<angled:matrix.angled.rip> Sindy: mrelay.p2pool.observer/m/matrix.ang…ed.rip/HWvbmgylInuoaMZJoabBdisl.png (Screenshot_20251009_192721.png)

<angled:matrix.angled.rip> most recent block even displayed is p2pool from 2 days ago

<angled:matrix.angled.rip> definitely very broken

<angled:matrix.angled.rip> no idea why most of the names aren't showing up though

<elongated:matrix.org> Is there any ztrash tx vs fcmp++ txs size/efficiency information somewhere?

<spirobel:kernal.eu> @elongated:matrix.org: we should compile something. especially regarding transaction batch verification time.

syncing monerod, what does this error mean? `2025-10-10 14:31:25.617 W Invalid DNSSEC TXT record signature for updates.moneropulse.org: validation failure <updates.moneropulse.org. TXT IN>: no DNSSEC records from 9.9.9.9 for DS updates.moneropulse.org. while building chain of trust`

should I change my dns nameserver?

quad9 did not give DNSSEC records

what dns would give DNSSEC records?

on getmonero it says I can use 1.1.1.1 or 8.8.8.8, maybe I'll try it

yeah i tried dig

it seems like quad9 doesn't return any DS records

but 1.1.1.1 does

8.8.8.8 doesn't though, it even brings up this error "Invalid denial of existence of updates.moneropulse.org/ds"

maybe MITM'd or some shit

honestly i cannot tell if this is an actual result from the DNS server (and they're intentionally tampering with it) or if it's my ISP tampering with the results to omit DNSSEC

I think it DNS MITM should be rare

it's maybe used targeting individuals as far as I understand how it works

it's used to target specific domains

<monero.arbo:matrix.org> nontheless DNS over TLS is a thing

my PR for DNS-over-TLS should be reviewed :(

<monero.arbo:matrix.org> I just set my router to use it then point everything at my router for DNS

the resolver library that monerod uses already has built-in DNS-over-TLS support

16:41:43 <ArsenyTarkovsky> I think it DNS MITM should be rare

ISPs or some routers override any plaintext DNS with their own

no matter which port it runs on

^

server*

as long as it's in port 53*

DNS MITM is much more common than you think

usually they do this for caching, but they get stuff wrong

(or blocking)

oh yeah "caching"

some ISPs have shit peerings :)

they do that to improve latency, instead of 4s+ you end up with just 2s latency

they did that in the worst way that broke the DNS standard

which led to many complaints

But wouldn't such MITM be invalidated by non-matching certificates?..

I know of a cell carrier that inserted ads into HTTP, but bare HTTP is rare now, so never seen it.

BlueyHealer: mitm doesn't need to change the records

just for example not return records for domains

or not do DNSSEC etc.

<rbrunner7> "Another problem is that some mail carriers might get sly and try to find out who is delivering what letters. The Fluorine Fermi update changes how letters are sent and who they are sent to, which makes it extremely hard for spies to trace the trail. This helps the Monero mail service escape these cunning carriers."

<rbrunner7> This gem is from here: cryptopolitan.com/monero-releases-fluorine-fermi-update

lolol

pigeon2peer protocol

<vtnerd> 64bit speedup (vs 32 bit) for wallet scanning only. There's a patch marked as draft that speeds up sync time considerably, but I've left it as draft because technically it increases chances of chain split. Chances are low, but possible. > <@ravfx:xmr.mx> What is that supercop thing? Required or no to build monerod?

<binarybaron:matrix.org> Could we merge it and use it just for wallets ?

<binarybaron:matrix.org> Do you have a link to the PR? I might apply it to the wallet we are Building

<binarybaron:matrix.org> Worst case is that the wallet gets stuck syncing ?

<17lifers:mikuplushfarm.ovh> @rbrunner7: well, that same article also suggests this

<17lifers:mikuplushfarm.ovh> mrelay.p2pool.observer/m/mikuplushf…rm.ovh/XksOfIuYyDdVDVVPmmukHPPB.png (image.png)

<rbrunner7> Er ... I think Supercop is used for wallet scanning - just not for syning blocks

<basses:matrix.org> @rbrunner7: ELI5 prompt

<vtnerd> @binarybaron:matrix.org: Its been used in wallets for years. The new PR is just for curve order checks on tx keys. It's really high in profiles when syncing

<vtnerd> Carrot will shift to x25519 which has speedups for arm, whereas the supercop 64bit assembly is x86-64 only. The supercop project has a new neon (arm) assembly which would help with pre-carrot scanning, but last I checked that code is still marked as unverified

DataHoarder, I kinda don't associate it with MITM then... Like, it's what my ISP is already doing by blocking Twitter/Facebook/etc.

it's MITM, just not trying to change things to a different endpoint

literally man in the middle

even a passive MITM is considered that, and if blocking/overriding is done, that's active, maybe not malicious

MITM being normalized doesn't mean it's not man in the middle :D

I just think of "redirecting traffic elsewhere" or "trying to read the traffic" rather than "terminating the traffic", since, y'know, there is no "middle" to be in now.

<johnyjr:matrix.org> what do you guys recommend to swap ltc to xmr with mininal fees?

<321bob321> Basicswap

x.com/monero/status/1834292929877180697

Except there is an issue with outgoing view keys

Please give us a choice

Why not better privacy by default?

<hbs:matrix.org> Privacy is normal

<ravfx:xmr.mx> What the one mean "Unable to send transaction(s) via Dandelion++ stem"?

<ravfx:xmr.mx> I get it from time to time on one of my node, since Qubic afaik, I don't remember seeing

ravfx: do you use tx-proxy ?