17:08:46 Meeting in a bit less than 1 hour 18:00:04 Meeting time. Hello! https://github.com/monero-project/meta/issues/1325 18:00:48 Hey 18:01:22 *waves* 18:03:07 Alright, let's start already with the reports from last week 18:03:27 worked a little more on vtnerds review comments, let me know if I missed to address something 18:03:29 and almost done with rbrunners review of #10233 18:04:21 Will you comment my review comments "en masse" then? I did not yet see any comments of yours there. 18:04:52 Yes, that's the plan 18:05:06 Ok 18:05:07 wanted to go through all of them first 18:05:45 me: followed up on jeffro256 's unbiased hash to point impl (a blocker for beta stressnet) and did a bit of refactoring of my own code for that impl and for the FCMP++/Carrot integration. Unrelated to the unbiased hash to point, I have some more refactoring ideas to implement in line with my changes there before opening up the FCMP++ integration for auditing and upstreaming more s tructural PR's. Also will follow up on tx relay v2 this week 18:06:34 Unrelated, but I also started on some Serai work 18:06:55 That is inching closer to some beta now, I suppose? 18:08:19 I think we're closer than inching at this point. By my read, the stressnet channel seems significantly more relaxed than it's been in the past before v1.5, which I attribute mainly to v1.5 fixing the major issues people were experiencing in the past 18:09:24 The major blockers to beta are basically out of the way I'd say 18:09:39 my v1.5 stressnet node is still ~30.000 blocks behind, been syncing since it's released, without any OOM or other crashes 18:09:45 The "tasks for beta" issue needs to be updated - had someone asking about it the other day and noticed that a bunch of the tasks have been completed 18:10:19 Was planning to complete those once we have a beta branch and those items are merged into it 18:10:32 e.g. runaway span PR's are only on the alpha stressnet branch right now 18:10:37 ah i see 18:11:01 And beta branch will fork off of fcmo++-stage, yeah? 18:11:06 yep 18:11:26 Sounds like the real fun is starting soon :) 18:11:30 so anything in fcmp++-stage right now can be marked as complete on that TODO list I'd say 18:13:23 Ok. If we are through with the reports already, I have something that I want to throw into the round. 18:13:52 I consider implementing Polyseed for the CLI and the GUI wallet app and wanted to get comments. 18:14:11 Does anybody see anything that would speak *against* doing so? 18:14:50 I asked tobtoht by PM about their opinion, but they did not yet answer. 18:15:03 IIRC I don't think it's been audited yet, and I think that would be a good idea 18:15:38 Hmm, interesting point 18:15:46 I saw the chat the other day, I think this issue is the blocker https://github.com/tevador/polyseed/issues/13 18:15:46 I can't comment on the crypto stuff, but as a user, having polyseed in cli sounds cool 18:17:21 Well, yes, you could be of the opinion that you don't want Polyseed in the core software as long as it does not have perfect plausible deniability, but that would be more of a matter of opinion, not really a technical problem 18:18:17 How would the road to an audit look? 18:18:28 Making a CCS for it? 18:18:42 And finding somebody who may audit? 18:20:12 Contrary to doing implementation work, that would be completey new terrain to me ... 18:20:26 *completely 18:20:36 I don't know what's best re: that issue 13 personally, I'd have to think on it more. But I think the benefits of polyseed's embedded birthday significantly outweigh that potential downside there, and so I think it would be better to integrate as it's currently implemented 18:22:05 Currently I also think that the number of additional people who would escape a 5$ wrench attack successfully if Polyseed would cancel that "Encrypted?" feature bit would be very, very small. 18:22:56 The way auditing has been going so far for FCMP++ research is: get a list of candidates, reach out for quotes, then identify best candidate, then pull funds from the CCS research proposal. I can help out with that as I'm about to start reaching out for audit work on the FCMP++ integration soon 18:23:56 Probably a scheme audit *and* a code / implementation audit would be perfect? 18:24:05 I don't think you should be blocked on integrating polyseed into core monero, I'm personally ok with that work proceeding. I doubt an audit would cause a major change to the API / integration 18:24:41 Yeah, a number of wallets offer it already, heavyweights like Cake and Feather 18:25:07 right 18:25:27 thank you for taking the initiative on this rbrunner 18:25:52 Hah, it's early days, maybe I will drop it like a hot potato :) 18:26:13 At least you got the potato rolling then 18:26:34 Maybe, with that audit question, and thus not a pure implementation question, it would be worth to bring the subject also to the MRL meeting? 18:27:06 sure, no objection to that 18:27:47 I see. Will think about it. I guess no hurry, Polyseed in the core software is waiting literally for years already after all 18:28:38 Alright. Anything else for today? 18:29:40 Does not look like it. Thanks everybody for attending, read you again next week! 18:30:10 Thank you 18:32:14 thanks! 19:51:44 I believe the current problem is that it was never decided in design whether to use offsets vs encrypted seeds 19:52:33 Some implementations currently use offsets, and others use encrypted seeds. example.. restoring a passphrased cake polyseed doesnt work in feather iirc 19:54:42 Truly the main reason i wished we were using it for offsets, is because unless this is precisely stated in the polyseed specification, there are no guarantees that mainstream wallets will implement that functionality 19:56:13 Like, let's be honest, there is probably almost no wallets out there that will think about an UI/UX for offsetting the seed for plausible deniability if polyseed doesn't encourage it 19:56:22 "I regret adding passphrase support for polyseed in feather before reaching consensus on the matter" - tobtoht 19:59:19 https://matrix.monero.social/_matrix/media/v1/download/monero.social/CNyDYYLAxAPhclFFAdFHinKB 20:02:00 https://matrix.to/#/!mehPttlWNbDtNeDbvu:monero.social/$ePC6RisWkPpT_nTBOd5N81AUsLB7dz-ft9vLqW3gM64?via=monero.social&via=matrix.org&via=unredacted.org 21:06:24 Hmm, that "encrypted" versus "passphrased" versus "offset" terminology mix has the potential for almost limitless misunderstandings and talking past each other. I have a hunch quite a bit of work is waiting until we are even ready to start discussing this in earnest ... 22:28:04 Polyseed has its own encrypted seeds and set the encrypted bit to 0 or 1. I thinj cake has it set to 1, so encrypted seeds in cake cant be restored into feather. 22:28:04 seed offsets dont use the polyseed encryption (set to 0), and instead operate like legacy passphrases. 22:28:06 this is iiuc. Don't quote me