08:31:05 <Guest_84> i'm new to monero, just wondering if monero support virtual machine like EVM in ethereum, if not, does this possible later, thanks a lot!
09:15:27 <Guest_84> hello?
09:15:44 <Guest_84> anybody here:)
10:08:06 <xmrmatterbridge> <learninandlurkin> This is probably the wrong channel for that question, this is for Monero research. Try #monero
10:08:35 <xmrmatterbridge> <learninandlurkin> I know nothing about EVM so I can't help you with your question sorry
10:13:35 <moneromooo> It does not.
10:15:02 <needmonero90> Yeah but can you imagine how hard we would pump if the MRL pretended like we were going to for a couple weeks
10:15:15 * needmonero90 dreams
10:15:50 <hyc> Hey guys, I think I've come up with a scheme to implement ETH smart contracts on XMR blockchain!
10:16:37 <hyc>  /s  emphasis on "scheme"
10:20:11 <moneromooo> Tomorrow's headline: "Monero planning to embed a Scheme interpreter"
10:21:41 <hyc> :D
10:35:00 <Guest_84> Ok, so there is nothing related to smart contract on the monero chain, right? I thought it would be great if we have a chain with privacy preserved smart contract functionalities.
10:35:52 <moneromooo> Right.
18:15:17 <sarang> Hello all
18:15:30 <sarang> Working on more Triptych preprint stuff today
18:15:47 <sarang> Lost some work due to a laptop malfunction, so I'm redoing it :(
18:20:41 <Isthmus> @Guest_84 although smart contract functionality is outside the scope of Monero's primary goals, it is definitely possible.
18:20:43 <Isthmus> Origo and Starling have zero-knowledge execution, Loki (built on Monero) is more focused on the application layer. Oasis Labs is effectively a trusted execution environment.
18:21:06 <Isthmus> Not relevant to -lab, but I'm happy to chat in PM, or I think this would be a fine topic for #monero-research-lounge
18:21:29 <mikerah[m]> I had been looking into this for a while.
18:21:59 <mikerah[m]> You can also take advantage of the tx_info field to store simple contracts as well
18:22:02 <Isthmus> (to clarify, I mean privacy preserving smart contracts are possible technologically, not that we'll possibly implement them on Monero)
18:22:57 <Isthmus> Using tx_extra memo field for extra functionality like this makes the metadata really noisy, not recommended due to privacy issues.
18:24:28 <mikerah[m]> Right, it's called tx_extra. As long as the resulting contract looks uniform (which is hard to do in practice), then it can work.
18:28:25 <sarang> A good topic for this channel IMO
18:34:06 <Isthmus> 👍
18:35:02 <Isthmus> Hmm, even if statistically uniform output, also have to think about insidious information leaks from things like string length
18:35:34 <Isthmus> But if all the smart contracts output to the same space, then they'll look uniform among each other
18:35:53 <Isthmus> But not uniform with transfer-of-value-only transactions.
18:36:09 <Isthmus> But if we added dummy smart contract output to all TOVO transactions too... :thinking:
18:36:14 <dEBRUYNE> Couldn't that be mitigated by adding random data for these transactions
18:36:23 <dEBRUYNE> Oh you just had a similar thought :-P
18:36:35 <Isthmus> :- )
18:37:48 <Isthmus> Hmm, what are all the things that we could put in tx_extra... PIDs, smart contract outputs, keys, etc. Let L be the length of the longest one
18:38:24 <Isthmus> If a transaction has a tx_extra longer than L, it's rejected for being something unusual
18:38:49 <Isthmus> If something is being used with length less than L, it needs to be padded so that the encrypted output is length L
18:39:08 <Isthmus> (and anything less than length L would be rejected at the protocol level due to information leak. Padding must be mandatory)
18:39:39 <Isthmus> Uhm, when I say "tx_extra longer than L", I mean "something to put in tx_extra that is longer than L"
18:39:55 <Isthmus> Sorry, I'm on the bus in San Francisco and it's really hard to focus
18:40:46 <Isthmus> btw, if we can figure out a way to do smart contracts on Monero that *rigorously* do not leak information about the activity, I'm totally game :- P
18:42:59 <sarang> BTW suraeNoether recommends waiting until next Monday for a research meeting (not related to this discussion)
21:54:12 <sarang> suraeNoether: nearly finished with the Triptych preprint draft
21:54:27 <sarang> I have only to include some additional details on selecting Pedersen masks
21:55:09 <sarang> It's down to 15 pages, but that's without writing out all the definitions relating to sigma protocols
21:55:19 <sarang> (not sure if that's worth including in detail since they're well known)