12:43:08 <koe> hi, this is an excerpt from ZtM2 regarding the dynamic block size, penalty, and fee structure. ArticMine, and/or anyone else who has insight into this topic, would you mind verifying the information is correct? I have some skepticism about how fees are designed, maybe it's my misinterpretation of the code.
12:43:08 <koe> https://www.pdf-archive.com/2020/01/10/ztm2dynamicexcerpt1013/
12:43:49 <koe> https://www.pdf-archive.com/2020/01/10/ztm2dynamicexcerpt1013/ztm2dynamicexcerpt1013.pdf
17:15:02 <xmrmatterbridge> <f003brv> Hi, I am a research fellow and I was told to join this channel by a Monero contributor (SH).
17:15:27 <sarang> hi
17:16:17 <xmrmatterbridge> <f003brv> Hey, what are you working on?
17:20:13 <sarang> Can you be more specific?
17:22:54 <koe> the future!
17:23:36 <sarang> Recently put out a preprint for a ring signature construction: https://eprint.iacr.org/2020/018
17:23:59 <sarang> Finalizing a security model update for this preprint: https://eprint.iacr.org/2019/654
17:24:10 <sarang> Updating security model for this preprint: https://eprint.iacr.org/2019/595
17:25:02 <xmrmatterbridge> <f003brv> Nice, sorry for not being so specific. I originally asked SH about the open source HW wallet project Kastelo, as I thought I could contribute to that.
17:25:08 <sarang> Looking into hidden lock time commitments, Omniring, SHA-2 circuits for atomic swaps, other general proving systems, graph-theoretic models for signatures, etc.
17:25:09 <sarang> Lotsa stuff
17:25:13 <sarang> SH?
17:25:24 <xmrmatterbridge> <f003brv> SerHack on Reddit
17:25:27 <sarang> ah ok
17:25:41 <xmrmatterbridge> <f003brv> Yeah so I am not familiar with what the research team does.
17:25:50 <sarang> This channel doesn't have much talk about hardware stuff
17:25:53 <xmrmatterbridge> <f003brv> but thanks for the links, I will check it out.
17:26:01 <sarang> Anyone is free to contribute to research
17:26:22 <sarang> it's not a formal group
17:26:23 <xmrmatterbridge> <f003brv> no worries, I can contribute to research but like I said I need to wrap my head around it first.
17:26:24 <koe> what kind of research are you interested in?
17:26:51 <moneromooo> You want to find msvb (IIRC, might be a similar nick) about the kastelo hw.
17:27:04 <sarang> This channel tends to discuss the math and cryptography and protocol side of things often
17:27:17 <sarang> There are folks in #noncesense-research-lab who enjoy data science and similar analysis
17:27:44 <sarang> But I can't speak to the hardware side of things personally
17:27:59 <xmrmatterbridge> <f003brv> Well I do Computer Science research, not pure math like some others here. I feel like I can contribute to Blockchain research.
17:28:08 <xmrmatterbridge> <f003brv> like new algorithms for example
17:28:13 <koe> here is git repo for kastelo https://github.com/monero-project/kastelo
17:28:28 <gingeropolous> new algorithms?
17:28:58 <xmrmatterbridge> <f003brv> Did RandomX come out of Monero-Research-Lab/
17:29:16 <xmrmatterbridge> <f003brv> but along the lines of RandomX if there are new algorithms of that sort to work on.
17:29:23 <gingeropolous> yes and no. most discussion now happens in #monero-pow
17:29:46 <sarang> RandomX was designed primarily by tevador and hyc, who sometimes hang out here
17:29:51 <moneromooo> It came from tevador, who wasn't a monero contributor previously AFAIK.
17:29:58 <sarang> "by Monero Research Lab" is not really a formal thing
17:30:09 <sarang> This is a workgroup of people interested in research
17:30:36 <koe> for example, I research how monero actually works :')
17:30:50 <xmrmatterbridge> <f003brv> Ah I see, thanks for the links. I will check those out.
