hi

lets keep monero alive

<ufo808:matrix.org> mrelay.p2pool.observer/m/matrix.org/ItFPrmuueEeoVUNrcjcBnivH.png (image.png)

<ufo808:matrix.org> why I can't open getmonero.org ?

<ufo808:matrix.org> oh well, from chromium it works

<ufo808:matrix.org> strange anyways, firefox doesn't work

<ufo808:matrix.org> maybe because it's privacy hardened? but I was able to open before

<ufo808:matrix.org> (privacy hardened is my firefox profile)

<pyratevevo:matrix.org> > <@pyratevevo:matrix.org> But does it affect other users ? Like if it can somehow lead to myself getting made because both my sender and the receiver of my coins have their viewkeys out in public ?

<pyratevevo:matrix.org> I guess my question was if this change can possibly affect fungibility ? Like let's assume the worst and say most transactions become transparent because most people have started having their new viewkeys available for whatever reason

<pyratevevo:matrix.org> so Monero goes from transparent wallet 1 to transparent wallet 2. Could this turn the blockchain into a swiss cheese with transparency holes ?

<rbrunner7> Nobody who does not hold the viewkeys in question sees anything more. So the question is more "Who all will hold viewkey collections, and how large are they?" Anyway, if your viewkey is out, make a new wallet, private again after 1 "churn".

<rbrunner7> I don't really understand all this alarmistic stuff ...

<rbrunner7> Outgoing viewkeys were proposed and scheduled for implementation 4 freaking years ago. Funny that people freak out now. Just saying.

<rbrunner7> And don't somebody dare to claim that it happened in the dark. If any coin does all development in the open, it's Monero

<milas900:matrix.org> Guess that will keep a loophole > <Bunnyh> think the current model is just fine of course. probably someone is even using the view only feature for legit purposes! respect to them

<rbrunner7> The outgoing viewkeys allow much better "light wallets". You can entrust somebody running a server for that with your viewkey, or you can run such a server yourself.

<intr:unredacted.org> @rbrunner7: my guess is it's the marketing + outsiders/newbies reading it and misunderstanding it

<intr:unredacted.org> or rather lack of marketing, aka word of mouth

<rbrunner7> The outgoing viewkeys allow to check without danger whether the XMR in your paper wallet are still there

<intr:unredacted.org> I for one am very hyped for it

<rbrunner7> Ah, maybe we found the one who "sold out" :)

<rbrunner7> You sold Monero dev secrets to the Zcash people and the FED for 1 million USD in XMR

<intr:unredacted.org> I feel like I missed out on some drama and I'd like it to stay that way

<noname-user0:matrix.org> they are good thing. ppl are freaking out over nothing.

<intr:unredacted.org> that's what I'm saying

<noname-user0:matrix.org> you always had the ability to share your txs and view keys with whomever you wanted. if every single person did so publicly then monero would be much more transparent. but luckily it's private by default.

<pyratevevo:matrix.org> I'm new and trying to learn. Don't mean no 'alarmist' nonsense. > <@rbrunner7> I don't really understand all this alarmistic stuff ...

<pyratevevo:matrix.org> I guess it'll also be very helpful for businesses to accepted Monero in that sense. > <@rbrunner7> The outgoing viewkeys allow much better "light wallets". You can entrust somebody running a server for that with your viewkey, or you can run such a server yourself.

<rbrunner7> Somebody brought the discussion to the next level: old.reddit.com/r/Monero/comments/1q…transparency_trap_why_new_view_keys

<rbrunner7> Following this might definitely not be healthy for me :)

<kayabanerve:matrix.org> Wasn't the thing to make them complacent for them to just generate the existing wallets which don't enable such an option?

<rbrunner7> Didn't tevador suspect something breaks if you just set two keys in the Carrot key hierarchy to identical values to have no full view key?

<kayabanerve:matrix.org> Ugh. It was never proposed for compliance D:

<rbrunner7> Ah, you mean, continue to generate old wallets? Yeah, we can keep those indefinitely.

<kayabanerve:matrix.org> At least, AFAIK, it was always discussed for the functionality and auditability. Compliance discussions have always focused on selective disclosure via payment proofs as we have today.

<kayabanerve:matrix.org> Yeah, old wallets. It requires no new work for devs and avoids messing with the formulae.

outgoing view keys are very useful for me for fundraising stuff

i don't get these people losing their shits over it

"Currently, if a regulator or a tax authority asks you to prove your transaction history, you have a technical shield: "I can't. The protocol doesn't support it." "

"you can, give us your view keys and key images"

> suspect something breaks

it was confirmed, rbrunner7

DataHoarder: really? what breaks if you set the view balance secret to the spend key?

for carrot specifically

<pyratevevo:matrix.org> Apparently it also helps users with cold wallets (which is something im still reading about) to view their balances easily. Very cool.

