Logs for the Community (2018-02-03 & 2018-02-17), Dev (2018-02-11), and...

Logs for the Community (2018-02-03 & 2018-02-17), Dev (2018-02-11), and Research (2018-02-05 & 2018-02-12 & 2018-02-19) meetings

add research tag
parent 0e1cfc45
---
layout: post
title: Logs for the Community Meeting Held on 2018-02-03
summary: Community highlights, Monero Integrations, Monero outreach initiative, Forum Funding System updates, RFC-HWALLET-1, Localization workgroup, open ideas, and miscellaneous
tags: [community, crypto]
author: dEBRUYNE / fluffypony
---
# Logs
**\<sgp>** Meeting time!
**\<sgp>** 0. Introduction
**\<sgp>** We would like to welcome everyone to this Monero Community Meeting!
**\<sgp>** Link to agenda on GitHub: https://github.com/monero-project/meta/issues/170
**\<sgp>** Monero Community meetings are a discussion place for anything going on in the Monero Community. We use meetings to encourage the community to share ideas and provide support.
**\<sgp>** 1. Greetings
**\<xmrscott[m]>** Salutations
**\<ErCiccione>** Hi
**\<rehrar>** This guy
**\<sgp>** @pigeons the mattermost relay is down
**\<sgp>** 2. Community highlights
**\<sgp>** For a great weekly summary, please read the Monero Observer: http://monero-observer.com/
**\<sgp>** 3. Monero Integrations improvements
**\<sgp>** cryptochangements asked to speak for a few minutes about improvements they have made to existing integrations.
**\<cryptochangement>** ok i just got here
**\<cryptochangement>** didnt know mattermost was down
**\<sgp>** perfect timing :)
**\<cryptochangement>** okay so basically, I just wanted to share that I have improved on the wordpress plugin from serhack's last FFS and made it easier for merchants to accept Monero
**\<cryptochangement>** basically it allows people to use their viewkey with a block explorer instead of an rpc waller
**\<cryptochangement>** \*wallet
**\<cryptochangement>** here is the reddit post I made with a video demo: https://www.reddit.com/r/Monero/comments/7tkpfu/accepting_monero_with_monerointegrations_just_got/
**\<cryptochangement>** and several more new merchants have already started using the upgraded version
**\<cryptochangement>** there is still some concern about using a node that is not yours to validate 0 confirmation transactions which I'm still looking into, but IMO you should really just stick to the "small amounts only" rule when accepting 0 conf transactions.
**\<cryptochangement>** Any questions?
**\<cryptochangement>** otherwise we can move on :)
**\<sgp>** Thanks cryptochangement
**\<sgp>** 4. Monero outreach initiative
**\<sgp>** Rehrar asked to discuss his idea about an outreach initiative for this workgroup.
**\<rehrar>** yeah, and my IRC is being stupid. sec.
**\<rehrar>** I'll just type from MM.
**\<sgp>** Ok, looks like Mattermost relay is back up
**\<cryptochangements>** ok cool
**\<rehrar>** Alright, so the basic idea of this Outreach, is that we get a small subgroup of interested community members to make a list, identifying other exciting open-source projects. They don't have to be crypto or privacy created. Mostly stuff that is trying to change the world.
**\<rehrar>** We then do what I'm calling a
**\<rehrar>** 'Monero bomb' of this project (sorry, pressed enter by accident)
**\<rehrar>** Where a bunch of us Monero people go to them, see what they need, and do it. Things like translations, website work, infographics, whatever.
**\<rehrar>** Then we disappear into the night. They've just got "Monero'd"
**\<rehrar>** The ultimate goal of something like this being to build bridges of relationship with the open source community at large, and solidify Monero's place there.
**\<rehrar>** In its purest form, open-source is a more-or-less altruistic way to see the world change, and empower people with software, rich and poor.
**\<rehrar>** In its purest form, it's not about the money.
**\<rehrar>** Cryptocurrency is very strange, in that, for most projects, it's all about the money, despite being open source. It's a weird bastardization. But you see with the launch of Bitcoin, it was about changing the world by providing a better money, not about making money.
**\<rehrar>** I like to think Monero subscribes to being like that. We're not about getting rich. We're about changing the world, and there's a lot of other projects that are trying to do that in small ways too
**\<ArticMine>** This seems to me to e a very worthwhile project
**\<rehrar>** Monero can show them some love, get our word out there and help them spread theirs at the same time.
**\<rehrar>** We can help them get set up with Monero donations, etc. etc. etc. What we can accomplish for them is only limited by the skills of the volunteers we have.
**\<cryptochangement>** sounds good, it would be awesome if we could get the coordination for that
**\<rehrar>** This also gives a project for the many people who want to help Monero, but don't know how cuz they can't code.
**\<rehrar>** Either way, that's my idea.
**\<rehrar>** If we like it, I can start work on it.
**\<ArticMine>** Of course we can look at Monero as a multi-billion dollar crypto-currency with an elaborate security model based entirely upon software freedom
**\<cryptochangement>** I for one like it
**\<cryptochangement>** looks like a small crowd today
**\<sgp>** @rehrar I think the most difficult part would be finding enough participants
**\<rehrar>** This is true.
**\<rehrar>** Which is kind of sad, since Monero community is so big, but that's the way it goes with anything, I think.
**\<cryptochangement>** I think we could easily find enough people in time, but coordinating volunteers to do stuff like that all together in a short-ish amount of time would probably be the bigger challenge
**\<sgp>** Maybe a mailing list would help more than subreddit posts. Not sure
**\<ArticMine>** There is also a lack of awareness in the Monero community as a whole as to the critical role Free Software and software freedom play in Monero
**\<rehrar>** We can have a 'sign up sheet' where people sign up to receive emails about stuff. They say their skills, and once a month we have a new project to help.
