ndorf: Do you have any recommendations for a secure and convenient wallet application that isn't a full node, for that "public" wallet usage?

Unfortunately, I'm going to have to try building a full node myself to see how well that flies, because it's not in packages for my favorite OS.

s/going/probably going/

There's cake wallet, if you have an iphone.

I don't.

it's easy to build. there are also official signed binaries

easy if it builds here

what OS/distro?

I'll hunt down the signed binaries and see if they have an OpenBSD build.

ah. no official OpenBSD binary AFAIK. it does build out of the box on OpenBSD though, just need the deps.

Mymonero also, they have a non web version.

ndorf: good to know

And you can run your own server too, optionally.

OpenBSD 6.8, at least

Yeah, I keep up to date with OpenBSD.

(It's so ridiculously easy to update that it'd be pretty dumb to fall behind by more than a week.)

apotheon: do you prefer obsd to hbsd?

i was under the impression it was missing some safeties like ASLR and PIE

There are trade-offs for any reasonable OS choice, of course, though OpenBSD does support ASLR and PIE.

i think he's right actually and OpenBSD provides ASR, not ASLR.

not too sure of the tradeoffs.

"In 2003, OpenBSD became the first mainstream operating system to support a strong form of ASLR and to activate it by default.[2] OpenBSD completed its ASLR support in 2008 when it added support for PIE binaries." from Wikipedia

(easiest way to find a reference)

apotheon: nitter.dark.fail/lattera/status/932696312218341376

(note: lattera is the main HardenedBSD dev)

I'm familiar with @lattera.

I'm curious about his definitions for ASLR vs. ASR, but nothing in that suggests it's less secure.

It performs well enough that I don't notice the difference, and I haven't ever had a memory issue as a result of AS(L)R fragmentation, so I'm not sure what practical downsides I'm supposed to suffer.

If there is something that might affect me, of course I'd be interested in seeing something more substantive about it.

I'm also willing to take some hits to performance for security, if the trade-offs are reasonable, as in the case of OpenBSD tending to disable some of the more egregiously bad speculative execution stuff as much as possible by default but allowing us to turn it on if needed.

i don't know enough to say one way or the other. would also be interested in learning more

i agree that the claim doesn't seem to say anything about worse security, only worse performance

The main thing that brought me to OpenBSD, though, was the code review policies, and the main thing that kept me here apart from that is the fact that it feels considerably less aggravatingly heavy and complicated than other systems I've used.

Yeah, if the only problem is worse theoretical performance that I don't even notice, I don't care.

i kind of doubt that either one provides all that much security, in which case the performance criticism might be valid

original OpenBSD commit from 2001 says "

it slightly harder to write generic buffer overflows. This doesn't really

give any real security, but it raises the bar for script-kiddies and it's

really cheap."

(sorry for the mispaste)

Yeah, OpenBSD tends to prioritize less-hyped security benefits over less-useful.

People sometimes point at something OpenBSD doesn't have yet as some kind of crushing proof of its broken security model, despite the fact their security value is iffy, while it's busy rolling out actually useful stuff (like pledge and unveil, for instance).

agreed. would be neat to add pledge/unveil support to monerod, in fact

indeed

<apotheon> if you want a desktop alternative to the official GUI you could check out Feather Wallet featherwallet.org

still in beta but I've been using it and it's solid, configured to use a curated list of public nodes by default though you can set custom nodes as well

Lyza: I'll add that to the (still short) list of options. Thanks.

something tells me an OpenBSD user might be happier with the CLI :)

indeed

I'll probably use monerod (I assume that's the official CLI implementation) for full node.

monerod is the daemon, monero-wallet-cli is the CLI wallet. both are bulit by default from the main source tree

. . . and, obviously, something else for not-full-node, if I end up doing that for a wallet.

gotcha

apotheon: I did not know that, cool. Are there any aspects of a security model you feel are missing from OpenBSD that exist in HardenedBSD? I notice a chart here, if you could speak to it?: hardenedbsd.org/content/easy-feature-comparison

I haven't run a full node since bitcoind a long, long time ago.

. . . when Monero didn't exist.

it's pretty straightforward, just need to have enough space, preferably on SSD or other flash storage

knowledgewizard[: Some of those have names that don't really tell me what they are.

apotheon: you're probably right about all of this, i've just been browsing cve's and i notice hbsd has... shockingly... zero, in five years of life

knowledgewizard[: I am pretty sure, though, that none of the options in that table other than OpenBSD have the same level of attention to verifying clean, uncompromised, unbroken code that OpenBSD has, and I don't know if any of them having the kind of check-the-world imperatives every time someone discovers a "new" kind of vulnerability (unless NetBSD has the latter; I wouldn't know for sure,

but I don't think it does).

i have to wonder if that's a meaningful metric. does anyone apply for CVE numbers for hbsd? and how many FreeBSD CVEs apply equally to HBSD?

knowledgewizard[: My thoughts on security are that the OpenBSD approach is very solidly aimed at the fundamentals; the non-fundamentals can be covered by additional tools if needed; and none of that is worth a hill of beans if there's a problem in your basic code and design that allows someone to bypass all of it.

maybe not all, because of the mitigations, but probably at least some.

