sarang: what imaged did you choose for the blog post at the end?

because SVGs are not supported by opengraph, so an svg image won't show up as preview on social media

but if the image you chose is rectangular than doesn't matter, because it would show up distorted anyway

My point is that if the image is square and we can make it light enough, would be better to use a png version

Haven't chosen anything yet

uuuugh we should totes bump the ringsize to 13 or 17 because ...... ....

i mean what are the current reasons *not* to do it? is it basically there's no quantifiable reason to do it?

by that token, is there a quantifiable reason to *not* lower the ringsize to 7?

It was useful to avoid anonymity set reduction by chain splits, set-theoretic ring unions, etc.

Beyond that, it isn't clear that there's a marked benefit from a marginal change

we could sell it as an improvement in an effort to boost price.

;-)

ESORICS CBT program is posted now: deic-web.uab.cat/cbt/cbt2020/#program

David Chaum the inventor of Digicash and many foundational papers is claiming his new blockchain is able to achieve 10k+ tps with strong privacy guarantees. I'll just paste a link to the white paper in case there's something useful for Monero

thanks zaflout66[m]

zaflout66[m]: when is nodeCon?

Huh what's that 😅

zaflout66[m]: ^

Yeah no idea really. I just learnt about this today

NodeCon sounds like a hocus pocus magic party to me, and I think it might be fun

I want to know if there will be balloons

And what they will be filled with

Sounds like a trusted setup 🙂

sort of does, yes

pity

Not sure what compromises were made to achieve the high tps though.

zaflout66[m]: I thought it was pretty obvious by that last page

Or near the end page.

The one saying use a server CPU, 64 GB of RAM, a mid-range GPU (like a RTX 2070 which is obviously mid-range), 2 TB SSD storage, and a high speed internet connection

And then separately specifying a gateway using a quad core signifying you're supposed to run multiple of these servers

So every node is basically a server farm

It makes the barrier to entry unfeasible for almost everyone. Combined with their privacy protocol basically being zerocoin (denominations when Lelantus should remove those), a trusted setup, and their leader protocol...

If Monero nodes were just as powerful, I doubt we'd reach such tps though. Or would we?

Even Sigma, which uses denominations, doesn't have a trusted setup. At least this trusted setup seems to be for randomness...

Yeah, but network architecture also has a degree of centralization thanks to the leader protocol

Every cycle, one node becomes THE arbiter of truth. The mantle is passed on, but that selection and definitive behavior enables a lot more optimizations, despite negative effects overall

*And yes, they can't just publish any piece of data, but the lack of community-run nodes reduces verification practices, just like the recent commentary by Vitalik*

I only just remember /me exists... been a while since I've used IRC

zaflout66[m]: The other aspect to consider is TPS claims are utter bull

It's easy to claim 10k TPS. By the time the network releases, and that claim is testable, they'll already have the marketing buzz.

It's easy to set up multiple servers internally on 10 Gbps switches and spam transactions

It's not easy to achieve that on a live network spread across the globe

*and by multiple, I mean one to five. Not even ten to twenty.

I thought someone like Chaum wouldn't be doing a money grab. Seems like it though!

I mean, it could be interesting. A network where every node is a server farm is basically creating a federated payment processor like Paypal.

But it still uses cryptographic principles... Kinda reminds me of Libra. That said, I personally feel it's a horrible system and the 70% control of an ETH token releasing before the mainnet speaks volumes about the company

interesting slide on the etc attack and traceability of mining by e.g. nonce analysis and which node broadcast a tx

although the claim about Monero ASICs further into the thread sounds uninformed

Inge-: That Monero thing happened.

And then I think after they were called out for using easily predicted nonces, they were later called out for using nonces that were too random.

all pre-nov 30th last year tho

Yeah, it is old. Monero doesn't have ASICs anymore, but it serves as a historical example of partial miner de-anonymity by identifying their means

Just curious if Santiago Velez knows, he speaks in the present. no asics and Dandelion+ helps quite a bit

zaflout66[m]> I thought someone like Chaum wouldn't be doing a money grab. Seems like it though! <---- David Chaum is a baby boomer 2 years older than myself. He is still stuck in the 1980's and 1990's that were the glory days of proprietary software. This is when people eagerly waited for the release Windows 95 rather than run Windows XP, and now Windows 7 well after their EOL

The 1990's is also when million and billion were made on proprietary software.

I wonder what I would've done if I was alive back then...

But I much prefer the modern environment :)

As for the XX network. The 1990's proprietary is very much its Achilles Heel. The one user once vote based upon AML / KNC, upon which consensus is based upon, for example is really out of touch with the modern reality

One major data breach of personal information and the coin is subject to a "51%" attack with stolen credentials. I mean really

They use KYC? I missed that when reading over their paper...

Page 12 of the white paper

Thanks for the heads up

"Every vote will be according to SV, with voters selected from those users who have been authenticated as unique. Initially, users will be authenticated through their participation in token sales ,with further mechanisms for authentication added as the network matures."

In summary I see nothing in the consensus protocol. As for scaling. here is the math for Monero.

10K tps @ 2000 bytes per Monero tx works out to 160 Mbps symmetrical Internet speed. Basically a mid range residential connection in my area. The highest is 1500 Mbps down / 940 Mbps up CAD 165 a month, and the lowest is 25 Mps dpwn / 25 Mps up for CAD 85 a month

Wouldn’t the main issue at that rate be compute/risk?

*disk

I disagree because upgrading a computer is very much under the control of the residential user, whil upgrading the Internet connection is not

while\

This is why I always look at bandwidth as the primary limitation.

Still as a baby boomer involved in technology David Chaum should know better. 10^(-12) is conservative as a ballpark for the fall in the cost of computing over 50 years.

Now for the interesting part. There is real innovation here in the use of quantum resistant signatures. That is something Monero may be able to use in the future after this xx network suffers a similar fat to Digi Cash

fate

One final thought: When it comes to technology, one has to be prepared to learn from teenagers for one's entire adult life in order to remain relevant.

Well put

They do say the kyc is only for the initial token sale, Bec US people are not allowed. But no long term solution is presented

Yea, well-said Artic

Apparently they're using W-OTS+

ArticMine: Quantum crypto is... bad? Like it's good overall, of course, as quantum computers pose a serious risk to the existing widely used crypto systems, but almost every 'quantum secure' network has its crypto as a failure.

Such as IOTA leaking half their private key on every use.

Not to mention speed concerns, but I am interested in further development on the space. For now, I think the most important thing people can do is encode a quantum-safe proof into their existing wallets/address/transactions.

So if the keys are broken, they can prove ownership. Of course, that assumes a sudden break no is prepared for and creates a lot of debate about what chain state to use...

IOTA had a weird homerolled hash function

Better to just be ready.

They also on-purposely published a library with broken crypto to stop forks.

Apparently, they don't know what FOSS means (or rather, don't care)

I see quantum computing as a risk Monero needs to be preparing for, as opposed to an immediate risk. The prudent course of action at this point in time is to support the kind of research on this that Isthmus is involved in.

ty

Unrelated, what do y'all think about the Diehard tests as a starting point for the uniformity analysis? github.com/Mitchellpkt/crypto_field_stats_tests/blob/master/README.md

PRNG quality isn't exactly the same thing as uniformity analysis

But I think there several that will be useful (e.g. ciphertexts should generally pass the birthday spacings test, right?)

FTR, there's a die harder suite that's an evolution of it.

(I don't know the details)