08:31:05 i'm new to monero, just wondering if monero support virtual machine like EVM in ethereum, if not, does this possible later, thanks a lot! 09:15:27 hello? 09:15:44 anybody here:) 10:08:06 This is probably the wrong channel for that question, this is for Monero research. Try #monero 10:08:35 I know nothing about EVM so I can't help you with your question sorry 10:13:35 It does not. 10:15:02 Yeah but can you imagine how hard we would pump if the MRL pretended like we were going to for a couple weeks 10:15:15 * needmonero90 dreams 10:15:50 Hey guys, I think I've come up with a scheme to implement ETH smart contracts on XMR blockchain! 10:16:37 /s emphasis on "scheme" 10:20:11 Tomorrow's headline: "Monero planning to embed a Scheme interpreter" 10:21:41 :D 10:35:00 Ok, so there is nothing related to smart contract on the monero chain, right? I thought it would be great if we have a chain with privacy preserved smart contract functionalities. 10:35:52 Right. 18:15:17 Hello all 18:15:30 Working on more Triptych preprint stuff today 18:15:47 Lost some work due to a laptop malfunction, so I'm redoing it :( 18:20:41 @Guest_84 although smart contract functionality is outside the scope of Monero's primary goals, it is definitely possible. 18:20:43 Origo and Starling have zero-knowledge execution, Loki (built on Monero) is more focused on the application layer. Oasis Labs is effectively a trusted execution environment. 18:21:06 Not relevant to -lab, but I'm happy to chat in PM, or I think this would be a fine topic for #monero-research-lounge 18:21:29 I had been looking into this for a while. 18:21:59 You can also take advantage of the tx_info field to store simple contracts as well 18:22:02 (to clarify, I mean privacy preserving smart contracts are possible technologically, not that we'll possibly implement them on Monero) 18:22:57 Using tx_extra memo field for extra functionality like this makes the metadata really noisy, not recommended due to privacy issues. 18:24:28 Right, it's called tx_extra. As long as the resulting contract looks uniform (which is hard to do in practice), then it can work. 18:28:25 A good topic for this channel IMO 18:34:06 👍 18:35:02 Hmm, even if statistically uniform output, also have to think about insidious information leaks from things like string length 18:35:34 But if all the smart contracts output to the same space, then they'll look uniform among each other 18:35:53 But not uniform with transfer-of-value-only transactions. 18:36:09 But if we added dummy smart contract output to all TOVO transactions too... :thinking: 18:36:14 Couldn't that be mitigated by adding random data for these transactions 18:36:23 Oh you just had a similar thought :-P 18:36:35 :- ) 18:37:48 Hmm, what are all the things that we could put in tx_extra... PIDs, smart contract outputs, keys, etc. Let L be the length of the longest one 18:38:24 If a transaction has a tx_extra longer than L, it's rejected for being something unusual 18:38:49 If something is being used with length less than L, it needs to be padded so that the encrypted output is length L 18:39:08 (and anything less than length L would be rejected at the protocol level due to information leak. Padding must be mandatory) 18:39:39 Uhm, when I say "tx_extra longer than L", I mean "something to put in tx_extra that is longer than L" 18:39:55 Sorry, I'm on the bus in San Francisco and it's really hard to focus 18:40:46 btw, if we can figure out a way to do smart contracts on Monero that *rigorously* do not leak information about the activity, I'm totally game :- P 18:42:59 BTW suraeNoether recommends waiting until next Monday for a research meeting (not related to this discussion) 21:54:12 suraeNoether: nearly finished with the Triptych preprint draft 21:54:27 I have only to include some additional details on selecting Pedersen masks 21:55:09 It's down to 15 pages, but that's without writing out all the definitions relating to sigma protocols 21:55:19 (not sure if that's worth including in detail since they're well known)