**\<cryptochangement>** the problem with a r/ post is that most people over there are just scrolling by with short attention spans
**\<rehrar>** \^ ArticMine
**\<rehrar>** Most people don't really understand open source as a whole. They know Monero IS open source, but they don't know the ideals of open source, and how it tries to change the world
**\<cryptochangement>** the 'sign up sheet' sounds like a good idea tho
**\<sgp>** @rehrar sounds good, as long as you include clear projects for beginners to work on
**\<rehrar>** Then maybe we can have a sticky in the Community subreddit of the project we're helping this month
**\<rehrar>** final though from me:
**\<cryptochangement>** the community subbreddit is nice, but pretty small :/
**\<rehrar>** even if all this accomplishes is tiny bits of help (financial or otherwise) toward a project, the other thing it accomplishes is spreading the word of open-source as a whole to our community, and generating awareness for other projects that some in the community might find useful
**\<rehrar>** it's pretty easy to 'catch the vision' of Monero, when you catch the vision of open source as well.
**\<ArticMine>** ^^ This is critical
**\<rehrar>** In the end, isn't that the goal of the Community workgroup?
**\<rehrar>** We try to make a better community
**\<rehrar>** and a better community, is a community that 'gets it'
**\<sgp>** Yes, at least imo
**\<ArticMine>** It can be part of the role of the Monero Community
**\<rehrar>** so it makes sense that our subreddit and stuff is small
**\<rehrar>** cuz not many people 'get it' ;)
**\<sgp>** @rehrar part of it is me mostly using the subreddit only for announcements
**\<rehrar>** Either way, once again, it will make an outward focus for Monero instead of just an inward ones, which will set us apart from other crypto projects.
**\<rehrar>** *bows* thank you
**\<cryptochangement>** *applauds*
**\<rehrar>** (my rant for the meeting)
**\<ArticMine>** To me it is a recognition o the debt Monero own the FLOSS communities
**\<ArticMine>** owes
**\<sgp>** Yeah, I think it's a good project to have
**\<serhack>** hi :)
**\<sgp>** Anything else? What do you need to get started @rehrar?
**\<rehrar>** I guess some volunteers to work with me to start compiling a list. :)
**\<rehrar>** I'll make a Taiga for it.
**\<sgp>** ok cool, look forward to seeing how this project evolves
**\<rehrar>** also check out the new refreshed getkovri.org website and tell me if anything is broken for you on mobile, desktop, or tablet :D
**\<cryptochangement>** I'd be glad to volunteer
**\<serhack>** I like your idea rehrar
**\<rehrar>** I like my idea too serhack ;)
**\<cryptochangement>** so you got at least 1 or 2 already :p
**\<sgp>** 5. FFS updates
**\<sgp>** There are several FFS updates.
**\<sgp>** a. Localization workgroup Q&A
**\<sgp>** Erciccione asked to reserve some time for a localization workgroup Q&A.
**\<ErCiccione>** thank you sgp i have a couple of things to say
**\<ErCiccione>** first of all i wanted to apologize to the community, I'm having some personal problems since january. This caused me to work less than i wanted to (and less than what i promised in my ffs) for the localization workgroup
**\<ErCiccione>** this means i'll recover that time on march (reclaiming the third milestone one week later)
**\<ErCiccione>** but i have also some good news :)
**\<ErCiccione>** thanks to rehrar's patch getmonero.org is now ready to be localized, i already set up a guide on taiga and can be found here: https://taiga.getmonero.org/project/erciccione-monero-localization/wiki/translating-monero-website
**\<ErCiccione>** very soon i will upload on github the itlaian translation, so translator can use that as example for their Pull Requests. Also
**\<rehrar>** woohoo!
**\<serhack>** that's nice :)
**\<ErCiccione>** i will publish this evening or tomorrow a reddit post asking for translators, since also getkovri was just refreshed and need to be checked and updated. The GUI is going great btw
**\<ErCiccione>** a lot of translators, and if we are lucky we could get even 3 more translations before the code freeze
**\<cryptochangement>** awesome
**\<ErCiccione>** this is everything coming in my mind right now, the reddit post will be more verbose..if anybody has any question,, here to answer :)
**\<cryptochangement>** btw @ErCiccione i'm about to squash commits for that french GUI update so it should be ready to merge soon
**\<ErCiccione>** great, thanks cryptochangement, will leave my final review after the squash
**\<sgp>** Thanks ErCiccione
**\<sgp>** @michael you ready?
**\<ErCiccione>** thank you guys
**\<sgp>** b. RFC-HWALLET-1 project progress
**\<michael>** Almost.
**\<michael>** On the road problems.
**\<rehrar>** how much time you need?
**\<michael>** Five minutes.
**\<sgp>** Ok, we can move to open ideas time until you are ready. Just jump in whenever
**\<sgp>** I have an thought!
**\<sgp>** I'm surprised we haven't discussed the possible overlap between /r/MoneroCommunity and /r/moonero before. Most large communities have fun making content (eg: dogecoin)
**\<cryptochangement>** *waits suspensfully for sgp's thought*
**\<cryptochangement>** thats an interesting way of looking at it
**\<sgp>** Would encouraging people to make memes encourage people to contribute in other ways? Are we actually harming the community by having these two groups separate?
