-
h4sh3d[m]
I’m pretty sure I did a mistake with the VES sig, I’ll correct that ASAP
-
h4sh3d[m]
Done. I was reasoning kind like homomorphic schemes when you encrypt and you decrypt later, but here you encrypt with the other participant key, so he must reveal it when going on chain.
-
h4sh3d[m]
Comments and feedback are very welcome
-
sarang
Interesting new preprint on determining bounds for Grin transaction amounts:
eprint.iacr.org/2020/723
-
sarang
(usual disclaimer that preprints are typically not externally reviewed for accuracy before posting)
-
sarang
Oh interesting; the paper notes that the earlier linking work relating to Grin linking can apply to their analysis as well
-
sgp_
Looks to me that for the most part, the flow ratios are quite good
-
sarang
It's a clever way to quantify it
-
sarang
sgp_ Isthmus_: I'm running deducible coinbase spend data for the Monero chain now
-
sarang
Should have results soon
-
dEBRUYNE
-
monerobux
[REDDIT] Is the curve Ed25519 really a secure choice for Monero? (self.Monero) | 3 points (80.0%) | 0 comments | Posted by TheQuantumPhysicist | Created at 2020-06-16 - 14:57:17
-
dEBRUYNE
If you feel like commenting :-P
-
sarang
Already commmented
-
sarang
the rho-complexity is nearly 2^126
-
dEBRUYNE
Ah, missed that
-
sarang
Commented just as you were sending your message!
-
sarang
The answer to "could the curve order be made larger" is "yes"
-
sarang
The answer to "should the curve order be made larger" is, IMO, "probably not at this point"
-
sarang
Isthmus_ and friends' analysis of the protocol against hypothetical quantum adversaries may address other areas of the protocol that would be vulnerable to assumed future analysis in the event of computing breakthroughs
-
sarang
I think OP confused the group order with the security level
-
sarang
curve25519 group order is something like 2^252, so rho would give you around 2^126 (rounded)
-
sarang
Unfortunately I think OP is still making this confusion :/
-
sarang
confusion averted
-
sarang
Interestingly, there are some nice designs for curves targeting higher security levels
-
sarang
but you certainly pay for it
-
sarang
and transitioning to a new curve for keys and getting the protocol to account for this sounds like a bit of a nightmare
-
sarang
A fun thought experiment, but a nightmare in practice
-
fluffypony
oh that's the guy that claims to be a Monero contributor (3 line PR) and a Bitcoin contributor (2 small PRs) and is now working on Mcafee's scamcoin
-
fluffypony
Ghost
-
fluffypony
which is just a Particl clone
-
fluffypony
he's "lead dev"
-
fluffypony
at least they didn't fork Monero