11:47:44 <BMO-noire> I think I'm misunderstanding something: block reward (as contained in the block header) is, reward = base emission + tx fees - block penalty
11:48:40 <BMO-noire> so my thinking is that if I want to see the block penalty, I could use https://web.getmonero.org/resources/developer-guides/daemon-rpc.html#get_coinbase_tx_sum to retrieve the total fees and base emission and the reward from the block's header
11:49:16 <BMO-noire> but when I do this I'm getting block penalty = 0 for all blocks.. have I made a mistake in my code or my understanding?
11:59:10 <BMO-noire> oh, `get_coinbase_tx_sum`'s emission already has the penalty included
12:01:01 <BMO-noire> okay, well then my question changes to: how do I get a hold of the exact block penalty for each block?
13:02:32 <selsta> https://attackingzcash.com/papers/attacking-zcash-for-fun-and-profit.pdf
13:03:01 <selsta> Do the “Metaverse Metadata Attack” described on page 9 make sense?
13:03:16 <selsta> The author claims it is also applicable to Monero.
13:54:27 <fort3hlulz> just read it
13:54:33 <fort3hlulz> No idea how it applies to Monero
13:54:43 <fort3hlulz> And its merely a heuristic analysis technique, not even a vuln
13:55:20 <fort3hlulz> selsta way overblown IMO, and his solution is to implement the inverse of Ring Sigs -- using fake zaddr outputs in each Tx
13:56:59 <fort3hlulz> Curious for others thoughts, but doesn't seem that big of a deal, nor does it seem to apply to Monero at all. The dude is a HARDCORE shill for his own project, and refuses to use responsible disclosure in any situation
14:06:23 <SerHack> selsta: that methodology does not impress me too much. Metadata have always been discussed in terms of privacy, but it's simply analyzing heuristic informations. The paper does not contain so much detail about fetching information from alternative blocks (could they give wrong information to analyst?).
14:12:25 <fort3hlulz> It also fails to mention anything about how costly the "solution" is in terms of storage or compute
14:12:37 <fort3hlulz> z2z is already massively computationally intensive
14:13:51 <midipoet> i thought it was 'metadata multiverse' for a second
14:14:33 <SerHack> Anyway it seems that guy wrote this paper only to share their own project or to "build their show". He is literally spamming their website on every tweet mentioning Zcash. He does not follow any responsible disclosure procedures.
14:15:04 <fort3hlulz> he's a shill, and I hesitate to use that word because its so loosely used in the space
14:15:10 <fort3hlulz> But its all an attempt to grab money for himself
14:15:20 <fort3hlulz> His last "disclosure" was a pitch for VC funding
14:16:44 <selsta> I don’t see what kind of metadata he can come up with simulating blockchain history but maybe I’m not creative enough lol
14:18:02 <SerHack> I have the high suspect that he's not the original author and someone wrote that paper to boost his project.
14:18:09 <fort3hlulz> Apparently with FPGAs or GPUs you can turn consensus into an oracle that exposes zaddr?
14:18:23 <fort3hlulz> idk
15:24:22 <sarang> Hello all
15:24:51 <sarang> Am updating MLSAG/CLSAG performance tests today to specifically include balance checks, for better timing comparison to my new Arcturus code and data
15:25:01 <sarang> Triptych has been updated for this already
15:26:03 <sarang> It wasn't really necessary when only comparing {M,C}LSAG to Triptych, but becomes relevant when Arcturus is in the picture since it doesn't offload the balance check
15:26:28 <sarang> I'll be interested to read that Zcash heuristics paper
16:19:06 <UkoeHB_> BMO-noire: check out zero to monero second edition ch7
17:10:43 <fort3hlulz> Possible solution to atomic swaps just announced: https://twitter.com/SomsenRuben/status/1259880548589240320?s=20
17:10:44 <monerobux> [ Ruben Somsen ⚡️🇳🅾️2️⃣❎ on Twitter: "SAS: Succinct Atomic Swaps Short video overview: https://t.co/JMY59tuW1h Protocol specs: https://t.co/ybTozovCjo Mailing list discussion: https://t.co/hFB69NVrfb ] - twitter.com
17:18:40 <sarang> Does it assume the existence of non-interactive refund transactions?
17:18:58 <sarang> If so, that is unsupported
17:22:49 <fort3hlulz> I don't see an implication for that, but I'm not sure
17:23:01 <fort3hlulz> Direct link to protocol doc: https://gist.github.com/RubenSomsen/8853a66a64825716f51b409be528355f
19:16:56 <zkao> its btw ltc and btc, and it uses ecdsa adaptor signature --- has anyone carefully looked into ecdsa adaptors?
19:19:59 <zkao> h4sh3d scheme can be easily adapted to work with ecdsa adaptors and DL equivalence proofs, in the absence of xmr refund txs
19:24:49 <sarang> Being able to replace hash preimage proofs (which are complex and computationally expensive) with DL equivalence proofs (which are straightfoward and computationally cheap) would be a huge benefit
19:27:56 <zkao> do you think community would fund 1-week work for a research and writeup on that?
19:30:04 <sarang> Possibly. Perhaps ask for input over in -community?
19:30:48 <sarang> I also have it on my list to eventually work on, but I don't have a monopoly on math
19:34:41 <sarang> zkao: are you able to access -community?
20:37:06 <zkao> yes, thanks, i poked the revelant party
20:37:21 <zkao> *relevant
20:38:42 <sarang> ?
20:38:43 <sarang> I meant that you could send a general message to the community IRC channel to see what those participants think about funding such work
20:38:43 <sarang> ?
20:46:22 <zkao> i asked h4sh3d to do it
20:48:17 <sarang> Ah ok
20:49:37 <zkao> he commented last week that he would work on it he had funding for it
20:50:32 <fort3hlulz> I think a lot of people in the community would love to have atomic swaps and happily fund anything moving it forward.
20:52:04 <sarang> It's very possible. But I do not want to speak for the community (hence the suggestion)
20:54:09 <fort3hlulz> For sure!