think it is as `/_synapse/admin/v1/server_version` endpoint is also unvailable

<l​za_menace:monero.social> still ddos shit goin on

<l​za_menace:monero.social> who runs matrix.monero.social ?

I can contact pigeons soon if they are not aware already (spoke to them earlier today coincidentally)

On your nodes lza_menace? Are they under systemd?

<l​za_menace:monero.social> yeah, my node been getting overwhelmed past few weeks. i guess some coordinated attack at seed nodes and a bug that allows monerod to become overwhelmed.

<l​za_menace:monero.social> i upgraded to the 18.4.0 pre-release where a bug fix was put into place, but i think they changed tactics, still happens

<o​frnxmr:xmr.mx> Yeah, are you running the latest release branch builds?

<l​za_menace:monero.social> > 2025-03-05 21:59:35.083 [RPC0] ERROR net.http contrib/epee/include/net/http_protocol_handler.inl:432 [127.0.0.1:40172 INC] simple_http_connection_handler<t_connection_context>::handle_invoke_query_line(): Failed to match first line: !�

<o​frnxmr:xmr.mx> Seed nodes are indeed under attack, as are featherwallet nodes

<l​za_menace:monero.social> built off commit 0232839913b13cf0ab0bb7ad25fff0c05f37d2fe

<o​frnxmr:xmr.mx> vtnerd

<l​za_menace:monero.social> worked fine initially. now i get that line and things just "freeze". process still running, but nothing being logged or happening.

<l​za_menace:monero.social> i have a script which checks for the pid, but i need to rework it to curl /get_info or something to know if it's truly up/down

<b​oog900:monero.social> pretty sure I seen this on plowsof's node and it was just the start of the P2P levin header. So someone inputting your RPC port as a P2P port

Boog900 told me what that 'match line' weird error was, noticed it also

Thnx boog

<v​tnerd:monero.social> That error can also happen if someone tries ssl and you have it disabled. Basically anytime someone starts sending invalid http data it will print

<b​oog900:monero.social> also from the logs I saw I am pretty sure the feather spam is just normal users

<b​oog900:monero.social> not an actual attack

<s​yntheticbird:monero.social> You know the song

<s​yntheticbird:monero.social> "If a network error is mark, then start wireshark"

<s​yntheticbird:monero.social> or tcpdump whatever