08:58:38 All you are fighting for is e-penis of a guy you never met, that doesn't even have common decency to pay you for your time. 08:58:41 Do you think they care about Monero, or privacy or anything other than money? 09:13:07 UkoeHB__ wrote a report on the mechanics of MobileCoin if anyone wants to read up on it 09:13:07 https://github.com/UkoeHB/Mechanics-of-MobileCoin/blob/master/Mechanics-of-MobileCoin-v0-0-16-preview-2-10.pdf 10:49:28 ^ seems like it's still missing any mobilecoin specific sections. 11:23:50 TheCharlatan: looks like I jumped the gun, it's just the first 2 chapters that are ready 13:11:18 releasing approx 1ch a week 13:34:50 the protocol isn't a secret though; in summary: crypto is Ristretto on Ed25519, tx protocol is modeled after RctTypeBulletproof2, transactions are validated inside SGX secure enclaves where inputs (ring signatures and input references) are discarded post-validation, validating enclaves ensure ring members exist in the blockchain with merkle proofs, and the network is a Byzantine federated agreement 13:34:50 protocol based on Stellar consensus protocol 13:57:32 sgp_[m]: looks complete to me. It can generate and verify bulletproofplusses. 13:57:55 1930 bytes for a test 2->2. 13:59:23 Wait, that one was not a BP plus. 15:12:50 Why does MobileCoin use MLSAG? 15:29:01 Artifact of development cycles 15:34:04 Ring sig scheme is somewhat less important in MC because sigs are discarded post-validation 15:55:19 is this like grin (at least on a high level) where surveillance nodes can retain this info? 15:58:15 If enclaves are not breached, no one can know the contents of transactions 15:58:36 So in the ideal state the complete transaction graph is unknown 16:03:07 The main weaknesses are A) barrier to entry for running a node since you must own SGX-enabled device, B) in a severe situation where most or all of the network is shut down it MIGHT be possible to inject outputs into the databases of compromised nodes and get them accepted as legitimate when the network recovers 16:03:31 Also, Intel could really mess things up if they wanted 16:07:24 Basically tx authors encrypt tx, the tx are sent into secure enclaves and decrypted, the tx are validated, and the enclaves output the tx outputs. How exactly that works, is part of Mechanics of MobileCoin 16:09:43 This has never seemed like a good trade-off for me 16:10:08 Instead of targeting the blockchain, I could target Intel 16:10:27 * Instead of targeting the blockchain, I could target Intel or their employees 16:17:43 Afaik the MC team wants to rely less on intel in the future. The development work for even the initial implementation is non-trivial 16:22:08 Maybe the biggest improvement would be not depending on Intel for remote attestation, making it harder to censor nodes trying to run the MC software 16:24:28 Oh I see, if trust is not that big a issue, I’d probably swap it out for a Snark which uses a trusted setup like vanilla PLONK 16:24:42 It’d be interesting to see how it develops 17:00:57 sgp_: https://github.com/moneromooo-monero/bitmonero/tree/bp%2Bc (plugs sarang's code in, looks like it works just fine) 17:01:43 I'll have a small efficiency update later today relating to transcript initialization 17:01:45 nothing major 17:02:09 :( 17:02:20 We *want* major efficiency updates :( 17:05:33 heh 17:05:36 I already included those! 17:05:48 The initial work I did was much less efficient... 17:06:40 ^_^ 17:06:55 I don't think the optimizations were super clever, but I think they were a _little_ clever :D 17:07:53 sarang: Were you going to PR a blog to the site btw? 17:08:00 About Bulletproofs+ 17:08:25 Wasn't sure if it was appropriate before an audit 17:08:31 I have that draft post that could be used 17:12:52 I think it is, arguably 17:13:07 Would also help potential donors understand what they are funding 17:13:55 I think it's useful 17:14:15 are the original people that had a BP+ CCS still available to audit? 17:14:58 I think we need to contact