I plan to work full-time to work towards accomplishing:
- Implementing Seraphis wallet code with Ukoe, jberman, et al.
- Drafting a formal specification for decoy selection and implementing it in a modular, robust, easily-testable way, and then creating a multitude of unit tests, integration tests, and statistical checks for this code.
- Reviewing other Monero core PRs, especially those related to Seraphis or @vtnerd's serialization changes.
To expand on point 2, I think the decoy selection code is in need of a makeover. In light of recent, high-impact decoy selection bugs (more info here and here), and whereas ring signatures are generally regarded as the weakest link in Monero's privacy model, I believe a new development initiative needs to take place to replace the decoy selection code. Typically I am against refactoring code "just because", but in this case it is warranted. All of the aforementioned bugs could have been spotted by statistical checks. However, currently, it is rather difficult to test the decoy selection in isolation due to the monolithic design of
wallet2. In theory, decoy selection code could be written to be rather functional. To over-simplify, we take distribution of enotes on-chain usable for given for true spends, apply arbitrary picker distribution, then request information for selected decoys over RPC, retrying the process if enotes are blackballed or otherwise unsuitable. There are a lot of edge cases to consider, but there isn't any major reason why decoy selection can't be modularized and standarized apart from the rest of the wallet code. This goal also overlaps with point number 1, since this code can be used not only in
wallet2, but in future versions of core wallets if written correctly.
- Implemented research issue 109 by authoring a PR that, when spending coinbase enotes, chooses coinbase enotes as decoys and vice versa.
- Implemented a requested wallet transfer feature that enables "fee-included" transactions
- Found and fixed an issue which nearly allowed a double spend bug, and could cause double spend bugs in the future if the code was not carefully inspected
- Helped review patch and write disclosure report on recent decoy selection bug.
I propose to work 40 hours/week for 3 months so 480 hours total. I'm setting my hourly rate at ~$43/hour, and at a price of $140/XMR, makes for a total of 147.4 XMR. The proposal is broken into 3 milestones, one for each "month". These milestones may lag behind schedule if I do not complete 40 hours per calendar week, but in that event, I will not ask for payout until the hours are done.