<ofrnxmr:xmr.mx> if you connected manually to a malicious node, thats probably a "you problem"

<rrjo1zj8p7lhtl15lylp:matrix.org> I agree

<ofrnxmr:xmr.mx> GUI connects to malocious nodes automatically :D

<ofrnxmr:xmr.mx> @ofrnxmr:xmr.mx: And advertises the feature to noobs

<rrjo1zj8p7lhtl15lylp:matrix.org> select a trusted node manually

didn't monero.fail get flooded with a sea of I2P nodes suddenly one day?

<ofrnxmr:xmr.mx> Yea

<just_another_day:matrix.org> getmonero also says this in the faq: "All transactions on the network are private by mandate; there is no way to accidentally send a transparent transaction. This feature is exclusive to Monero. " > <DataHoarder> on monero front page since I remember

<kiersten5821:matrix.org> is there a single system that doesn't have a kind of viewkey feature? even tornado has it. maybe some coinjoin impls?

just_another_day: that is true

there is no way to actually send a transparent transaction

but monero doesn't stop you from leaking your view keys or sending rnadom people proof that you sent the TX

s/actually/accidentally/

because that's not accidental

As in, you can't make a transaction open to everyone

Like Z vs T on others

<just_another_day:matrix.org> can't I publish my view key in the open?

How do you do this in the network?

^

You can send it here, or post it on a website

you can only do this off-chain

<just_another_day:matrix.org> it's not a big difference really

i mean, you can shove your keys in tx_extra

It is a big difference

it is

if you wanna publish your keys so badly, monero won't stop you

Specially that even your transactions mask others

<just_another_day:matrix.org> we want transactions hidden from a single adversary primarily

<just_another_day:matrix.org> and this adversary can persistently ask for the keys

They can ask for your spend keys

Or for you to provide interactive proofs

Regardless

<just_another_day:matrix.org> no one is gonna give them spend keys

that sounds like a problem outside the scope of monero

<rrjo1zj8p7lhtl15lylp:matrix.org> why would someone want to make their transactions public anyway? I'm confused.

No one is going to give them view keys

See?

if the adversary has a 5 dollar wrench on the top of your head

then they'll make you give them anything

<just_another_day:matrix.org> because aml demands so

rrjo1zj8p7lhtl15lylp: for example Monero donation wallet operates in the open

<just_another_day:matrix.org> people happilty compromise their privacy doing kyc

<just_another_day:matrix.org> no one wants to lose their coins

It's transactions are still the same class as others, but they have shared their local keys

Remember that for you to decode your keys that sort of key exists

<just_another_day:matrix.org> Cindy: we're going back and forth, but the adversary powers are not unlimited

<rrjo1zj8p7lhtl15lylp:matrix.org> just make a new wallet, send your coins to your new wallet, be careful.

Then the adversary asks you to move to their wallet that reports but you keep your keys

<just_another_day:matrix.org> i just want to maximize the political cost of forcing users to make their wallets transparent

Or asks you to make an interactive proof for every tx ever automatically

<rrjo1zj8p7lhtl15lylp:matrix.org> don't admit to having a wallet maybe lol

And same way, can't tx again with them if you ever withhold proofs

Note you can prove you have not received or having received a transaction without sharing tx keys

<rrjo1zj8p7lhtl15lylp:matrix.org> I wish I had enough money that I actively needed to be creative to not lose it. I play with pennies.

View keys*

This is again using the proof system

if i want to reveal my transactions or not, i should have the option to

<just_another_day:matrix.org> DataHoarder are you on Reddit? Maybe just write an anti-FUD post?

Which is not an addition on top but something solely possible due to cryptography

<just_another_day:matrix.org> explaining all the stuff

I just deleted the spend keys from my wallet

I feel safe now

Well there's the carrot derivation scheme and the PQ pages on MRL issue tracker and turnstile one

But people won't read

And will get stuck in semantics of what is view key or decoding etc

And what exists due to cryptographic reasons or as a side effect

nioc: do you like looking at a number :P

<rrjo1zj8p7lhtl15lylp:matrix.org> are you looking to get your coins out? or you looking to please regulators by saying hey look here's my wallet, hey look here's my transaction history etc?

<rrjo1zj8p7lhtl15lylp:matrix.org> Because you can just use BTC if you want to be out in the open. Most countries have delisted XMR for a reason I think. Your trying to accomplish the opposite of what xmr is supposed to do?

And what is a designed feature

Like here already :P

Now imagine doing this on reddit

<will not type your username>: but what if i want to have transparent fundraisers

<rrjo1zj8p7lhtl15lylp:matrix.org> use btc

<just_another_day:matrix.org> this is a secondary goal to Monero

Atomic swaps btw ^

<rrjo1zj8p7lhtl15lylp:matrix.org> your trying to fish with dynamite. use a fishing rod

It is a primary goal

To be able to be auditable by you or other reporting selectively entirely by you

<just_another_day:matrix.org> pursuing secondary goals is good, but not hurting the primary goal

Cindy: yes, hold only

(This is your own freedom to use the methods provided as you see fit(

<just_another_day:matrix.org> monero's better not be auditable, so that we don't get aml bs

The primary goal is safe cash system , and now that includes quantum forward secrecy

<rrjo1zj8p7lhtl15lylp:matrix.org> I'm so confused why anyone would want this.

Auditable by people you chose

<rrjo1zj8p7lhtl15lylp:matrix.org> i understand the quantum play

my wallet no longer has keys and is now non auditable \o/

You can also audit that blocks are mined with the right rewards

(That is why miner tx outputs are in the clear)

<just_another_day:matrix.org> Real cash is audited by excel spreadsheads. that's why authorities don't like real cash

<just_another_day:matrix.org> I want Monero to be the same

same reason why people like to be transparent sometimes

You also can prove the receiver you sent them funds

Instead of them claiming they received nothing

why the monero CCS does the same thing

even the monero general fund

I use cash but have never used excel, this time imma not joking

you can get the view keys of those wallets if you want, and look at how much they got

Imagine swapping funds in DEX

Without any way to prove the swap lol

This is what auditable is, and gives actual force to the transaction/money

Instead of sharing pictures that are fake

<just_another_day:matrix.org> Cindy: if they already do this, why would we need more powerful view keys?

To make it transferable in a way you can prove doing so (without other person lying about it)

Again

They are not being ADDED

also to make the balance more accurate

They are a side effect of splitting spend and key image for quantum forward secrecy (and being able to migrate in the future)

in case people pull from the wallet

Also it's not even dependent on hardfork

<just_another_day:matrix.org> CARROT is possible with cryptonote?

This is also what people misunderstand

It's not a consensus protocol (unless turnstile becomes relevant in the far future)

Yes

Carrot is two things

<rrjo1zj8p7lhtl15lylp:matrix.org> this is the explanation that makes sense. I get what your saying here. For escrow related issues. > <DataHoarder> To make it transferable in a way you can prove doing so (without other person lying about it)

this all feels like ddos

An output format (this is just a convenience)

And an addressing mode (new)

<just_another_day:matrix.org> i'll let Ghost speak. He's a new voice here

The new addressing mode is not even implemented in wallet and probably won't be ready and doesn't matter

<just_another_day:matrix.org> I'm just repeating myself really

ya think

It can come later, or someone else can add it

The legacy wallets also use the outputs, either old or new