17:30:59 <sarang> Contributors here have been working on some constructions like CLSAG and DLSAG and Triptych and others, not sure if that's the type of thing that interests you
17:31:04 <xmrmatterbridge> <f003brv> What protocols do you discuss sarang?
17:31:05 <sarang> (it's more on the cryptography side, FWIW)
17:31:19 <selsta> There is also the https://rmxwallet.io hardware wallet which I think is also open source and focuses on Monero.
17:31:20 <sarang> I am mainly interested in cryptographic constructions and protocols
17:31:32 <sarang> like the ones I mentioned above
17:32:11 <xmrmatterbridge> <f003brv> yes I see. hmm okay, thanks. I will read through this stuff and see where I am suited best.
17:33:03 <sarang> There are informal research meetings each Wednesday (see topic) where people are free to discuss things they are working on or otherwise interested in
17:33:26 <sarang> Meeting logs are in GitHub issue comments, if this interests you
17:34:07 <sarang> If you want to learn more about the Monero protocol and how it all fits together, Zero to Monero (which koe writes) is a great technical resource
17:34:21 <sarang> The protocol has changed a lot, and it can be tough to follow all the changes
17:34:25 <xmrmatterbridge> <f003brv> Okay cool, what time?
17:34:36 <sarang> Wednesdays at 18:00 UTC
17:34:45 <sarang> The channel topic always lists the meeting information
17:34:46 <xmrmatterbridge> <f003brv> cool, how can I join in?
17:34:52 <sarang> It's this channel
17:34:55 <sarang> just show up
17:35:00 <koe> yes ZtM is about 1.5 years out of data, updating it currently
17:35:08 <xmrmatterbridge> <f003brv> oh okay not a g hangout
17:35:12 <sarang> no
17:35:54 <xmrmatterbridge> <f003brv> cool cool and sarang I wiil read Zero to Monero
17:36:01 <sarang> it's a great resource
17:36:33 <xmrmatterbridge> <f003brv> I read a high level book on Monero called Mastering Monero, while it has some details, it mostly discusses high level stuff.
17:36:46 <sarang> Yeah, Zero to Monero goes into the math
17:36:48 <koe> I can give you a draft of the second edition, which is mostly put together excluding bulletproofs
17:37:01 <sarang> koe: I had some basic information on bulletproofs in my fork
17:37:06 <xmrmatterbridge> <f003brv> that would be very nice koe
17:37:07 <sarang> not sure if that was at the level you were looking for
17:37:22 <koe> Ill take a look
17:37:33 <sarang> I'll make sure I actually pushed that branch
17:37:36 <sarang> it was a while ago
17:38:14 <sarang> https://github.com/SarangNoether/zero-to-monero/tree/bulletproofs
17:38:31 <sarang> I try to avoid a deep discussion of them, since that would just be rehashing the original paper, which does a fantastic job
17:38:43 <xmrmatterbridge> <f003brv> btw this probably a question for the future. What is the best way to get funded for working on Monero through the CCS? Are you guys funded?
17:39:02 <sarang> I request funding to do full-time cryptographic work
17:39:08 <sarang> as does suraeNoether
17:39:21 <sarang> What type of work do you wish to do?
17:39:38 <xmrmatterbridge> <f003brv> i'll have to get back to you on that after reading through the links.
17:40:05 <sarang> Do you currently do CS research professionally?
17:40:08 <xmrmatterbridge> <f003brv> my initial intuition will be some kind of development as that is low hanging fruit for me. I can contribute well do the website app or hardware wallet
17:40:13 <xmrmatterbridge> <f003brv> Yes
17:40:21 <sarang> Neat; university-type research?
17:40:27 <sarang> What area of CS?