(on the security of OpenBSD versus others, though)

i agree with you heartily about architectural purity

what about jails? i read something about linux supporting separation better than bsd

i think it was in that document about the m guy's insecurities, i can find it but im sure youve read it

personally i think jails are far better than cgroups or any other linux containerization i've seen, despite predating it by like a decade

FreeBSD jails are awesome; chroot isn't even close to the same thing. Only FreeBSD, HardenedBSD, and DragonFly BSD have FreeBSD jails. Linux has some stuff that's similar, but it's more difficult to use in the same ways, and easier to use in ways I find frankly horrifying.

that being said, freebsd's lack of overlay/unionfs support makes them a bit clumsy to use.

. . . but jails aren't really much of a security measure. It's much more just a convenience measure.

(symlinks? really?)

OpenBSD used to have jails like the FreeBSD style, but ditched them because nobody was using them.

this is the article with criticisms, i would love if you are able to refute any, i have great fondness for obsd: madaidans-insecurities.github.io/openbsd.html

yeah OpenBSD will readily ditch any code that's not actively maintained, for better or worse

. . . which is sad, because there are cases where I'd want to use them. When I absolutely need them for some server purpose (I don't see much point on an end-user laptop), I just set up FreeBSD.

Ditching unmaintained code is a pretty good way to keep your attack surface low.

indeed.

contrast to FreeBSD, which keeps unionfs around despite the fact that it's been unusably broken for like 20 years

i think the two i saw that were alarming were the mandatory access control piece missing (like AppArmor) and also something about GUI isolation and sandbox escapes?

The W^X criticism doesn't seem true as far as I'm aware. My impression (I haven't looked at it lately) is that OpenBSD

's W^X can be made immune to undesirable shifts like that.

sorry about that errant newline

I love how it says TRAPSLED (supposedly) doesn't do anything since introduction of ASLR, as if that means there's a problem with OpenBSD security. That's like saying that since the introduction of an anti-lock brake system some previous power-distribution balancing doesn't do anything for braking in inclement weather. It's a weird red herring, as far as I see. Am I missing something?

I'd have to look into the RETGUARD complaint to even know what this person is implying is wrong with it.

the verified boot complaint is quite valid, as OpenBSD can't even be used with libreboot/coreboot. or rather it can, but not in the presence of FDE

so, useless for a laptop

Yeah, I would like to have verified boot, but among my various needs that ranks pretty low right now.

OpenBSD is not interested, the official recommendation is "use the vendor-provided firmware"

speaking of FDE, you cannot chain softraid, so you can't encrypt a mirror for instance. also quite unfortunate, although at least there i s some interest in fixing that, i think

MAC could be nice in some circumstances, but if you don't need it for your use case it doesn't matter.

You can get equivalent security in some use cases without MAC per se.

Yeah, mirror RAID and FDE don't get to co-exist on OpenBSD. It's a little sad.

. . . theoretically, in my case, because I don't need mirroring.

By the time I do, it'll probably be there.

careful, i've already been waiting for a few years :)

that's probably the only thing keeping me from using it on my main workstation

as far as laptops go, no mirroring there, but i have libreboot or coreboot on most of mine, so can't use OpenBSD with FDE there either.

all that being said, i do enjoy it where i can use it, i just wish i could use it in more places.

I have a friend working on coreboot+FDE.

sweet

anywhere i can watch for updates?

I have no idea when it'll be ready, but I'm hoping.

Nah, he's basically basement-hacking with it.

I only know about it because I know him in meatspace.

gotcha. well, you can add 1 to the number of people that would be very excited to see it

duly noted

I want that for some of my elderly laptops that I'd like to set up for various purposes (e.g. cypherdeck built on a ThinkPad T500).

not sure what cypherdeck is, but i have several laptops that are only running linux because of this

or maybe the T510 instead, if I can figure out its hardware issue

"Cypherdeck" is a "cyberdeck" derived name for a computer whose sole purpose is to be a secure machine for dealing with encrypted communications and so on.

ah, yep. exactly one or two of my usecases as well

At this point in my life I have the privilege of mostly being able to just use whatever OS I like, and just prioritize what I do based, to some degree, on what's easy to do on my OS of choice.

apotheon: it sounds like the only real offender is the boot security

it would be nice to see a librem key + GELI setup that watches both the mobo firmware and the preboot auth step

boot security and compatibility with free boot firmware in the first place

"use the vendor-provided firmware" is just laughable, IMHO. especially from the same people that refused to support e.g. early Raspberry Pis because of the non-free firmware required to boot

I'd love to have something like GEOM for OpenBSD.

. . . but that's FreeBSD-only.

