-
m-relay
<rbrunner7:monero.social> Meeting in a bit more than 1 hour
-
m-relay
<rbrunner7:monero.social> Meeting time. Hello!
monero-project/meta #1258
-
m-relay
<sneedlewoods_xmr:matrix.org> hello
-
m-relay
<jeffro256:monero.social> howdy
-
m-relay
<syntheticbird:monero.social> hi
-
m-relay
<jberman:monero.social> *waves*
-
m-relay
<rbrunner7:monero.social> Alright, onwards to the reports from last week
-
m-relay
<sneedlewoods_xmr:matrix.org> made great improvements on the Wallet APIs `wallet_keys_unlocker` thanks to jeffro
-
m-relay
<sneedlewoods_xmr:matrix.org> also finally fixed the bug that made `verifyPassword()` fail after make_multisig
-
m-relay
<rbrunner7:monero.social> So the hunt for the last remaining pieces of direct wallet2 use in the CLI wallet can continue :)
-
m-relay
<sneedlewoods_xmr:matrix.org> yay, way more fun than starring at the debugger :D
-
m-relay
<rbrunner7:monero.social> If the bug is interesting ...
-
m-relay
<jberman:monero.social> me: fixed a couple bugs testing forking from current testnet (in the migration and in scanning) in prep for alpha stressnet, cleaned up the FFI (removed unwraps/asserts, used int error returns to gracefully handle errors, de-duplicated some code with macros, clippy+fmt), implemented consolidated paths in the RPC for getting paths in the tree by global output id, started on a bette<clipped messag
-
m-relay
<jberman:monero.social> r organizational structure for curve trees logic in the db code, tested kayaba's latest prove/verify optimizations (good results!!)
-
m-relay
<jberman:monero.social> Planning to complete organizational structure in the next day, then moving to documentation/Carrot review, in prep for opening PR's to the main Monero repo
-
m-relay
<jberman:monero.social> Good news: kayabanerve implemented linear prove() times, dropping 128-input tx construction down from 5m30s to ~1m!! Huge
-
m-relay
<jeffro256:monero.social> me: initiated communication about Carrot follow-up review by Cypherstack, updated FCMP++ benchmark tool for all the latest FCMP++ changes (github.com/jeffro256/clsag_vs_fcmppp_bench/), working on supporting high input counts in benchmark tool, working on patches in Monero core repo, re-reviewing the de-dup PR by rbrunner7, reviewed several PRs in seraphis-migration, did a write-up<clipped mess
-
m-relay
<jeffro256:monero.social> for an upcoming vuln disclosure, helped prepare v0.18.4.2 release
-
m-relay
<rbrunner7:monero.social> Rucknium answered jeffro256 's questions that came up during his review, and I made the requested (smaller) changes. I think it's ready now for a second review, that certainly seems a good idea because of the importance of the code:
monero-project/monero #9939
-
m-relay
<rbrunner7:monero.social> "an upcoming vuln disclosure". Oh, always interesting. Did the fuzzing already turn up something auctionable?
-
m-relay
<kayabanerve:matrix.org> 👋
-
m-relay
<kayabanerve:matrix.org> I deduplicated 25k lines of code and optimized FCMP++ prove. Apologies for being a few minutes late to the meeting.
-
m-relay
<rbrunner7:monero.social> That's the 5 times speedup that jberman mentioned?
-
m-relay
<jeffro256:monero.social> Yes, but this specific one isn't related to the fuzzing group. The report will go up as soon as v0.18.4.2 binaries are out, not sooner so users don't get confused.
-
m-relay
<kayabanerve:matrix.org> I also raised the topic of migrating the hash to point algorithm with FCMP++s after finally successfully identifying the present algorithm.
-
m-relay
<kayabanerve:matrix.org> Largely rbrunner7
-
m-relay
<jeffro256:monero.social> But if you're self-compiling for your own wallet, just make sure to be on the latest release-v0.18 or master branch.
-
m-relay
<rbrunner7:monero.social> Just curious, what is there to win if we migrate to another "hash to point" algorithm? A bit faster?
-
m-relay
<rbrunner7:monero.social> jeffro256: Thanks for the hint
-
m-relay
<kayabanerve:matrix.org> Bits of security currently being lost.
-
plowsof
jeffro256 would this be on -site as a blog post also - pushed at the same time binaries are?
-
m-relay
<kayabanerve:matrix.org> We currently use keccak256. Would you be happy if I set the first byte to 0 after every usage?
-
m-relay
<kayabanerve:matrix.org> We currently use a hash to point which has an explicit bit of bias and probably has further bias after.
-
m-relay
<rbrunner7:monero.social> Is this a trick question :)
-
m-relay
<kayabanerve:matrix.org> a new hash to point just tightens everything back up
-
m-relay
<kayabanerve:matrix.org> It's also only ~10 lines of cryptography. It just invokes the existing hash to curve twice. It isn't a major change re: cryptography
-
m-relay
<rbrunner7:monero.social> And no hairy compatibility issues if we switch that algorithm? Or will it be done in standard version based way?
-
m-relay
<rbrunner7:monero.social> Before like so, afterwards differently
-
m-relay
<jeffro256:monero.social> plowsof: yes that could be done
-
m-relay
<kayabanerve:matrix.org> New outputs are added to the tree with a key image generator sampled using the new hash to point
-
m-relay
<kayabanerve:matrix.org> Old outputs are added to the tree with their key image generators sampled using the existing hash to point
-
m-relay
<kayabanerve:matrix.org> The world keeps spinning
-
m-relay
<rbrunner7:monero.social> Alright :)
-
m-relay
<jeffro256:monero.social> It's a type of vuln that doesn't really benefit much from being hidden from attackers since it's a data leak, it mainly just hurts users the longer they don't update. If it makes sense, perhaps a report PR can be made to the monero-site, but I just don't want it to spread on social media sites before the release binaries are posted, and cause confusion
-
m-relay
<jeffro256:monero.social> @selsta
-
m-relay
<jberman:monero.social> plowsof: bumping this PR too not sure who else to bump to:
monero-project/monero-site #2510
-
m-relay
<rbrunner7:monero.social> Ok. Anything else to discuss today beyond these reports?
-
m-relay
<rbrunner7:monero.social> Doesn't look like it. I think we can close. Thanks everybody for attending, read you again next week!
-
selsta
fuzzing found issues but so far none have been exploitable
-
m-relay
<sneedlewoods_xmr:matrix.org> thanks everyone
-
m-relay
<rbrunner7:monero.social> Good to hear, selsta.
-
m-relay
<rbrunner7:monero.social> By the way, SNeedlewoods , it looks as if eigenwallet really went the API way instead of using wallet2 directly, which is nice:
libera.monerologs.net/monero/20250712#c540320
-
m-relay
<jeffro256:monero.social> Yes, sorry, I should have been more clear about the changes made due to the fuzzing group: actionable, but not exploitable.
-
m-relay
<jeffro256:monero.social> Thanks everybody
-
m-relay
<rbrunner7:monero.social> (There must be some more recent statement, but can't find right now)
-
m-relay
<sneedlewoods_xmr:matrix.org> had a chat with the devs a while ago and gave them a link to the branch I'm currently working on, so they can track the most recent changes to the API
-
m-relay
<jeffro256:monero.social> rbrunner7: about the changes?
-
m-relay
<jeffro256:monero.social> for fuzzing?
-
m-relay
<rbrunner7:monero.social> Er, no, about eigenwallet using the API
-
m-relay
<jeffro256:monero.social> Oh okay nvm