**\<cryptochangement>** tbh i dont see how making memes will turn into other contributions
**\<sgp>** It just encourages light-heartedness and lowers the barrier for initial contributions
**\<michael>** Can only get a hotel network connection on my phone.
**\<cryptochangement>** its an interesting idea but it might just end up as clutter
**\<michael>** We had a hardware team meeting since the last community meeting.
**\<michael>** For which there are minutes.
**\<michael>** We're working on a new generation prototype, which will integrate one or more new secure elements.
**\<serhack>** Private elements too?
**\<msvb-mob>** Finally online, with a charged battery.
**\<msvb-mob>** serhack: The secure elements lock secrets away from rogue firmware.
**\<msvb-mob>** serhack: I don't know what a private element is.
**\<serhack>** Monero is focused on privacy, I think the hardware wallet should be focused on the same goal
**\<rehrar>** it is, serhack, no worries
**\<rehrar>** the secure element is an actual piece of hardware
**\<serhack>** Right.
**\<ArticMine>** and how open in the hardware? back to the FLOSS question?
**\<msvb-mob>** The hardware uses common parts, passive resistors, capacitors, and active LDO (power), MOSFET (transistors), and the more complex but also common MCUs and ICs.
**\<msvb-mob>** All design, including schematic and layout, is licensed according to the CERN license.
**\<msvb-mob>** We have rejected all NDA (nondisclosure agreements) and have no secret contacts, so this is quite Opensource. In fact even our process (project management and other docs) is.
**\<msvb-mob>** ArticMine: Sound okay to you?
**\<msvb-mob>** Any other hardware team questions?
**\<ArticMine>** Yes this avoids proprietary attacks
**\<sgp>** Thanks @msvb-mob for your update
**\<msvb-mob>** ArticMine: Documents state 'copyright The Monero Project.'
**\<msvb-mob>** sgp: You're welcome.
**\<ArticMine>** You need a copyright which is then linked to a FLOSS or certain CC license
**\<msvb-mob>** Yes, the CERN Opensource Hardware (OSH) license.
**\<ArticMine>** This is a legal requirement in many jurisdictions
**\<sgp>** ArticMine msvb-mob anything else you want to discuss related to this? They should have most of the details outlines on Taiga
**\<msvb-mob>** sgp: We're done with the hardware report, thanks.
**\<sgp>** Thanks msvb-mob
**\<sgp>** 6. Open ideas time
**\<sgp>** Does anyone have anything to discuss here?
**\<ArticMine>** It seems to me this is on the right track
**\<sgp>** Ok, since it seems quiet today, we can wrap up the meeting
**\<sgp>** 7. Confirm next meeting date/time
**\<sgp>** The next community meeting will be two weeks from today on 17 February. The next Coffee Chat will be next week on 10 February: https://github.com/monero-project/meta/issues/173
**\<sgp>** 8. Conclusion
**\<sgp>** That’s all! Thanks for attending this Monero Community meeting, and we hope to see you on /r/MoneroCommunity and #monero-community. Take care, and know that change starts with YOU.
\ No newline at end of file
---
layout: post
title: Logs for the Monero Research Lab Meeting Held on 2018-02-05
summary: Bulletproofs, dedicated Monero conference, increasing minimum ring size, making ring size static, and miscellaneous
tags: [community, crypto, research]
author: dEBRUYNE / fluffypony
---
# Logs
**\<suraeNoether>** meeting in a few minutes
**\<sgp>** Thanks for the ping
**\<suraeNoether>** we'll be casual about it today
**\<suraeNoether>** np sgp
**\* moneromooo** adds "surae said there would be casualties today" to the minutes.
**\<suraeNoether>** floggings will continue until... the floggings continue
**\<sarang>** So, what shall we cover?
**\<sarang>** I'm writing up a technical note on our BP stuff, for addition to the MRL paper library
**\<suraeNoether>** 1: greetings, 2: your work since our last meeting, c) my work since our last meeting, and iv: what you and i just discussed i guess
**\<sarang>** it should help reviewers with notes of where we are different from the original whitepaper
**\<sarang>** ah ok, I'm getting ahead of myself
**\<suraeNoether>** hehe
**\<suraeNoether>** but i think greetings are too formal, etc
**\<suraeNoether>** you go ahead
**\<suraeNoether>** are our implementations of bulletproofs so novel that we need an MRL-XXXX ? or is this more of a monero standards-thing?
**\<sarang>** Sure
**\<sarang>** So moneromooo and I worked on getting batch verification added to BPs
**\<sarang>** which will significantly speed up initial operations for new nodes
**\<sarang>** It lets you lump together verification of multiple proofs from as many transactions as you want
**\<sarang>** Still linear time, but the scaling factor is less when you batch
**\<sarang>** I'm writing up a technical note that discusses the rationale for our switch to BPs, and talks about the math behind the changes we made from the whitepaper
**\<sarang>** These may be included in andytoshi's update to the whitepaper, but the timeline on that isn't clear
**\<sarang>** This will help out the review process by explaining what we did and why we did it
**\<sarang>** as well as beef up the MRL paper library =p
**\<sarang>** It will NOT be a full review of all the BP algorithms, which would be horrifically redundant
**\<suraeNoether>** this still makes me nervous, fwiw, because you can interpret a range proof as a ring signature with a private key from the set [0, 1, ..., 2\^N], and ruffing's theorem on verification of ring signatures implies you can't batch several of them
**\<sarang>** It's still linear
**\<sarang>** All we're doing is combining multiexp operations using linear combinations of the scalars
**\<sarang>** And keep in mind it's batching independent proofs
**\<suraeNoether>** yeah, but that's like verifying multiple signatures simultaneously
**\<sarang>** If one proof requires g\^a + h\^b = 0
**\<sarang>** \* not \+
**\<sarang>** and another requires g\^c\*h\^d = 0
**\<suraeNoether>** thing is, my reasoning is faulty for a few reasons. the first one is that just because we used borromean ring sigs to build range proofs that does not imply that all range proofs can be interpreted as ring signatures. and these range proofs are from arithmetic circuits, yeah?