Filesystem feature composition is an awesome idea.

ndorf: Yeah, that's a bit odd.

off-topic, but speaking of FreeBSD, make sure you never use a construct like (foo | geli <cmd> -k- dev1 dev2 ...) with FreeBSD and GELI. it's badly broken

ndorf: On balance, all considerations included, I still prefer OpenBSD for almost everything, but there are definitely downsides.

specifically, it will use the null key for dev2 and subsequent. silently.

I think that "off-topic" comment is allowable as much as the rest of this discussion. I mean, most of the OpenBSD discussion since bringing up compiling monerod on OpenBSD has been off-topic for the channel, in some respect.

ndorf: Yikes.

indeed. i tried to report it but didn't get anywhere

and yeah, this is all off-topic, but hey, it's better than the fireice spam.

good point

as to OpenBSD, one thing is for sure: you know what you're getting. if it works for your use case, great. if not, use something else

Speaking of off-topic, I'm now annoyed that my solder order got delayed.

ndorf: Yes, exactly.

It's a lot easier to know what you're getting than with other systems, too.

yeah the documentation is top-notch, and so is the read/maintainability of the code.

and holy crap is stuff straightforward

Quick Q: which BSD variant would you suggest for a guy with some basic linux (mostly ubuntu/debian) experience in order to learn and move to BSD?

To do stuff like run a small VPS

ha, well, as i kind of just said, "it depends"

if it's a typical VPS with just one or two services running, then any one will work fine, personal preference.

endor00[m]: OpenBSD is probably easier to learn than the others. Rely heavily on the FAQ.

if you want jails and ZFS (probably not much applicable to VPS), then you want FreeBSD

if you want lean and mean, i'd go for OpenBSD

Right, so I guess I could start with OpenBSD for the vps, and then play around with FreeBSD on a laptop

assuming your VPS provider supports it, yeah

The main thing I haven't figured out yet is the actual difference between the variants, in practical terms

Like, Ubuntu vs Arch it's easy to figure out

My experience is that laptop functionality often works more immediately on OpenBSD. I've never had a problem with suspend/resume on OpenBSD, for instance.

in terms of overall architecture, they're more similar than different

It's also a lot easier to change defaults for suspend resume than on systemd/GNU/Linux systems.

FreeBSD has more visible features. also, more bloat.

. . . but yeah, for user-facing architecture BSD Unix systems are very similar.

as mentioned above, OpenBSD aggressively strips parts that are not widely used and actively maintained

FreeBSD... well, let me put it this way. it ships with sendmail in base, and enabled by default

Yeah, that's concerning.

If you want ZFS, I'd go so far as to choose FreeBSD over *anything* else, actually.

. . . but I'd go with dfly's HAMMER, probably, if I needed to go that way.

FreeBSD 13 is moving to OpenZFS in base, so that distinction may not be valid much longer.

HAMMER looks very interesting, but i'd hesitate to use it on anything resembling "production" just yet. maybe i'm just a wuss

har

ZFS of course has proven itself over decades at this point.

true

I just really don't feel like I need all of ZFS for . . . anything in my life.

Is zfs that much better than stuff like ext4?

5 years ago, i'd say FreeBSD is the only game in town for ZFS, but lately it's been even better on Debian (IMHO)

comparing ZFS to ext4 is kind of like comparing any Unix to MS-DOS

just not even playing the same sport

endor00[m]: ZFS has a lot of features stuff like ext4 doesn't have. If you need those features, it's not a matter of "better", any more than there's a question of "better" when what you need is to climb a mountain and you're trying to decide between an eighteen wheeler and a nice pair of boots.

a more apt comparison would be ZFS to btrfs

ndorf: How is Debian better for ZFS?

but ZFS has been rock-solid for longer than btrfs existed, and btrfs has been eating people's data for most of that time.

It still can't do certain things with ZFS without potential for license violation issues, which means you have to compile shit yourself to get best-possible performance on a Linux kernel.

apotheon: it supports overlays, for one thing

I see. That's interesting.

yeah, that's why i specified Debian instead of e.g. Arch -- the kernel version never changes, so you don't have mismatches

Cool, thank you both for the interesting pointers! I'll investigate further

just use windows that always works great! (said no one ever lol)

some people do, in fact, say that. quite conveniently, because they can subsequently be ignored

kek

said no one ever with any sense

right tool for right job applies to anything

just because a hammer is not useful to perform brain surgery doesn't mean the hammer is of no use

Windows might be useful as a hammer, in a pinch.

Right, great for knocking your teeth out when rotting.