DataHoarder: like what happens

I can't remember that part it's in one of the research rooms or community :D

<rbrunner7> "it was confirmed, rbrunner7" Thanks, DataHoarder, good to know. So support for old non-Carrot wallets indefinitely into the future is it. That's doable.

note old wallets currently cannot migrate using the PQ Turnstile design on gist.github.com/jeffro256/146bfd5306ea3a8a2a0ea4d660cd2243

<kayabanerve:matrix.org> I don't think any regulators care if you can't do something, only that you won't.

<kayabanerve:matrix.org> @rbrunner7:monero.social: wdym freak out _now_, I thiught we got annoying people shouting about it monthly

people crying about outgoing view keys when they realize the tax and regulation authorities can make them generate a list of key images and give up their incoming view keys

<pyratevevo:matrix.org> I have other questions about the technology behind Monero but I think I'm better off asking elsewhere..

nah you can ask here

<pyratevevo:matrix.org> Cindy: Not the first time I see it happen. There are more complainers of complaining in the chatroom than there is actual complaining.

<yokoama:matrix.org> @pyratevevo:matrix.org: good luck

<rbrunner7> "note old wallets currently cannot migrate using the PQ Turnstile design" You mean we can't please the "Sky is falling because of viewkeys" fraction and the "Sky is falling because of quantum computers" fraction at the same time? Tough.

<kayabanerve:matrix.org> @pyratevevo:matrix.org: Mainly just joking around about it still happening because of how absurd it was historically.

and I think doing the swap on Carrot ones did also have that issue of removing some forward secrecy against a pq opponent

swap -> dupe

<pyratevevo:matrix.org> DataHoarder: Post quantum protection is also included in FCMP++ ?

see github.com/jeffro256/carrot/blob/master/carrot.md#2-new-features

address-conditional forward secrecy

?

that's amazing!

Yip. Recent normie turned monero holder here. Learning something new about the project everyday.

meow, hi recent monero holder

<intr:unredacted.org> dmlunar: don't forget to use it too. that's what it's for

<hooftly:matrix.org> Regarding view keys... monero already has private and public view keys. How is this update different than the current system aside from showing spent outputs anf being able to actually prove a balance when asked.

<hooftly:matrix.org> Nevermind I already know the answer.

<hooftly:matrix.org> Stupid

<intr:unredacted.org> DataHoarder: I see carrot also inherited the jamtis features of wallet "tiers", amazing

hooftly: "how is this different?" proceeds to state what is different after

<hooftly:matrix.org> Yes its a rhetorical question to show how absurd it is

<jeffro256> @hooftly:matrix.org: OVKs radically simplify hot/cold and multisig wallet UX. They also make hardware wallet usage more secure

<hooftly:matrix.org> For sure being able to see real balances without loading private keys is a huge improvement in both safety and UX its annoying it is being portrayed as anything else

no how dare you

you're supposed to export key images from your cold wallet every time

<basses:matrix.org> discuss.privacyguides.net/t/magic-g…ght-wallet-app-for-android/33246/11

<basses:matrix.org> Skylight Wallet 1.0.4 is now available for Android and Linux!

<hbs:matrix.org> List of key images is a single snapshot, outgoing viewkey is forever > <Cindy> people crying about outgoing view keys when they realize the tax and regulation authorities can make them generate a list of key images and give up their incoming view keys

your authorities can continue asking for key images

<hooftly:matrix.org> Just use a different wallet much easier to decoy...

<hooftly:matrix.org> Here is my view key promise

<hooftly:matrix.org> Meanwhile....

can i use this feature now? or is it still not released?

what feature

outgoing view keys?

yeah

no

i mean, you can, but only on stressnets

it's not deployed on mainnet yet

<yokoama:matrix.org> @hbs:matrix.org: Stop using that wallet if someone has forced you to give that key ?

<ofrnxmr> zcash has "exchange addresses". OVK essentially allows an "exchange wallet". You cant just stop using when interacting with the exchange or whoever is only accepting deposits coming from it

<ofrnxmr> Cindy: Its not on stressnet yet either

stressnet only handles legacy wallets, indeed, but supports native carrot stuff (just not plumbed or setup in wallet)

<elongated:matrix.org> @ofrnxmr: Stop using vendors/exchanges that force you to give that key or use a separate wallet 🤔

<intr:unredacted.org> Be a good boy and buy your ''bit coins'' (to then atomic swap for muh 'neros)

<tuw:matrix.org> surely if OVK is this controversial the answer is to remove that feature from initial CARROT release and take time to debate it more

<intr:unredacted.org> It's not a controversial feature, and it hasn't been for years

<tuw:matrix.org> well looking at the reddit almost everyone is against it, so clearly at least the community is not convinced

<hooftly:matrix.org> You mean like 4 people? Which could also be alt accounts?

