00:12:12 it's a pretty naive attack when the alternate, sending two tx with outputs to the same address just a few hours apart, is just as effective but harder to detect 00:16:00 I wonder if some implementations are not using the dummy output correctly when churning. Either sending two outputs to oneself with nonzero amounts, or spending the 0 amount input by accident. 00:16:53 Or it could be people splitting up their balance to facilitate avoiding the 10block spendable age. 00:41:05 koe: I'm thinking of the case where A needs to make a payment to B of X. Sending separate txs would be very odd and perhaps not even processed correctly, but sending 1 TX with multiple outputs adding up to X is just a pure privacy attack 00:42:15 yes, sending to oneself with splitting is a possible self-attack if the end up recombined. Ideally if such a split is needed, one should not split so much as to require recombining, at least frequently 00:42:47 maybe split to a variety of sizes 00:44:36 ah would the typical wallet not make it known to the user if they own multiple outputs from a tx? 00:45:24 e.g. would just be summed into one 'received X' 01:26:41 i wonder what the ring size is where the probability of having two outputs from the same transaction is expected. though, probably doesn't cover the case when its 10 outputs. 01:34:34 Depends what API you use. With the low level output API, you get one record per output. With the higher level one, you get a sum. 01:35:26 We could also change the fake out selection to reuse the same (or close) selection for all rings. 01:35:55 Maybe reuse half of it, sliding across rings. 01:36:37 Reuse the tx pick, so if one ring uses the first output from tx 1, the next ring uses the second output. 01:37:14 Then you'll get a lot of spurious output linking. 01:38:03 And hopefully it doesn't break anything else. We'd have to defer to the clever fellas in MRL. 01:43:36 Are you referring to a form of output binning? 01:43:48 Where time-adjacent outputs (in blocks) are selected in chunks? 01:44:43 I suppose it's related. To rephrase: 01:46:14 Alice sends a tx with two inputs, thus two rings. She picks random fake outs for her first ring. For the second ring, she picks a random half (or whatever we deem appropriate) of the fake outs she selected for the first thing, and uses the "other" output for them for the second ring. For the other half of the ring, she picks new random fake outs. 01:46:57 That is, if she picks output O0 in her first ring, and O0 was created in tx A, which created both O0 and O1, she'll use O1 in her second ring. 01:48:39 I don't think it even skews the age distribution. 01:49:57 It would skew the age distribution, but there is still benefit 01:50:36 The "true binning" approach would be to do age-distribution selection and then choose all outputs from bins located there... which I suppose could be defined by the outputs' "siblings" 01:52:58 kinda sounds like whackamole with the output distribution problem. ringsize 100k ftw! 01:56:36 I don't think it does, if the part of another ring to reuse is taken equiprobably. 01:56:58 Since the original distribution is "right". 02:02:17 you don't necessarily want to obsess over reuse to the point where it weakens every ring. some reuse both good and fake is good, but too much is always an exploitable bias. 02:02:30 anyway, this says little or nothign about the method, just that it requires getting the numbers right 07:05:28 Hi folks. 07:05:32 I've received some messages requesting clarification. 07:05:35 To clarify, to whomever is interested in the stuff I've talked about for a while now (regarding Sekreta/Kovri); 07:05:39 the Sekreta codebase/library that Monero PR #6276 pulls from (and uses) is located at https://gitlab.com/sekreta/sekreta (as seen in Monero cmake/Sekreta.cmake.in) 07:05:42 The CI pipeline is located at https://gitlab.com/sekreta/sekreta/pipelines , Codecov is at https://codecov.io/gl/sekreta/sekreta , and Coverity is at https://scan.coverity.com/projects/20175/ 07:05:46 and Sekreta's respective dependencies (including Kovri) are within the Sekreta cmake/ directory (any others are noted in README.md). 07:05:50 Again, no submodules this time; just modern CMake (but it's the same concept of downloading/pulling-in rather than polluting a superproject's tree). 07:05:54 Thank you for your time. 18:02:31 Meeting in #monero-research-lab happening now 20:08:40 Question, so i compiled the monero codebase with the changes I want. I am currently running the daemon and syncing. How do I get it to where it uses the new codebase that i compiled to sync? If that makes sense 20:10:47 I can see two questions that are close enough to what you said: 20:11:10 - how do I get it to use my code ? -> if you compiled it and are running it, it's using your code 20:11:41 did u make some consensus changes and your hoping to see when they happen? 20:11:42 - how do I get my changes to sync ? -> if it's failing to sync with your changes, we have no idea what bug you might have made, so can't comment on specifics 20:14:43 If it's failing to sync, log level 2 will likely get some info as to why. 20:15:41 @gingeropolous, yup thats right 20:16:01 its syncing now so it should be good now. just waiting on it 20:16:33 oh okay, cool. Thanks moo 20:17:08 So it's syncing. Are you saying it's syncing fine, but not using your code, even though you built with your changes ? 20:18:32 i am just wondering if it is using my code. I downloaded the monero codebase and made the changes. Then i compiled it yesterday. Today, I am syncing the daemon. 20:18:56 I typically add a MGINFO("trace"); and look at the output. 20:18:56 sorry if it feels like we are going in circles, still getting the hang of monero