. . . or, technically, the computer with Windows installed on it.

i'd beat her off with it

"When C++ is your hammer, every problem looks like a skull"

Actually, Windows is better at something specific than everything else in the world:

uninstalling

a sub-set of Windows copatibility

kek

s/cop/comp/

is it true that recent Windows versions have ads in the base OS?

yeah but not in the web site ads sense

i mean close enough

but they don't put up a tampax ad while you're working or anything

lol

is it just in search results or something?

more like they recommend "related" things such as when you type on start menu there are web results which can be promoted

so bing search engine is basically integrated

and some screens have "related" things, even the auto-changing lock screen background images with "news" that takes you to web pages which i'm sure are promoted in some fashion (m$ surely gets paid by someone to recommend it)

when you search for things on start menu like an installed program you know you have there are app store recommendations for other win 10 apps you can install

much of it can be disabled or hidden in some sense though

sounds maybe not too dissimilar from when Ubuntu put up Amazon search results by default a few years ago

yeah basically similar but all microsoft entities trying to upsell you in some fashion even if it's more info you didn't ask for

like the cortana crap built in is like alexa's delayed sister

More like alexas red headed stepchild

mean

lol

[21:48:07] <Wallet> WARNING: Sigyn in #monero

thanks for the heads up bot :)

.faucet

strike: Access denied for faucet. Are you logged in?

.faucet

strike: 1/4 ​of 16

4

strike: @bonuspot tipped 0.0000042 XMR to strike [30d2c7ac] Wait ≈23 hrs 56 min before trying again. @bonuspot: 0.0122866

.bal

strike: 0.0018316 XMR

knowledgewizard[: I looked into madaidans-insecurities itself a bit and what I see other people saying (and even what he says in response) lines up with my initial impression: the person who writes this stuff basically goes through checklists of security features and uses the lack of those features as a way to trash-talk software so that he can build some kind of credible reader base, regardless

of the functional value of the features in question or any use-case/threat-model concerns.

knowledgewizard[: In fact, I've seen him in one case defending his lack of giving the same attention to Apple and Microsoft products by dismissing such questions with words to the effect that Apple and Microsoft are very security conscious so there's nothing to report. He has also asserted that privacy isn't relevant to his security analyses. That's like saying that the likelihood of dying if

you get into an accident in a particular car isn't relevant to the safety characteristics of the car, or something equally absurd, so I guess if he doesn't like a particular product he can dismiss counter-arguments by saying "Oh, that's privacy, not security, so I wasn't talking about that." Then again, he also mentions privacy as a reason something is less secure sometimes, so he contradicts

himself.

knowledgewizard[: I wouldn't take what he says at face value, and I've seen him actually dismiss some software as having poor security basically for not having a particular feature when it does, but under a different name.

knowledgewizard[: If you want real advice on security, I recommend discussing your threat model first, then figuring out what software you need to address it.

knowledgewizard[: To be fair, though, he does make some good points in his various posts about things, though perhaps only by copying things others have said.

Howard Chu is a high IQ scholar, he has more Google images with a violin than Sting with a guitar, he singlehandely saved NASA from doom. Why can't the saviour of NASA save Monero?

For a community that prides itself on manipulating people, you can't manage a single guy that spends most of his time in his underpants :D

umm ok.wtf does that even mean LoL

Bill48105, the spammer is the 'one guy in his underpants' who thinks people should waste their time trying to stop him.

"he has more Google images with a violin than Sting with a guitar"

No shit. Sting is a bassist.

how would they even know if hyc saves Monero, or spends it all?

lol ok Mochi101

not sure how that asshat thinks he wasn't "managed" having been shut down and unable to spew nonsense in here

"you were pwnd biatch!" (nm i got 100's of ip's klined & nothing I said was actually seen by anyone)

.ogre ryo

jfc Inge-

Are you drunk?

:P

You checking on your shorts Inge- ?

*burp*

hello

can you tell me the blockchain size please?

It's big

around 100 GB now

More than 100 Gb.

less than 100 GB actually, if you count proper gigabytes, not "normie" gigabyte

I already downloaded 102GB

It's 98.85 GB on my node

:/

106,141,814,784 bytes

ok thank you

sech1: I wonder what your extra 3 GB are...

oh wait, that was kb... not so big a diff then

105,805,083,594

Inge- it depends on when you sync and how the sync goes (which nodes you connect to, the size of block batches you get from them etc), lmdb creates some spare space when resizing

already posted? pony realvision interview out: realvision.com/shows/the-interview-…on=3c97f854117f4d3ea62350df2291bc62

sebastian ALMOST pronounced the name right

Why does the Saviour of NASA take a group achievement award and present it as a proof of individual glory? twitter.com/hyc_symas/status/1203709575226183683

ping

pong

ty

is there a valid alternative to xmr.to?

<hurricane[m]> there are no true replacements but fixedfloat.com can send a fixed amount of BTC for Monero like xmr.to did, and is reliable for me and has reasonable fees

There's one called xmr.is that's been promoting as an alternative but it's new and nobody really knows who's behind it. It converts both ways though, has an onion link, and supports altcoins

changenow.io also offers a fixed rate option and if you go through xmrexchange.io proceeds will supposedly be donated to the Monero project, though tbh I haven't seen proof of that

thank you Lyza

np

apotheon: Thanks for the detailed reply and for taking time out of your day to read on what i sent, i can definitely agree that he is arbitrary. His articles read similar to the neocities dig deeper articles which will wildly chastise a provider while ignoring another one purely on conjecture, and never really provide a solid comparison the way HBSD at least attempts to with its chart, for better or worse.