**\<sarang>** You can check g\^(Aa+Cc)h\^(Bb+Dd) = 0, where the capital letters are randomly selected by the verifier
**\<suraeNoether>** ooooh
**\<suraeNoether>** hmm
**\<sarang>** Since the weights aren't deterministic, the prover can't cleverly produce proofs designed to fool this
**\<suraeNoether>** yeah and that's pretty specific to commitments, too
**\<suraeNoether>** cool, sorry for interrupting, please go on
**\<sarang>** So again, still linear, but replacing expensive curve ops with scalar ops, and only doing 1 multiexp
**\<sarang>** It's technically possible to do this for every part of the verification, but moneromooo said there could be caching issues
**\<sarang>** So we might just stick to one particular batch operation, which would be the most expensive one anyway
**\<sarang>** Also
**\<sarang>** You can do this for proofs of different aggregation levels
**\<sarang>** Now, andytoshi and benedikt have also figured out a way to allow ANY number of outputs in a single proof, and not just a power of 2
**\<sarang>** but this would require a significant overhaul and may not be worth it (they were interested for AC applications)
**\<sarang>** I say we just stick with power of 2
**\<sarang>** it'll make for easier review
**\<sarang>** This will all be discussed in the technical note
**\<suraeNoether>** well hold on though
**\<sarang>** ?
**\<suraeNoether>** i'm okay with the idea of sticking with powers of 2 but is there an efficiency reason to avoid the more general approach?
**\<suraeNoether>** is the primary reason to avoid the general # of bulletproofs because the overhaul to the code would be significant, or would it be because the gains in efficiency aren't worth it (in terms of proof size and proof verification time?)
**\<sarang>** The overhaul to the code is quite a bit
**\<sarang>** For proof size it's irrelevant
**\<sarang>** The scaling is logarithmic so it's a minor gain
**\<sarang>** But verification time is linear
**\<suraeNoether>** yeah, it always is, and always will be, but do the constants change?
**\<sarang>** If you have 9 outputs, you either pack with dummies to a 16-proof, or do an 8-proof and a 1-proof
**\<sarang>** no
**\<suraeNoether>** oh, then forget it, keep it at powers of 2 and i'm fine with that
**\<sarang>** Yeah, our numbers are small enough
**\<sarang>** andytoshi et al. were testing with giant ACs where it would matter a lot more
**\<suraeNoether>** yeah, i imagine the flexibility of the construction is important for their purposes
**\<sarang>** 16-proof is more space efficient, but 8+1 is more time efficient
**\<sarang>** slightly
**\* sarang** will stop talking now
**\<suraeNoether>** and it will also be important for our purposes later on, but for range proofs right now, we can save on fees and blockchain space and new node sync time, it's a no-brainer
**\<suraeNoether>** cool, thanks sarang
**\<sarang>** If we decide to switch later, it would change the proof structure
**\<sarang>** for what it's worth
**\<suraeNoether>** anyone else have any questions about bulletproofs and sarang's documentation of the work on bulletproofs into an MRL-XXXX?
**\<sarang>** I'm ready to be done with these!
**\<sarang>** Fun project, lots of crazy optimizations, but it's time to get this baby born
**\<suraeNoether>** For my work, I'm working on multisig, and working on incorporating some of the ideas from musig into our key merging. https://eprint.iacr.org/2018/068
**\<sarang>** Yeah, cool work discussed at BPASE
**\<suraeNoether>** there are some issues with our current key merging, although I think everything else is pretty much good to go
**\<sgp>** No more questions from me on bulletproofs
**\<sarang>** Another reason that conference was a great investment
**\<suraeNoether>** oh, and holy crap
**\<suraeNoether>** i have to thank the community
**\<sarang>** As do I
**\<suraeNoether>** for freaking sending me all over the world twice in two weeks
**\<sarang>** From the exotic shores of Switzerland to the exotic shores of... Palo Alto?
**\<suraeNoether>** this has been one of the most enlightening and fun weeks of my life, meeting such smart people with such great ideas
**\<suraeNoether>** but we'll get back to that later, I suppose
**\<sarang>** We can make many things virtual, but conferences are not currently one of them
**\<suraeNoether>** back to multisig: basically, the naive, first way anyone has ever done key merging/key aggregation is to simply sum keys
**\<suraeNoether>** so if A, B, and C want to make a multisignature wallet, they compute A+B+C as their public key
**\<suraeNoether>** this has two drawbacks. one of them is that keys can't be re-used securely, and another is that A can try to pick a key of the form A\* - B - C and get a public key A\*. this way, A can make signatures without the input of B and C