17:40:28 <xmrmatterbridge> <f003brv> Yes at Dartmouth College
17:40:54 <sarang> I recommend talking to msvb about the hardware side of things; he's far more of an expert
17:41:28 <sarang> He has a few different nicks that begin with msvb- (often in monero-dev or monero-community)
17:41:33 <xmrmatterbridge> <f003brv> so my research is AI algorithms that are inspired by Neuroscience
17:41:38 <sarang> cool
17:41:57 <xmrmatterbridge> <f003brv> this is why I mention the algorithm contribution. that would be a good area for me
17:42:20 <xmrmatterbridge> <f003brv> I don't delve into cryptography really. I am excited to learn, but I would not expect to be funded for that work
17:42:26 <sarang> You may find #noncesense-research-lab interesting too, since there's a lot of discussion about data analysis there, particularly relating to transaction distinguishability
17:42:39 <sarang> Not so much the cryptography side, but the data science part of things
17:42:54 <sarang> suraeNoether is also spearheading work (in this channel) on graph theory models of chain analysis
17:43:00 <sarang> not sure if that's of interest to you
17:43:32 <xmrmatterbridge> <f003brv> oh graph theory would be good. the type of research I do is most on combinatorics
17:43:36 <xmrmatterbridge> <f003brv> than it is on data analysis
17:43:50 <sarang> Ah, then you might want to chat with suraeNoether about his graph matching project
17:44:27 <sarang> That project looks at transaction graphs using bipartite graph matching, and builds statistical models relating to analysis and user behavior
17:44:28 <xmrmatterbridge> <f003brv> very good, i will do that. and like i said probably a question for the future but can we get funded for contributing to any of these projects through the CCS
17:44:46 <xmrmatterbridge> <f003brv> very interesting sarang, this could suit me well
17:44:54 <sarang> Anyone is free to post a CCS; it's up to individual folks in the community to decide if they think it's a good value
17:45:13 <xmrmatterbridge> <f003brv> what part of Monero will this be applied to Blockchain?
17:45:15 <xmrmatterbridge> <f003brv> makes sense
17:45:25 <sarang> "this" = the graph project?
17:45:43 <xmrmatterbridge> <f003brv> yes sorry will the graph project be applied to Blockchain?
17:45:49 <xmrmatterbridge> <f003brv> the Monero Blockchain
17:46:02 <sarang> Yes, but it can be applied elsewhere
17:46:16 <sarang> You could model different default wallet behavior and see what the effects are on chain analysis, for example
17:46:17 <xmrmatterbridge> <f003brv> where else? i am curious
17:46:24 <sarang> Oh, I mean to other projects
17:46:34 <sarang> It's not specific to the Monero chain
17:46:36 <xmrmatterbridge> <f003brv> oh yes sorry seeing the second message now
17:46:55 <xmrmatterbridge> <f003brv> could apply well to a dex too
17:47:05 <sarang> Let me look up the repo where suraeNoether works on it
17:47:36 <xmrmatterbridge> <f003brv> thanks, i would appreciate that very much.
17:47:38 <sarang> I think this is the current branch: https://github.com/b-g-goodell/mrl-skunkworks/tree/matching-buttercup
17:48:03 <xmrmatterbridge> <f003brv> cool, i will look through this.
17:49:26 <koe> ok here is current draft, please take with a grain of salt since it's just a draft. In particular, the range proofs are bulletproofs now (not a critical flaw since they are basically a black box to any sane person).
17:49:28 <koe> https://www.pdf-archive.com/2020/01/10/zerotomoneroebookmaster-v1-0-13/zerotomoneroebookmaster-v1-0-13.pdf
17:50:23 <xmrmatterbridge> <f003brv> koe, don't worry i look at research paper drafts all the time
17:50:27 <xmrmatterbridge> <f003brv> I appreciate you sharing
17:50:43 <koe> sure thing, feel free to email me with comments or questions
17:50:56 <xmrmatterbridge> <f003brv> indeed i will. where can i reach you
17:53:43 <xmrmatterbridge> <f003brv> nvm don't answer. found it in the paper
17:55:12 <sarang> koe: any thoughts on the bulletproofs stuff?
17:55:23 <sarang> Hopefully it's useful to you
17:57:05 <koe> ah not sure yet, will have to put it in my 'workflow' for when I try to grasp the bulletproofs story; I'm committed to one thing at a time!
17:57:41 <sarang> Any other parts of ZtM for which you'd like assistance?