Regarding threat models, it's pretty straightforward to model an individual in a society these days, so I will not agree that threat modeling is useful outside of businesses. Overall, though, that's one of the best and most evenhanded replies I've ever received to being presented with points against one

* apotheon: Thanks for the detailed reply and for taking time out of your day to read on what i sent, i can definitely agree that he is arbitrary. His articles read similar to the neocities dig deeper articles which will wildly chastise a provider while ignoring another one purely on conjecture, and never really provide a solid comparison the way HBSD at least attempts to with its chart, for better or worse.

Regarding threat models, it's pretty straightforward to model an individual in a society these days, so I will not agree that threat modeling is useful outside of businesses. Overall, though, that's one of the best and most evenhanded replies I've ever received to being presented with points against one's original stance, so cheers.

cryprozoidberg sounds like he is still in contact with Saberhagen

mabye he is Saberhagen

wow sounds so sketchy

what's the trick to prevent the spam DMs?

some mode setting

/mode lza_menace +R

ty

> Prevents users who are not identified to services from joining the channel.

knowledgewizard4: I'm not sure how you mean that a threat model isn't required. Certainly, an individual rarely needs to perform a detailed analysis of the type some corporations and other large orgs perform in producing a threat model, but for instance it makes sense to establish your privacy/security needs before trying to secure yourself in accordance with those needs, though -- and that, in

a nutshell, is how you develop a threat model and address it.

<TheLizardWizard4013> ok guys I bought some Monero time to go uppie

knowledgewizard4: In short, if you don't need fine-grained mandatory access controls more than you need to ensure you're not using a pre-compromised system, giving up greater assurance of code verification to get MAC support is a violation of an appropriate threat model.

apotheon: you definitely need to *have* one, but the act of modeling is frequently going to result in the same thing for a human person, and i see frequently where people parrot the idea of threat modeling because their IT guy at work said it in a different *context* and I feel the term is very overused, it's a personal pet peeve

I'm just using it in a more lax sense for everyday humans, sorta; part of the model is determining the depth of the model.

. . . but to harp on the MAC thing for a moment, I've rarely (if ever) encountered a lone human being with a personal, single-user laptop whose threat model for that device justifies caring much about MAC.

Meanwhile, almost *all* their threat models should account for the highest level of assurance the code hasn't been compromised before install that they can reasonably get.

(OS code in particular)

Every time I see an OS feature matrix, though, it essentially reverses that relationship.

Then, there's the fact that many people will fight tooth and nail against modelling threats in a way that takes into account the dangers of systemic surveillance.

At that point, I just figure that person has a different preferred threat model and give up on trying to point out that they could end up killed in a no-knock raid as a result of correlated social graph features.

new monero user hare, what causes the block chain sync to take so long? mines been syncing now for 5 or 6 days. is that normal? i'm not seeing huge network usage, so it it CPU causing it to take so long?

using monero gui from getmonero.org on linux

Using a spinning disk instead of a SSD is a major cause of sync slowness.

apotheon, looks like we're reaching the end of the line

ah right yes it's on HHD cos of size.

Katar: need ssd apparently, it will be slow even after it's fully synced

If you can, syncing on SSD then moving the chain to HDD when done will be much better.

i ran into the same issue, i just turned it off until my ssd comes in the mail

i was told yesterday it's slow on hdd even post-sync

apotheon: Yeah what gets me is how schools are drilling orwellian surveillance into kids through covid and in general

or the day before rather

bur still usable, even if slower

It is, but since you get a lot less to verify, it's not very significant I think.

but*

so you get that desensitization so no one puts it in their personal view of the world as a threat at all

but it will eventually sync and if left on 24/7 should be ok on HHD?

Yes. Eventually.

How old are you, and what is your life expectancy left ?

like within the next few days?

Years.

Katar: do a monerod status, it will tell you how much time you have left

Nah, kidding. Days I guess. Some people reported more than a week on HDD but you're almost there already.

there are 17920 blocks left, down from 100k's

hdd? o_0

good luck

17:01 < as2333> apotheon, looks like we're reaching the end of the line

Oh you're good then.

as2333: Please elaborate. I'm not sure I get what you're saying.

it told me 9.1 days

ok thanks ppl :)

Katar: did you do `monerod status`

no using gui, did that come with the download?

i don't know, i built mine from source

How much SSD storage do you need for the Monero blockchain?

~100 GB for the whole chain, or ~35 GB if pruned.

current blockchain ought to take up around 100gb+

so a tb should be ok?

comman dnot found, i'll justr leave it a few days. i guess i can prune it when done and put onto the main SSD

Let me get my calculator to compare 1 TB to 100 GB...

does it increase speed to dedicate one sdd to just the chain?

