15:25:50 <maybefbi> what would happen if there was no  pseudo output commitments ?
15:27:02 <maybefbi> and we used the output commitments instead?
15:41:36 <UkoeHB_> you would have to use the RCTTypeFull transaction type, which was deprecated in protocol v8
15:42:32 <UkoeHB_> it was deprecated because real inputs have to be clustered together (same indices in input signatures)
15:43:32 <sarang> FWIW some of the next-gen transaction protocols don't require them
16:33:40 <maybefbi> UkoeHB_, sarang: can i ask tari questions here? I checked and they dont use MSLAGs or any ring signatures. why did they walk back?
16:34:16 <maybefbi> they just use commitments and range proofs
16:34:30 <moneromooo> There's a #tari{,-dev,-resarch}. And AFAIK they never used MLSAGs or ring signatures.
16:34:50 <maybefbi> interesting
16:36:43 <UkoeHB_> yeah the other channels are best
18:08:21 <sarang> Good news; I have a call scheduled with Teserakt (the auditors for CLSAG recommended by the audit workgroup) next week to discuss the scope of an audit
18:08:40 <sarang> They tell me that they would able to conduct the audit in mid-June
18:23:41 <UkoeHB_> nice
19:14:40 <sarang> One thing not currently included in CLSAG (but very easy to add) is subgroup checks for ring members
19:15:01 <sarang> This was suggested a long while back, but IIRC did not receive support due to increased sync times
19:30:13 <sarang> Opinions on this?
19:50:57 <luigi1111w> doesn't seem to gain us much?
19:59:53 <sarang> Well, it's technically necessary for the security proofs to hold
20:00:07 <sarang> but there are no issues in practice AFAIK
20:00:25 <sarang> Anyway, thought I'd bring it up again as the audit gets underway for CLSAG