**\<sarang>** (I'll be AFK for about 10 min, sorry)
**\<dEBRUYNE>** Wasn't the latter attack discussed here a while ago too? I think luigi1111 retorted it.
**\<dEBRUYNE>** I might be conflating stuff though
**\<suraeNoether>** if so, i'm not sure where it is
**\<suraeNoether>** this goes back to the original criticisms of the ASNL ring sigs back when we first did ringct
**\<suraeNoether>** so other methods would instead of computing the simple sum A + B + C would compute a linear combination c1\*A + c2\*B + c3\*C where each c1,c2,c3 is a random challenge based on the associated key
**\<suraeNoether>** first methods tried something like c1 = H(A), but the problem became an issue where all the public keys A, B, C have to be revealed to verify a signature
**\<suraeNoether>** which brings us to another drawback of A+B+C which is that it's distinguishable from other keys: if you suspect some users have formed an N-of-N wallet and you know their public keys, it's trivial to check if a key is a multisig key
**\<suraeNoether>** the key aggregation in the musig paper computes c1 = H(A, {A,B,C}), c2 = H(B, {A,B,C}), and c3 = H(C,{A,B,C})
**\<suraeNoether>** and this one little trick (!) of the hash function makes it verifiable with only the total aggregated key
**\<suraeNoether>** long story short, it's a simple change from computing keys as a simple sum(key) to sum( H(key, list\_of\_keys)\*key)
**\<suraeNoether>** and this sounds great
**\<suraeNoether>** but then your heart falls when you find out that they use a novel and somewhat complicated proof technique with a nonstandard discrete log assumption
**\<suraeNoether>** so, i'm going through an MLSAG ring signature extremely carefully and making sure that I can substitute these keys into the proof without changing the underlying security properties of the MLSAG
**\<suraeNoether>** I don't want to make any recommendations about changes, yet, though, because of their proof technique and their strange security assumption
**\<suraeNoether>** also, fwiw, if users always roll fresh keys for their multisig wallets, we could simply insert a commit-to-keys and an opening-of-commitments set of steps in key merging, and instruct users to always roll fresh keys for each new multisig construction
**\<suraeNoether>** so there is a route for preventing this rogue key attack in both cases. i just want to take this new proof seriously
**\<suraeNoether>** any questions about multisig?
**\<luigi1111>** Yes but not now
**\<luigi1111>** I'm not really here
**\<suraeNoether>** ok we can put that on hold for now
**\<suraeNoether>** in addition to that, Sarang and I are starting to throw the first roadmap of the year together. We are taking a little bit extra time because other projects like BP and multisig are more urgent.
**\<suraeNoether>** Sarang also has a three-week cryptography course planned this summer, maybe when he gets back he can tell us about that
**\<sarang>** back
**\<sarang>** Yes
**\<suraeNoether>** good timing
**\<sgp>** Yes, sarang made this course sound pretty interesting. I'd like to hear more about it
**\<sarang>** So there was desire expressed that educational outreach is a Good Thing
**\<sarang>** And who knows, maybe eventually we can run an independent program, or team up with other projects for this
**\<sarang>** But that's time-consuming and very expensive
**\<sarang>** There's an offer this summer to do a 3-week intensive course through Duke or JHU
**\<sarang>** It costs the community nothing
**\<sarang>** and is a good opportunity to pilot a cryptocurrency-focused modern crypto course for gifted high school students
**\<sarang>** Disclaimer: I'd get paid a pittance to teach it, based on their existing pay structure, so I wouldn't request any FFS during that time
**\<suraeNoether>** pittances invested in cryptocurrencies become old toyota tacomas
**\<sarang>** Ha, it's paid in boring US currency
**\<sarang>** Any questions on it?
**\<sarang>** Course materials would be released fo free
**\<sarang>** Lectures can't be videotaped
**\<suraeNoether>** oh, i was speaking with you, Sarang, and one of fluffypony's friends about making educational youtube videos, white-board-style, that explain how bitcoin and monero work, and how ethereum smart contracts will destroy the whole ecosystem
**\<suraeNoether>** (ahem)
**\<suraeNoether>** i mean how smart ethereum smart contracts are
**\<sgp>** Course materials include slides?
**\<suraeNoether>** sarang: do you usually use slides or are you a chalk talk sort of man
**\<suraeNoether>** ?
**\<sarang>** I've moved some of it to slides for easier reuse
**\<sarang>** But not entirely
**\<sarang>** I also have a lot of it in book form now
**\<sarang>** Over 100 pages of classical and some modern material, with exercises
**\<suraeNoether>** that's pretty sweet actually. you following the footsteps of your adviser, writing your own textbook one semester at a time?
**\<sarang>** Only out of laziness
**\<sarang>** I've taught classical crypto courses before and got sick of rewriting everything
**\<suraeNoether>** the best motivator for keeping detailed notes
**\<sarang>** So anyway, comments/questions welcome
**\<sarang>** especially on the scope
**\<sarang>** This will basically be a pilot program run under the existing structure of an established program
**\<sarang>** which removes all the hassle of recruiting students, housing people, etc.
**\<suraeNoether>** neato burrito
**\<sarang>** For reference though, this doesn't mean that JHU or Duke are endorsing Monero in any way... I'd be teaching it as an unaffiliated seasonal employee
**\<sarang>** oh, sgp yes that would include slides
**\<suraeNoether>** One last time, I would like to thank the community for their amazing generosity in general, and in particular these past few weeks.
**\<sarang>** everything except for video lectures (can't release those since students are minors)
**\<sarang>** Notes also include a cool section on Enigma that includes a paper simulator you can build yourself
**\<suraeNoether>** if anyone has found any interesting papers or ideas recently, please share them! I saw that hyc spoke at a fosdem
**\<suraeNoether>** does anyone know if his talk is available anywhere?
**\<suraeNoether>** i hear he serenaded the crowd with his violin
**\<sarang>** Well I heard about this crazy new coin! It uses a DAG! And it's like a hive with fast payments and it has secure!