Yes, looks like 1 TB is larger.

knowledgewizard4: Yeah, there's always a new angle on convincing people systemic surveillance is good.

(or at least ignorable and inevitable)

knowledge is power, centralize the knowledge and you have... basically communism, or feudalism, depending on what flavor you take

apotheon, I mean, govcorp is about to reach absolute power.

Why lie about something that can be easily disproven? monerologs.net/monero/20201207#c165563 - github.com/fireice-uk/cryptonote-speedup-demo/blob/master/ecops64/ecops64-c.c#L4 Why steal from your community and then laugh at them? reddit.com/r/Monero/comments/6d5yt5/what_fluffypony_just_did_is_not_ok Reason is the same - to laugh at morons that are gullible enough to believe you and repeat your lies.

...things like monero notwithstanding

That sounds a lot like "Alice is a redhead, I knew this redhead who was a schoolteacher, therefore Alice is a schoolteacher".

moneromooo: One would presumably want to prepare for growth of the blockchain, and keep in mind the fact that the more storage space you have the less the SSD has to consume more of its write-lifetime shuffling data around.

I probably could've phrased that more clearly.

Sure. Sounds good.

as2333: Oh, I see. Well . . . there are countervailing forces, so I hope not.

moneromooo: . . . so I wouldn't want to just rely on a 110GB SSD for a 100GB blockchain.

apotheon: pruned node is fine too

selsta: Ah, another thing that might not have been available when I last ran a full node of anything. I should look up information on running a pruned node.

selsta: Thanks for mentioning that.

echelon: found monerod thanks. and hi btw :)

Unless you want to look up specific historical data a pruned bode is basically equivalent in normal usage.

Also only ~30GB and grows slower.

Oh, reminds me: once we get triptych, there'll be another tradeoff with that:

apotheon, I hope so too, but as far as I can tell the ultimate product of the so called indutrial revolution is just automted totalitarianism.

hi guys hows it goin

pseudoOuts are needed to prove balance with triptych, and these are currently in the prunable part of the tx.

So either they get moved to unprunable or you can't prove old txes on a pruned node.

Actually, the wallet might be able to keep that since it's just for its own txes, then ship it with the proof... Thank you, rubber ducks.

as2333: I could throw out the names of various books as terms of art at this point, I guess, to raise the specter of hope. For instance, thanks to the incipient homebrew industrial revolution and bit by bit growth of peer to peer technologies we may soon benefit from an upswell of accidental agorism and rapid growth of the second realm, thus destroying the foundations of the surveillance police

state.

as2333: . . . but it's kind of difficult to tell what's actually going to happen, I think.

moneromooo: Are you saying pruned nodes might become less suitable for the kinds of use cases that make full-node-for-privacy a good idea because of some new feature called "triptych", except you realized there really isn't a problem?

Mostly. I realized there might not be a problem, not quite sure yet.

how would the wallet get that data in the first place,if the node doesn't have it?

It would likely refresh more than once a week. But if not, it would not.

hm, yeah. also restoring an old wallet would leave you SOL with that

kind of an edge case i suppose, if you need to prove it's probably a tx you sent recently

For txes you send, you know the data in the first place, unless you've restored the wallet.

apotheon, the problem I see with that line of thinking is that it overlooks how industry operates. For instance, production of raw materials is especially controlled and centralized, and if you have no access to raw materials, then there's not much you can do.

apotheon, an even bigger problem is that people believe whatever their masters tell them to believe. Just look at the current flu farce and how the pretense of 'rule of law' vanished overnight.

assuming you want to support the edge case of the restored wallet, could it be better to just have the node refetch that data from the network when needed? since it would only be for one tx, not all of them

as2333: Yeah, I'm wondering how much "recovered" materials can help.

as2333: A counter-point is the fact that Napster->BitTorrent provides an example of how altering the economic behavior of people in large numbers gives rise to new cultural movements that oppose the surveillance police state (in this case, among other things, I'm particulary encouraged by the growth of an anti-copyright movement).

moneromooo and/or ndorf: Is the take-away that I should probably stick to a full (non-pruned) node if I want to be sure? What's the potential practical downside of a pruned node, exactly, in everyday terms?

apotheon: keep in mind we're discussing an edge case where you've restored a wallet from seed and now want to prove a tx from it

aside from that, AFAIK there are no privacy or other downsides, except that your node can't bootstrap a new node now

but you still support the network with a pruned node

apotheon, indeed one can get valuable supplies from garbage dumps.

ndorf: . . . so, basically, it might destroy my ability to prove to the IRS that yes, I did indeed give away 3.8 Monero last year, and thus don't have it any longer to count in my tax filings.

ndorf: Is there another class of circumstances that leaps to mind for why you'd want to prove it? Are we talking about some kind of proof for purposes of validating transactions on the blockchain somehow?

this is for proving you sent a given tx. e.g. "i paid you" "no you didn't" "yes i did, here's the proof"

I see.

How far away is tryptch development? Have we had a CCS proposal yet?