<intr:unredacted.org> from Kayabenerve all the way back in 2022 when the same post was made:

<intr:unredacted.org> mrelay.p2pool.observer/m/unredacted.org/PNIzXNUjJkxqlUIboNvViVvp.png (clipboard.png)

<ofrnxmr:xmr.mx> Lws servers can pretty accurately determine spends

<tuw:matrix.org> I dont have enough technical knowledge to judge whether it is damaging or not, but I do know there are a huge amount of attacks on monero and it is possible that this is one of them

<intr:unredacted.org> mrelay.p2pool.observer/m/unredacted.org/GjiFTEzEbMVXSIbWAXolSJpn.png (clipboard.png)

<intr:unredacted.org> hey look, someone gets it

<tuw:matrix.org> looking at the posts and upvotes it is clearly not just 4 people reddit.com/r/Monero/comments/1qjqpg…transparency_trap_why_new_view_keys

<intr:unredacted.org> I even called this on the second to last monerotopia episode

<hooftly:matrix.org> @tuw:matrix.org: Upvotes are easy to game

<intr:unredacted.org> the new fud is gonna be people storming in about FCMP having some kind of detrimental issue

<intr:unredacted.org> hilarious

<tuw:matrix.org> it may be FUD from zcashers, or it may be three letter agencies trying to get this feature into monero, how are we to know

<hooftly:matrix.org> what

<hooftly:matrix.org> Lol

<tuw:matrix.org> no one is complaining about FCMP, people are concerned about this one small feature of CARROT

<intr:unredacted.org> view keys have been a (broken) feature for I don't know how many years now

<intr:unredacted.org> the funniest part about this is, the absolute #1 fundamental rule about having a crypto wallet of any kind is that you don't give out your private key

<hooftly:matrix.org> So the core team is three letter agencies now?

<intr:unredacted.org> monero has, put simply, 2 private keys

<intr:unredacted.org> you are not supposed to give them out

<intr:unredacted.org> if a gubmint can force you to give out the private view key they can force you to give out the private spend key

<tuw:matrix.org> well giving out the spend key is clearly stealing your money

<tuw:matrix.org> view key is just for tax compliance so they get to remain the good guys while demanding it

<intr:unredacted.org> what compliance

<tuw:matrix.org> and if you dont think there are government agencies attempting to infiltrate the dev team and this telegram I think that is naive

00:27:19 <br-m> <tuw:matrix.org> surely if OVK is this controversial the answer is to remove that feature from initial CARROT release and take time to debate it more

removing the feature breaks as it is currently implemented, removing security assurances

<intr:unredacted.org> @tuw:matrix.org: I feel like I'm talking to one right now

or opens you to quantum actors

<intr:unredacted.org> but that aside

<intr:unredacted.org> the view key feature has existed for many years, the only thing that changes here is that it will now work as advertised

<hooftly:matrix.org> @tuw:matrix.org: Even if they are its easy to understand this is not that

<hooftly:matrix.org> Its not new

with previous view key you can also quite certain determine spends.

<intr:unredacted.org> from change outputs, yes

<ofrnxmr:xmr.mx> DataHoarder: How does lws do it

without direct change outputs too, given you are sweeping, though post FCMP it's not doable (looking at rings)

<tuw:matrix.org> I see, thanks for clarifying

but for example, this is likely a spend / sweep without any change back blocks.p2pool.observer/tx/25a0e8e91…25e2f5d1ea4266a4e19c8d4cb5427c656ca

i dont think lws needs to guess spends - just give all outputs to user who has spend key to confirm. like background sync with view key?

^

you can also detect consolidations at the moment, the current view key just gives you the final bit of confirmation

post FCMP that will also not be doable (no rings)

here you could figure out who has decoys that were owned by both blocks.p2pool.observer/tx/8898ea6e1…d5bd6487000278900e0b516252b6a1d75b4

and guess if it was CCS or GF that sent the funds (it's probably GF -> CCS!)

note this is possible with just *view keys* without being able to find spends with a view spends key, or view outgoing

that just allows you to have effective wallets that work and the rest in cold storage without the ... broken UX, specially with hw wallets (which can't export key images properly!!)

yep. all GF contributions to CSS can be found under repo.getmonero.org/binaryFate , the comments are usually scraper friendly

