-
Isthmus
Just catching up on notes since meeting. Determining block time by orphan rate is relevant if the bottleneck is propagation. The other consideration is verification time.
-
Isthmus
Hmm, suppose an attacker wants to maximize verification_time/kB
-
Isthmus
i.e. if I'm going to make 200 kB worth of transactions, how can I maximize the time it takes for nodes to verify it?
-
Isthmus
s/i.e./e.g./
-
monerobux
Isthmus meant to say: e.g. if I'm going to make 200 kB worth of transactions, how can I maximize the time it takes for nodes to verify it?
-
Isthmus
Lots of little transactions? Are there things that I can do to increase verification complexity?
-
Isthmus
Hmm what's (2 minutes)/(average transaction verification time)
-
Isthmus
(just for a regular transaction, nothing designed to be heavy)
-
sarang
More outputs means higher BP complexity
-
sarang
More inputs means higher LRS complexity
-
sarang
The combination means higher balance check complexity
-
Isthmus
Interesting
-
Isthmus
What's the ballpark verification time for a 2-in/2-out?
-
Isthmus
Completely unrelated, I got caught in the weirdest mystery this afternoon.
-
Isthmus
So there are >100 transactions whose payment ID is some variation on `fluffypony is the best pony ever` (abbreviated as FITBPE below)
-
Isthmus
(this has been previously discussed). Weird, but if you’re hardcoding a uPID into some custom wallet, it’s a funny line.
-
Isthmus
Weirder though: some user/wallet started producing transactions whose PID is almost *but not quite* the base string. In most cases the a single random character is perturbed into a different character (string edit distance = 1)
-
Isthmus
This is confusing to me - did the transaction creator have the presence of mind to realize that putting the same plaintext string on every transaction is a fungibility defect, and yet think that a single character edit would forever foil analyses?
-
Isthmus
-
Isthmus
In general, regarding the FITBPE transactions, the other fascinating thing is that this doesn’t appear to be a day-to-day wallet… I hypothesize that they were generated by payout software.
-
Isthmus
If it were a day-to-day wallet, we would expect some of the transaction to include change outputs, which would be externally visible as FITBPE transactions who include ring members that are also from FITBPE transactions. This does not seem to be the case (although I have not exhaustively verified this, feel free to share a counterexample)
-
Isthmus
Also, we see transactions where FITBPE is duplicated by number of outputs. For example,
xmrchain.net/search?value=94df27b38…3825be8224838c7ea582754d295ea9d2c48
-
Isthmus
That’s a 1-in/4-out transaction, whose tx_extra contains 4 copies of FITBPE (see repeated `666c75666679706f6e7920697320746865206265737420706f6e792065766572`)
-
Isthmus
The only way I can make sense of this is if some wallet was tagging all its outgoing outputs with FITBPE or a slightly-edited variant.
-
Isthmus
I dunno, what are other possible explanations?
-
sarang
Isthmus: on a 2.1 GHz Opteron, a 2-input CLSAG (with balance check) is 21.2 ms to verify, and the per-proof BP (over, for this example, only 4 such proofs) is 7.7 ms
-
sarang
The BP numbers will be lower on a per-proof basis with more proofs in the batch
-
sarang
So something like 25-30 ms
-
Isthmus
120/(30/1000) ~ 4000 txns/block before validation time > block time
-
Isthmus
-
Isthmus
Does the RPC not support payment IDs?
-
Isthmus
*sending `transfer` with payment ID
-
sarang
Note that the numbers I provided do not account for database reads, key image checks, and other housekeeping operations... just the major stuff
-
moneromooo
Might well have been removed.
-
Isthmus
So I cannot specify an ePID in the transfer? But the wallet will still include include an ePID that is just encrypted 0s?
-
selsta
transfer to integrated address
-
selsta
we don’t want standalone PIDs
-
sarang
You mean subaddresses?
-
selsta
no
-
selsta
maybe I’m missing something :)
-
moneromooo
No, you made sense.
-
sarang
Oh I see what you mean. From an RPC call perspective
-
sarang
Ignore me :)