Yeah, that does seem kinda important.

ndorf: thanks

as2333: Anyway, I guess the upside is that I'm not ready to just cash it in and figure we're all inevitably doomed in the near future with no way out.

s/upside/upshot/

The up*side* would be if it turns out we're *definitely not doomed*.

Triptych is at least a year away, I would not worry about that now re pruned nodes

WillSellBody4Xmr: afaik mooo started coding it

To be clear, sarang coded it, and I'm plugging it into monero.

How easy is it to turn a pruned node into a full node?

pretty easy, delete the pruned chain and restart without the prune flag :)

ouch-ish, but yeah, seems "easy"

WillSellBody4Xmr the second tryptich audit was recently funded

whoops

maybe i'm wrong and you can sync only the diffs, i don't know.

senility strikes again

either way, the pruned data is like 2/3 of the total size, so.

moneromooo: What's the implication of that statement -- that you have an interesting in it, or that it's coming sooner than selsta suggested, or what?

that os the second BP+ audit

apotheon, well, I don't think doom is inevitable, it's just that it looks likely given current trends.

as2333: I guess we need to work harder, then.

(and smarter)

What statement ?

moneromooo: about sarang and you

Just credit where credit is due.

ah, cool

thanks

apotheon, (and yes the free software/hardware movement is great)

I prefer the "open" movement(s), for purposes of increased license compatibilities and thus greater likelihood of broad uptake of useful protocols, among other reasons.

Those who identify with the "free" phrasing tend toward much stricter licensing.

(in my observations)

Live open or die.

Open love, open relationships, open software.

moneromooo: assuming you want to support the edge case of the restored wallet, could it be better to just have the node refetch that data from the network when needed? since it would only be for one tx, not all of them

(sorry if you already saw this and chose to ignore it deliberately :))

open relationships aren't for everyone though

I ignored, at some point I need to stop replying to speculation etc.

But it turns out I had already got out of that problem in my patch and I had forgot :D

fair enough

(sorry, I just don't want to start thinking through this when prompted when I have other things to do)

no need to apologize, i just didn't know if you even saw it -- my own fault for not tagging you originally

open hearts, open minds; let's not forget those

open wallets?

18:19 < Bill48105> open relationships aren't for everyone though

true

You can always just keep your modifications to yourself.

this is starting to sound like the cuck central

what does cuck even mean

let's not do this here please

I think relationships should ideally be cliques (graph theory type)

but yeah a bit off topic

I was gone for a bit, but it seemed like it was said tryptch is part of bullproofs+? I didn't know that

It was wrong, then.

so not part of bulletproofs+, I guess

WillSellBody4Xmr: Separate features, but they may be 'activated' in the same scheduled network upgrade

Why is tryptch a better algorithm? Like in terms of O(n) to O(ln), how does it do that?

It stores signatures for a ring in logarithmic space, as opposed to linear.

How?

I don't know. Look for sarang's repos and you should find a paper explaining the maths.

Math

I guess triptych is so named because of some reference to the number three and how things "appear" to an observer. . . .

. . . but that's just a guess based on the use of the word.

Which repo would that be in? Zero to Monero?

Thanks!

I guess WillSellBody4Xmr got the desired response and left the channel to focus on reading it.

maybe

It might be time for me to order a big SSD and stick it in an old computer.

lol good luck with that

ndorf: How much does RAM matter for performance when syncing a node?

Bill48105: Was that sarcastic?

not sure about that, i've never tried with less than 4GB but it works fine with that

yeah regarding will sell person

oh, I see

they did say thanks that's a plus

right

pretty rare after helping people unfortunately

ndorf: I'm kinda surprised that SSDs actually matter much for sync performance. I'd expect the bottleneck to be network bandwidth.

but yeah ssds are much more affordable in decent sizes these days

Yeah, I try to express my gratitude when I get help, but sometimes even expressed gratitude can get lost in the shuffle of an active channel.

wb WillSellBody4Xmr

or accidentally hitting x and closing chat LoL

I'd have to get an SSD with SATA interface for the old computer in question, unfortunately. I only have one system right now with M.2 as its primary storage interface.

SATA would be fine i think. it's about random access

Bill48105: yeah, that too

like i said yesterday, even a good microSD card works pretty well :)

pcie :)

seek time must be more important than write speed

Ah, random access! That makes a lot of sense.

I get it now, I think.

I keep my wallet on my old 850 (SATA SSD) and it's fine

no doubt once syncd it doesn't take much to keep up

Why isn't downloading in total up to a point with sync from there preferred, then?

even on hdd

security I'm guessing

bootstrap or snapshot are common with multiple coins

I guess that would depend on availability of someone you trust about as much as you trust the network as a whole.

Yeah syncing still took a day or two even with a zen 3950 a couple of years ago

apotheon: FWIW, I use a $7 pci-e adapter for my nvme drive, works great.

just need linux and initrd on a different drive, since the bios won't see it

So, like, just let it run in the background while you do other things.

ndorf: When the old computer is a laptop, I'm not sure how I could make use of that, but yeah, that's good to know.

for monero overkill but nice to have options

ah yes

ardent[m]: i recently synced a new node from scratch and it took 3 hours total.