CCS* shame on me

<jeffro256> We could go farther: it is quite easy to make a Monero wallet in which there is only one key: incoming view, outgoing view, and spend key, all rolled into one. Why does no one clamor for this hypothetical wallet construction ? There's a reason that we don't do it: UX. It means that any scanning requires your spendkey loaded > <@intr:unredacted.org> monero has, put simply, 2 private keys

<intr:unredacted.org> crowdfunding style sheets

ive been looking at tailwind css i am sorry

yeah plowsof just trying to point out that it can be done without you know, comments or disclosure

<tuw:matrix.org> it is hard as a non-dev to judge exactly what is necessary, but thanks for the explanation. It is clearly A possible attack vector so my personal opinion would be to try and implement it while adding only the minimum possible transparency to the protocol. that said I trust the devs to judge it better than I could

<pyratevevo:matrix.org> After reading more about it, I think people are just misinterpreting the use case, just like I did when I first read about it. > <@tuw:matrix.org> well looking at the reddit almost everyone is against it, so clearly at least the community is not convinced

<pyratevevo:matrix.org> Its for personal use, not to be shared online or with agencies. Some government body demands it to approve of your Monero ? Who told them you have any in the first place, and why do you want your Monero's validated and checked through a legal audit ?

they can already make the same demands. once you stop complying and providing key images they can assume you moved funds to something else

<tuw:matrix.org> right, I don't disagree. But just imagining 'binance adds moenro back!! you just have to provide your view key' and then suddenly 30% of the network is outside visible

that key is more of an artifact of how carrot (or jamtis, it existed/exists there too) are constructed to prevent a quantum opponent from walking the keys backward... like it is possible with the legacy wallets

<pyratevevo:matrix.org> Definitely sounds like a killer feature for groups/orgs. Maybe business too.

that is also not true

it does not disclose the network, but just your specific moves without source or destination

<intr:unredacted.org> @tuw:matrix.org: if this actually happens, just make two wallets. Binance -> (wallet with view key exposed) -> (wallet)

you cannot fetch who the funds came from or destination with just that

^ assume CEX are as public as you having the keys already out

exchanges are already tracking outputs and making the database

Keep in mind it's super easy to buy upvotes on Reddit, just a month ago I saw a comment clearly from a Zcash-adjacent user have 30 upvotes within less than an hour on a one say old post.

With a couple accounts and upvotes bought you can quickly produce a "controversy".

<pyratevevo:matrix.org> Also thanks for sharing the link about CARROT earlier. Brilliant stuff. > <DataHoarder> that key is more of an artifact of how carrot (or jamtis, it existed/exists there too) are constructed to prevent a quantum opponent from walking the keys backward... like it is possible with the legacy wallets

<pyratevevo:matrix.org> I especially appreciate the effort that goes into ensuring no fragmentation occurs between wallets, despite the new features. Monero is clearly being developed by smart people.

the enemies of monero also don't want monero to be easily usable and be confusing for users :)

Not saying this is what is going on currently but it's not a good faith platform.

<intr:unredacted.org> selsta: I literally called it, lmao. Funny coming from the guys who pride themselves in transparency

one day*

<pyratevevo:matrix.org> @intr:unredacted.org: Or, don't engage with CeX and gubermints.

<intr:unredacted.org> yes, of course

also, if you use legacy wallets: they can require you to regardless move or provide the information if they desire so

or go further and disclose current "spend key" with an auditor company :')

people already paste their seedwords in the browser for "verification" on scams so they might as well try!

you have syncing issue pls "connect your wallet" 😭

<tuw:matrix.org> alright. got to go now but thanks for patiently assuaging my fears. hope it is just a zcash FUD.

<pyratevevo:matrix.org> @pyratevevo:matrix.org: This contracts with what I keep seeing with things like Bitcoin doing Layers and whatever complicated stuff.

you could have a wallet that doesn't have view keys even, just per-tx generated addresses for single-use private keys and that need the wallet file to restore (and must be backed up continously)

like old bitcoin wallet.dat

forget to backup when receiving something new or doing a send and your entire balance could be gone!

you don't need carrot or cryptonote to support that, you can make this right now or on carrot (and generate everything on the spot)

usability zero

<jeffro256> @intr:unredacted.org: This doesn't work in the hyprothetical situation that a draconian government requires you to provide financial information about your Monero wallet and you comply. They can say "you must only send to approved wallets, ones for which we have the incoming view keys for". If they have the view-incoming k [... too long, see mrelay.p2pool.observer/e/9_6Vjd8KS1pRVV9H ]

scan times, great (unless you assume old generated addresses won't receive new stuff)

<pyratevevo:matrix.org> Does all this new tech upgrades come with load burdens ?