**\<sgp>** I would also like the link if possible
**\<suraeNoether>** is instant?
**\<sarang>** Probably!
**\<suraeNoether>** probabilistically instant?
**\<sarang>** I've turned into this huge Eeyore among local groups
**\<sarang>** They keep posting their favorite new shitcoin, and I keep telling them the whitepaper has zero crypto, protocols, or math
**\<sarang>** =p
**\<sarang>** Then they get mad
**\<sgp>** @sarang that's a great way of putting it
**\<suraeNoether>** gotta be a good red team
**\<suraeNoether>** gotta *have* a good red team
**\<sarang>** This isn't being a red team, it's being able to read
**\<suraeNoether>** okay, so there's also this idea that Sarang and I have been kicking around
**\<suraeNoether>** about hosting a Monero conference next spring in Denver, CO
**\<diego[m]>** Meeting = missed. :(
**\<suraeNoether>** eh, not really
**\<suraeNoether>** tail end anyway
**\<suraeNoether>** i've spoken with a few different possible speakers, and everyone seems to be receptive to the idea. i've costed it out, and i am astounded, btw. a conference like consensus charges huge $$ to get in, but from the numbers i'm seeing, we can break even for between 50-100 bucks a ticket
**\<suraeNoether>** if we run an FFS, it could just be free
**\<suraeNoether>** well, free except for the donors
**\<suraeNoether>** well
**\<suraeNoether>** i mean free to attendees
**\* suraeNoether** *flustered*
**\<gingeropolous>** thats because they look to profit
**\<suraeNoether>** gingeropolous: +1
**\<sarang>** It'd be funny to have a "donors" section of the program with a bunch of blacked-out names
**\<anonimal>** Venue picked out?
**\<suraeNoether>** anonimal: i have a few in mind, i ahve a spreadsheet of possibilities
**\<sarang>** He can prove it's at one of several possible venues
**\<diego[m]>** We should milk attendees for all they're worth.
**\<diego[m]>** Conference be Monero specific? Not privacy? Not open source? (Just some questions)
**\<sarang>** diego[m]: provide free milk?
**\<suraeNoether>** i want this to be a 1 or 1.5 day thing filled with technical talks. investors and venture capitalists shoudl be bored out of their minds
**\<anonimal>** In Denver or surrounding area?
**\<suraeNoether>** diego[m]: i'm open to most privacy-enhancing technology based talks
**\<suraeNoether>** anonimal: yeah, if you want i can send you a list of some places i found
**\<anonimal>** That'd be great, thanks.
**\<suraeNoether>** we can go super super cheap and go for a university if we don't want to have a cool industrial-style brewery all to ourselves
**\<anonimal>** I do miss those hills.
**\<sarang>** Orrrr we could do brewery
**\<sgp>** Have you talked with any universities? May be much cheaper and easier to host a conference there than a hotel or similar
**\<sarang>** suraeNoether: you've been talking with an event planner, yes?
**\<suraeNoether>** yep
**\<anonimal>** Any boulder connections? IIRC bigreddmachine is there.
**\<sarang>** and the zcash folkz
**\<diego[m]>** ajs and I had a similar idea a while back, so if you need any help from Monero Community, We can see what we can do. Maybe come early to decorate. :P
**\<suraeNoether>** she's organized conferences for pharma companies and doctors and stuff like that before, and she's chatting with me pro bono about it
**\<suraeNoether>** anonimal: zcashco world headquarters is in boulder. :P heh.
**\<suraeNoether>** mike from the moneromonitor podcast is out there too
**\<sarang>** I always pictured them having their headquarters in a mountain
**\<suraeNoether>** anyway, i'm glad to see such positive responses
**\<sarang>** or a lighthouse or something
**\<anonimal>** oh my
**\<suraeNoether>** i've been watching venture brothers. spiderskull island ftw
**\<sarang>** I'm telling ya, buy a Monero jet and I'll fly all the attendees there
**\<diego[m]>** Why don't we have it at a resort? :D
**\<suraeNoether>** sarang has a pilot's license, he isn't kidding.
**\<anonimal>** lol aspen
**\<sarang>** Denver is a resort... THE LAST RESORT
**\<sarang>** burn
**\<suraeNoether>** diego[m]: actually if we do summer, i was considering estes park
**\<suraeNoether>** it's a summer town in the middle of the mountains and there is a YMCA there that hosts huge huge conventions eveyr year
**\<suraeNoether>** but the cabins don't have good wifi, and i feel like that's a really really big requirement
**\<suraeNoether>** they *do* have wifi
**\<suraeNoether>** just not *great* wifi
**\<sarang>** Is it encrypted wifi? Or is it like the Stanford conference?
**\<sgp>** Gigabit ethernet #1 consideration lol
**\<anonimal>** We could do black hawk but don't get me gambling...
**\<sarang>** Which for some reason had insecure wifi that sucked ass
**\<suraeNoether>** sarang: it's far less secure than the stanford. :P
**\<suraeNoether>** anyway, i'm super happy to see this sort of response
**\<anonimal>** We could turn black hawk into the next defcon
**\<sgp>** @surae I I would go well out of my way to go to a Monero conference
**\<anonimal>** ...
**\<anonimal>** X)
**\<sarang>** We should settle on a date sooner rather than later
**\<sarang>** Or at least a couple of options so people can plan
**\<suraeNoether>** sarang: we'll try to get that hammered out before the end of the month
**\<suraeNoether>** one thing, though
**\<anonimal>** Is summer an option?
**\<suraeNoether>** i just don't want it to overlap any big known conferences, and i want to avoid late september-through-december
**\<sarang>** righto
**\<diego[m]>** Sounds fun.
**\<sarang>** We should also talk about the scope of talks, so folks from other projects have a good sense of what they'd be in for