(not that you knew that about my old computer)

running in bg is one thing. beating hard drive to death to sync is another

you listen to the drive? ouch

Damn, three hours vs. more than a week is a big spread.

that's what she said

How much is the sync process likely to hammer a connection that probably averages about 7Mbps downstream?

dunno, the 3 hour sync was on a 100mbit

Officially, my connection is going to be moved from something like 120Mbps to 200Mbps soon, but I don't know how much of that I'll actually get on average.

Oh, shit, I typoed that horribly.

s/7Mbps/70Mbps/

whew :)

one missed character; one order of magnitude

fuck's sake, apotheon

kek

I blame this keyboard for that one.

so i guess you could expect 4-5 hours with an SSD :D

The key travel on this keyboard is not very deep, so my fingers shy away from hitting too hard, but the stiffness of the initial resistance on the keys is pretty high, so not hitting the keys too hard sometimes results in a missed character, especially farther away from the index and middle fingers on home row.

ndorf: cool, thanks

hmm

I just realized . . .

I *hope* the laptop I had in mind has SATA. I don't think it's IDE.

hooo boy

I'm just going to go check out the spec sheet on that laptop, if it still even exists on the interwebs. . . .

good luck if it's so old that is ide.. wowza

It's difficult to find the info. The vendor doesn't have its datasheet available any longer, apparently.

I think it's SATA, though.

I don't really recall when the norm switched from IDE to SATA for laptops, off the top of my head.

apotheon: here's a nickel, kid

Serial ATA-150 according to a CNET review.

i have usb ssd i should test sync on it

Let's put it this way:

apotheon: web.archive.org/web/20190304153157i…om/6b08abb09fbb012f2fe600163e41dd5b

It's old enough to have a DVD±RW drive.

Yeah, I'm quite familiar with that Dilbert strip.

(I've used the "here's a nickel" line myself.)

i dunno about a nickel, but you can get yourself a Rockpro64 for $60 plus a good 256GB sd card for another $60ish

assuming of course you don't actually need the laptop part

not exactly

I like using old laptops for things because they come with extremely high-quality built-in UPSes for "free", instead of having to pay close-ish to a thousand bucks for a decent UPS.

(among other reasons)

(or I could build a UPS, in which case I get a UPS that costs a hundred bucks or so and multiplies the likelihood of a fire in my home, I guess)

(I'm not a huge fan of homebuilt car battery UPSes.)

heh

(This is another aside, but this time contentless.)

i use a $40 UPS. only tested it once but the rockpro64 was fine with it

lucky

I've had UPSes of wildly varying long-term functionality, compatibility with the systems plugged into them, and so on. I just skip all that now and use a decommissioned laptop for a home server, et cetera.

I periodically have to replace my laptop anyway, so I have a steady (if slow) supply of new integrated-UPS systems available.

Anyway, it'd probably be cheaper to buy a Pinebook than an equivalent SBC, enclosure, UPS, and any other trimmings, so if I feel a need to buy something instead of using what I already have, there's that option.

I could hang it on the wall, and it wouldn't take up any space to speak of.

I could mount it easily on the underside of my desk or a shelf, UPS included, too.

sounds reasonable, actually. pinebook pro is $233 shipped (to USA)

If it's my cypherdeck, I have the benefit of being able to yank power, throw it in a backpack, and hop on my motorcycle.

(in an emergency)

(or, more likely, in the car or pickup)

(or my other motorcycle, I guess)

man, i hate this place, running the ac in the middle of winter

what is wrong with these people

Where are you?

at work

sheesh

what is a hash-trapdoor exactly?

It might refer to the property of a hash function where can go get from input to output but not vice versa (assuming no other knowledge).

Is there any way I can see messages that were sent was I was offline?

*when I was offline

WillSellBody4Xmr: monerologs.net

WillSellBody4Xmr, are you m/f? Asking for a friend.

m

Hi, I'm not quite sure if this is the correct place to ask this, since from what I can tell monero is mostly focused on triptych / arcturus for log sized ring sigs, but does anyone on here have a decent understanding of RingCT 3.0 and might be able to help me understand it better?

You might want to ask in #monero-research-lab, if you have particular questions.

ok thanks, I'll ask over there

test

Test

messages won't load

yes they do

🤥

test failed

did you change name? Oooh.. that's Interesting

ok, another quick question: am I just being incompetent or is there some issue with the #monero-research-lab channel? I don't seem to be able to send any messages over there 😅

Let me check

madhatter369: might be registered only

Yep it might

yeah, that was apparently the problem, thanks 👍

:)

Did you know that all witdraw-buyer-seller-depoist chains are trackable in Monero? No? You should have read Breaking Monero. How many people are you endangering with your 'privacy' coin?