17:57:52 <sarang> related to the cryptography
18:00:14 <koe> always happy for reviews :) , not much else changed since first edition cryptography-wise. Commitment changes are section 5.3 in this draft
18:00:34 <sarang> Any particular sections/chapters for review?
18:00:39 <sarang> 5.3 for commitments, as you say
18:00:41 <sarang> Others?
18:01:23 <koe> I reworked chapter 5, and now it is chapters 4 through 6, so would be nice to know the rework works
18:01:33 <sarang> Sure, glad to review
18:01:39 <sarang> Using that PDF link, I suppose?
18:01:54 <koe> that's the transaction protocol, yeah or I can email if you dont trust pdf archive, those bastards
18:02:19 <sarang> Is it from an Overleaf version? I have read access to that
18:02:34 <koe> I think I shared it with you a while back actually
18:02:37 <koe> same one
18:02:38 <sarang> yep
18:02:43 <sarang> ok cool
20:38:14 <jtgrassie> this is great koe.
20:45:09 <jtgrassie> koe: the PoW p54, "with the name now Cryptonight
20:45:10 <jtgrassie> V2 [10], and Cryptonight-R was the third tweak implemented in March, 2019 (v10) [11]. A new
20:45:12 <jtgrassie> proof of work called RandomX"
20:46:42 <jtgrassie> That is a little misleading in so far as the CryptoNight changes went from variant 0 to 5 until 6, which became RandomX.
20:47:22 <jtgrassie> CN/R was variants 4&5.
20:47:55 <koe> ah I had a hard time finding clear documents on the progression
20:53:39 <jtgrassie> it basically went: CN, twek, tweak, CN/R, RX
20:53:54 <koe> the monero/README says 'cryptonight variant 1 (v7), 'cryptonight variant 2 (v8), 'cryptonight-R (v10)', and 'randomx (v12)
20:55:29 <koe> are you saying CN/R was radically different and doesn't count as a tweak?
20:55:34 <jtgrassie> right, but your vX is not the PoW version.
20:55:53 <jtgrassie> and no CN/R is not a tweak.
20:56:03 <koe> vX is the protocol version
20:56:17 <moneromooo> It's a CN base, and adds a set of random intructions inside.
20:56:36 <moneromooo> RandomX is a differnet algorithm, has no CN base.
20:58:30 <jtgrassie> CN/R is a lot more than a tweak is all I'm saying. It's signficantly different to what came before.
20:58:34 <moneromooo> You might also want to make it clear v9 uses variant 2, etc.
20:59:15 <moneromooo> Since some people started calling variants by their fork version, which makes things confusing.
20:59:40 <jtgrassie> ^ tell me about it!
20:59:54 <koe> Throughout the document I imply that (vX) is the protocol version where something was implemented, and that it sticks around unless replaced
21:00:51 <jtgrassie> right but moos point is right "You might also want to make it clear v9 uses variant 2, etc."
21:01:21 <jtgrassie> anyone authoring mning code needs this detail.
21:01:51 <jtgrassie> (i.e. precisely what algo and when)
21:01:55 <koe> I could say (v8-v9)
21:02:58 <jtgrassie> the point is that the "tweaks" are variants of CN released at vX protocol.
21:03:44 <jtgrassie> it probably is better suited to a table
21:19:18 <koe> thanks for the feedback guys ^.^
21:32:43 <sarang> If only we had come up with a badass naming scheme...
21:33:32 * sarang goes back to writing curve library tests
21:33:47 * sarang does not enjoy writing curve library tests
21:33:54 <koe> our current pow name is literally random!
21:34:35 <hyc> We should have called it CryptoWight
21:34:59 <hyc> ... wight --> wraith for those not up on their spooky folkore
21:35:02 <hyc> folklore
21:35:38 <moneromooo> And RandomHex.
21:35:55 <gingeropolous> ASICSlayer
21:45:33 <hyc> ASIC Ghoster ;)
21:49:18 <cohcho> It's (randomx) name doesn't matter for me if it works.
22:30:56 <hyc> Indeed. Which is why, now that it works, we can waste some time joking about new names