Monero logs

11:55:35 dennis_tra:matrix.org: Hey folks, this is Dennis from ProbeLab. A few weeks ago I started asking questions about the Monero network in this channel. Today we've published the following blog post which I believe is of interest to this crowd:

11:55:35 dennis_tra:matrix.org: https://probelab.io/blog/peering-into-privacy-a-deep-dive-into-the-monero-network-topology

11:55:35 dennis_tra:matrix.org: tl;dr: We're showing data from a single representative network crawl and found significant concentration of nodes in the Spruce Creek Networks LLC hosting provider (not new to this community). We've found one additional IP address showing spy node behaviour which is not on the ban list. Ban list is adopted by ~46% of ho[... more lines follow, see https://mrelay.p2pool.observer/e/te20muoKZE1ucGVE ]

17:04:22 sgp_: Nice blog post

18:28:34 jbabb:cypherstack.com: re: the CARROT implementation audit, > <@rucknium> 4. carrot-core implementation audit (https://github.com/cypherstack/carrot_core-audit).

18:28:34 jbabb:cypherstack.com: 1. The omission of step 18 is safe as it is made redunant by lower-level Monero code: isInMainSubgroup() at https://github.com/seraphis-migration/monero/blob/fcmp%2B%2B-stage/src/ringct/rctOps.cpp#L468-L472 calls toPointCheckOrder() https://github.com/seraphis-migration/monero/blob/fcmp%2B%2B-stage/src/ringct/rctOps.cpp#L275-L [... too long, see https://mrelay.p2pool.observer/e/s7rUpeoKeDQ2WTQz ]

18:28:34 jbabb:cypherstack.com: 2. carrot_core uses Blake2b's keyed mode and not concatenation as in the spec. This doesn't invalidate any of the security properties as far as I can tell, but the cryptographers didn't consider that difference: they only evaluated the protocol spec, not the implementation. At the very least, implementers following just the spec will produce incompatible code.

18:28:34 jbabb:cypherstack.com: 3. The only other variance I found--outside of the scope of the audit--was that carrot-rs doesn't define the Carrot coinbase extension G and T domain separators. Instead, it uses the standard key extension path with a clear commitment, resulting in incompatible coinbase output derivation between C++ and Rust.

19:50:03 DataHoarder: > At the very least, implementers following just the spec will produce incompatible code.

19:50:03 DataHoarder: That was an issue I had and also discovered that carrot rust crate and Monero C imp. did not have the personalization string as well, which is now corrected for next stressnet

19:54:12 jeffro256: Sorry updating the Rust lib is on my TODO list