**\<anonimal>** Let's do it after defcon.
**\<gingeropolous>** line by line presentation of the monero code
**\<diego[m]>** We're not talking for this year, though, right?
**\<sarang>** Have it scrolling in the background
**\<anonimal>** People will already be out in the U.S.
**\<sarang>** like the Matrix
**\<sarang>** Yeah not this year
**\<suraeNoether>** diego no, 2019
**\<suraeNoether>** OH MY GOD i just checked my protonmail after BPASE, i'm swamped
**\<suraeNoether>** ok, this meeting is either over or can continue without me
**\<suraeNoether>** peace out brothers\~!
**\<suraeNoether>** if anyone has any questions, please email me at [email protected] (I'll be there for the rest of the day apparently)
**\<sgp>** I couldn't find the recording, but here's hyc's slides https://fosdem.org/2018/schedule/event/monero/attachments/audio/2585/export/events/attachments/monero/audio/2585/20180204_FOSDEM_Monero.pdf
**\<sarang>** cheers
**\<sgp>** Only one thing from me. After the chaos of bulletproofs and multisig calms down, I would like to encourage future research in the impact of ringsize and churning. Either these need more research, or we need better ways of communicating these concerns to people https://www.reddit.com/r/Monero/comments/7v601j/skepticism_sunday_february_04_2018/dtq9tnt/
**\<sarang>** I agree
**\<sgp>** Also we're discussing increasing the minimum ringsize without really knowing what the tangible benefits are
**\<sarang>** Fortunately we have good space savings we can use to our advantage
**\<sarang>** if we decide to move there
**\<suraeNoether>** sgp: I agree, and actually I've been thinking about that.
**\<dEBRUYNE>** I think the discussion doesn't pertain to whether it has tangible benefits
**\<dEBRUYNE>** It's whether it's significantly outweighs the trade-offs
**\<suraeNoether>** \^
**\<dEBRUYNE>** it significantly\*
**\<sarang>** soon STARKs will save us all
**\<dEBRUYNE>** I think an increase to 10 + making it static is worth the trade-off though
**\<sarang>** Having a tested model will be essential
**\<sarang>** Otherwise we'd just be pulling numbers out of our ass
**\<dEBRUYNE>** What should be tested?
**\<dEBRUYNE>** I mean, which variables
**\<sarang>** Well I think we need to be able to quantify what we consider the weaknesses or attack vectors, couple that with some cost function, and work from there
**\<sarang>** I don't have the answer
**\<sarang>** But I think it's the approach we should take if possible
**\<sarang>** Oh one quick addition
**\<sarang>** One of the non-OSTIF audit groups checked with their lawyers
**\<sarang>** They won't let us publish their name or statement of work in advance
**\<sarang>** I think that's far enough outside of our philosophy for this review that it takes them out of the running, unfortunately
**\<anonimal>** +1
**\<sarang>** Once we've formally turned them down, I can say who they are
**\<sarang>** Process on the other groups is moving forward, albeit delightfully slowly
**\<sarang>** More details as I get them
**\<sarang>** Although I'm not too worried, since we just added batch verification anyway, and that needs to go into the technical paper that the reviewers will get
**\<dEBRUYNE>** \<sarang> They won't let us publish their name or statement of work in advance \<= Can you elaborate on this?
**\<sarang>** So, I told all the prospective groups that we want to publicly discuss all SoWs and prices prior to funding, so we can make an informed decision
**\<sarang>** As well as share the results of the audit(s)
**\<sarang>** SoWs being important since they explicitly outline the scope of the review
**\<sarang>** https://www.irccloud.com/pastebin/RAEbSR24/
**\<sarang>** This is the email from their rep
**\<sgp>** @dEBRUYNE I totally agree that we should weigh the benefits and cons. We just need more justification than "10 is a larger number than 5"
**\<dEBRUYNE>** sarang: I see. Was this group favored qualitively? If so, perhaps we can think about a work around.
**\<sarang>** They're a well-established group
**\<sarang>** I have no doubt that they would do a thorough and correct review
**\<dEBRUYNE>** Ok. Let me put some thoughts into this
**\<sarang>** But I don't like the idea that I'm the only one (or part of a non-public group) that decides this
**\<sarang>** Once I get final word from all OSTIF prospects, we'll have a better idea of any differences in scope
**\<sarang>** What they care about more than absolute price estimates is their rates
**\<sarang>** FWIW
**\<suraeNoether>** on a slightly different note, all the slides and videos of the talks at BPASE this year are online here: https://cyber.stanford.edu/bpase18 \<--- I highly recommend @roasbeef's talk, but slow it down to 50% speed
**\<sarang>** lol
**\<sarang>** it's true
**\<sarang>** He would make a fantastic auctioneer
**\<anonimal>** What you're asking for is completely within the realm of open source principles. How can they call themselves OSTIF.
**\<sarang>** anonimal: the group I linked was not an OSTIF group
**\<sarang>** It was a group recommended by fp
**\<anonimal>** Oh, "non-OSTIF", I see now, thanks.
\ No newline at end of file
---
layout: post
title: Overview and Logs for the Dev Meeting Held on 2018-01-28
summary: Discussion of open PRs and issues, Bulletproofs and auditing, March HF, slight PoW tweak, dedicated Monero hardware wallet, and miscellaneous
tags: [dev diaries, core, crypto]
author: dEBRUYNE / fluffypony
---
# Logs
**\<rehrar>** ArticMine luigi1111 luigi1111w fluffypony smooth hyc moneromooo anonimal vtnerd pigeons endogenic ErCiccione
**\<vtnerd>** present
**\<ArticMine>** Hi
**\<msvb-mob>** Hello.
**\<ErCiccione>** hi folks
**\<vtnerd>** jtgrassie
**\<sgp>** Hi
**\<rehrar>** Agenda: https://github.com/monero-project/meta/issues/174
**\<rehrar>** Jaquee medusa dsc
**\<rehrar>** kenshi84 MoroccanMalinois anyone else?
**\<MoroccanMalinois>** hi
**\<rehrar>** We've already kind of start on 1. Greetings
**\<rehrar>** If you're still hanging out in the peanut gallery, throw a hello on by to us.
**\<rehrar>** Heck, if you don't plan on participating, but just want to watch, we'd still appreciate a hello. :)
**\<Vespco>** Hello
**\<endogenic>** hello
**\<endogenic>** this is dog
**\<rehrar>** As you guys probably see, it's not 17 UTC. We're trying out an hour earlier by request of last meeting. We can decide today whether it was a good idea or not.
**\<pigeons>** hi
**\<rehrar>** suraeNoether sarang
**\<rehrar>** 2. Brief review of what's been completed since the previous meeting
**\<rehrar>** Anyone have anything to report?
**\<moneromooo>** DB crash fix. Misc minor fixes found by coverity. Pool max size. Fluffy blocks on by default. I think that's the main ones.
**\<moneromooo>** And I just PR'd my "store prunable and unprunable data separately" patch.
**\<moneromooo>** Oh, and the --testnet-xxx options are gone now. No more duplication.
**\<moneromooo>** None of that is merged yet, but nothing got merged in two weeks I think.
**\<rehrar>** Thanks moneromooo! You are a shining star. Take a bow.
**\<rehrar>** Anyone else have anything to report? If not we can move on.
**\<moneromooo>** Not all by me.
**\<vtnerd>** I guess I will report for jtgrassie, who looked at the echo off permanently issue with the wallet
**\<rehrar>** a bow for your presentation ;)
**\<vtnerd>** he has a fix that is similar to moneromooo 's patch, but does trigger immediate shutdown on ctrl-c still
**\<luigi1111>** Does that need a resync?
**\<vtnerd>** there are still underlying issues in the signal handler, and if I can't figure out a way to unbreak that code easily we may have to go with the somewhat-hack approach until that gets worked out
**\<iDunk>** luigi1111: It will convert the db from v1 to v2, AFAIU.
**\<moneromooo>** no resync
**\<luigi1111>** Perfect
**\<vtnerd>** and I'm still interested in wallet scanning perf (as usual), and figure out how to do atomic swapping ... if anyone has thoughts on the latter let me know privately for now
**\<vtnerd>** or what this is the whats been completed section, whoops
**\<endogenic>** i have a question for later rehrar
**\<rehrar>** ok
**\<rehrar>** Alright, we ready to push forward?
**\<sarang>** Hullo, sorry for delay, was filing taxes :/
**\<rehrar>** Any dev stuff to report for the last two weeks?
**\<rehrar>** sarang \^
**\<sarang>** It's just about the most fun you can have while still wearing pants
**\<sarang>** Yes, a few quick thing
**\<sarang>** The BP paper was massively updated to reflect a lot of the optimizations we've been including
**\<sarang>** I'm running final checks against that paper (and made a few corrections to the updated paper that have been sent to the authors)
**\<moneromooo>** Oh good point, I forgot about more BP stuff ^\_^
**\<sarang>** I had also worked up a BP technical note, but the paper update makes that obsolete
**\<endogenic>** mooo same
**\<sarang>** However, I think we've made all the optimizations that we want
**\<sarang>** On the audit front, OSTIF groups are slow to provide SoW but apparently that's happening early this week
**\<sarang>** Benedikt Buenz (BP author) wants to review as well
**\<sarang>** Thoughts on how much to offer Benedikt?
**\<sarang>** Having both him and an audit group review will be good: he'll confirm our math, and the audit group will check our final code for holes
**\<rehrar>** Make him an offer he can't refuse
**\<sarang>** lol
**\<sgp>** I don't really know what the right amount is
**\<endogenic>** no pony heads though pls
**\<sarang>** I'm thinking a rate of 800 USD per day would be competitive if it only takes him \~5 days or so
**\<sarang>** He's the most qualified person to do this
**\<endogenic>** then that's cheap
**\<endogenic>** we're lucky
**\<ErCiccione>** that's less than i expected
**\<sarang>** Yeah, I'd go higher if no objections
**\<sarang>** I asked what his rate is, and am waiting to hear back
**\<ArticMine>** It is on the low end
**\<endogenic>** well ErCiccione do keep in mind we benefit from addtl reviewers
**\<endogenic>** so frugality is useful there
**\<rehrar>** 20 XMR bam
**\<sarang>** So I'll do a combined FFS once we've confirmed the OSTIF rate and Benedikt's rate
**\<endogenic>** thanks sarang :)
**\<sarang>** Separarely, I've been working with suraeNoether on some multisig developments from BPASE
**\<sarang>** curriculum development for 3-week summer course
**\<sarang>** Will be speaking at a Portland crypto conference about privacy (funded by the organizers, no FFS needed)
**\<sarang>** and the paper on PHANTOM (related to SPECTRE) just came out, so I'm on top of that
**\* sarang** is done talking now
**\<rehrar>** woohoo, sounds awesome
**\<sarang>** questions welcome
**\<endogenic>** awesome
**\<sarang>** read the new BP paper if it interests you
**\<rehrar>** alright let's jump into the big one: 3. March hardfork items + code freeze
**\<rehrar>** So... code freeze has been "close" for a couple months now
**\<rehrar>** when is it? :P
**\<moneromooo>** When we pushed all we need,
**\<moneromooo>** We need pony back, so we can't discuss this if we don't know that.
**\<moneromooo>** One thing we need to discuss before we do though:
**\<moneromooo>** We discussed changing PoW slightly, and periodically, in order to further our goal of decentralization - to deter ASIC creation some more.
**\<moneromooo>** So we're planning to change PoW before the fork, if the community agrees.
**\<rehrar>** before March?
**\<moneromooo>** Yes. We're still planning on a march fork.
**\<pigeons>** i would expect changing the PoW before this fork to be at least slightly controversial
**\<rehrar>** This seems a bit sudden and soon
**\<moneromooo>** Emphasis on *slightly* btw. It's still mostly Cryptonight.
**\<rehrar>** ah, makes more sense
**\<sgp>** I would like to hear a lot more about the changes and what they mean
**\<rehrar>** \^
**\<rehrar>** can you explain moneromooo?
**\<endogenic>** what deters ASICs?