plowsof
commented
3 months ago Logs
< rucknium:monero.social > MRL meeting in this room in two hours.
< rucknium:monero.social > Meeting time! (oops, forgot to make the GitHub issue...)
< rbrunner > Hello
< vtnerd:monero.social > hi
< rucknium:monero.social > 1) Greetings
< rucknium:monero.social > Here is the meeting GitHub issue: https://github.com/monero-project/meta/issues/963
< rucknium:monero.social > 2) Updates. What is everyone working on?
< kayabanerve:matrix.org > 👋
< vtnerd:monero.social > me: spend a lot of time doing a review of jeffro256 changes to txpool handling, and continued slowly on lws "chain hardening". about 70% sure its worth hacking lws to do this, but without it you can easily spoof chains
< vtnerd:monero.social > the review of jeffro256 code looked good, but reverted some ZMQ "features"
< rucknium:monero.social > Me: OSPEAD. isthmus will get me some data today probably. The processing "only" took a few hundreds of GB of RAM. I hope the hardware requirements can be reduced so that the analysis is easier to reproduce by others. The MAGIC Monero Fund approved the University of Zurich research group's EAE/churning research for a fundraising.
< rucknium:monero.social > Once I get the isthmus data it takes about 5 days of additional processing. Then interpret the results.
< rbrunner > https://monerofund.org/projects/ring_signature_ai gives me 500 Internal Server Error
< vtnerd:monero.social > yeah the funding site is down, I notified sgp about it about 20 minutes ago
< rbrunner > Ok :)
< rucknium:monero.social > uh oh. Ok we will try to fix. Thanks for telling us
< rbrunner > But well, that's not even the Zurich fundraiser I think
< rucknium:monero.social > no, it's not
< vtnerd:monero.social > yes, that link should be an older fundraiser
< rucknium:monero.social > 3) Discussion. What do we want to discuss?
< kayabanerve:matrix.org > I have misc more progress on Full Chain Membership Proofs, nothing to specifically note re: progress.
< kayabanerve:matrix.org > Ideally, ideally, with Vector Commitments, we can get the bulletproof to
< kayabanerve:matrix.org > 10 gates a scalar mul
< kayabanerve:matrix.org > A few gates on misc
< kayabanerve:matrix.org > n on set membership
< kayabanerve:matrix.org > Such that we reach a power of 2 where n**p where p<6 > 500m.
< kayabanerve:matrix.org > 50**5 is roughly that (with the power of 2 being 64).
< kayabanerve:matrix.org > That'd make the cost of the FCMP roughly equal to 1 aggregate BP of 4 outs and 1 aggregate BP of 2 outputs (if my off-hand math is correct).
< kayabanerve:matrix.org > Under current theory, ideally the FCMP circuit size will be halved from where it was prior (yet not at the above level).
< kayabanerve:matrix.org > So performance of that is significantly improving re: theoretical architecture.
< rucknium:monero.social > Nice. Does that affect verification time? Or the about the same verification time that you estimated earlier?
< kayabanerve:matrix.org > Verification time is linear to circuit size, and this is all further improvement goals.
< rucknium:monero.social > Pretty much the only think left to do with OSPEAD is to fit several distribution families to the real spend age data and pick the "best" one. Maybe someone has an opinion about which ones should be tried. I plan to fit a "small" number of distributions in total, but some of those distributions are generalizations of a large number of other distributions. i.e. if the parameter(s) o<clipped message
< rucknium:monero.social > f a general distribution are set to particular values, it is equivalent to another more specialized distribution.
< rucknium:monero.social > You can just search over the parameters space of the generalized distribution and you have "checked" if the specialized distribution fits better.
< rucknium:monero.social > The two main generalized distributions that I will try are the Generalized Extreme Value and the Feller-Pareto distributions.
< rucknium:monero.social > I will also try the Log-Gamma (the same family that we have now for decoys, but we will get different parameter values for the more accurate data). And the Noncentral F and Right-pareto Log-normal distributions.
< rucknium:monero.social > I will mind the implementation complexity of these. If a more complex distribution is only slightly better in fit than a simple one, we may want to use the simple one.
< vtnerd:monero.social > I was just going to ask about that, because LWS is one of the few alternate implementations of decoy selection
< rucknium:monero.social > Is there a list of probability distributions that can be easily added to the Monero codebase, like in
boost?_< sgp:monero.social >__ Yes, sorry about this. I'm not sure what happened :/ But I'm actively working on this\
< rucknium:monero.social > Yes, so maybe if log-gamma with different parameters is almost as good as an alternative one, it is easier to just update those numbers in
wallet2and other implementations that use log-gamma.< vtnerd:monero.social > if its complex, at least provide a good re-usable API
< vtnerd:monero.social > there's boost accumulators and boost math that have statistics functions
< vtnerd:monero.social > thats about all I know, as I can't recall ever using either
< rbrunner > No idea either.
< rucknium:monero.social > The candidate distributions will be implemented in R. And some of those use C or C++ functions underneath. But many of them are licensed under GPL.
< vtnerd:monero.social > oh theres also boost special functions
< vtnerd:monero.social > ok so your providing the reference implementation in R, and one of the C++ programmers will have to port?
< rucknium:monero.social > Maybe that is what would happen. The functions are defined mathematically. Even the most complex ones aren't hundreds of lines of code or anything.
< vtnerd:monero.social > that will work, there's a few people that can do a port (hopefully)
< rucknium:monero.social > Some of them have better "documentation" than others. For example....
< rucknium:monero.social > Feller-Pareto, which is probably the most general and most complex one: https://www.jstatsoft.org/article/view/v103i06
< rucknium:monero.social > Has a whole article about how to implement, including numerical stability issues.
< kayabanerve:matrix.org > There's also monero-serai which has its own implementation.
< rucknium:monero.social > This replacement would be just for the random number generation. Generating a random output index. Then everything else about the decoy selection algorithm would be the same.
< rucknium:monero.social > Like calculating the flow of outputs in the last year, etc
< rucknium:monero.social > Anything more to discuss?
< rucknium:monero.social > We can end the meeting here.
Automated by this
Location: Libera.chat, #monero-research-lab | Matrix
Join the Monero Matrix server if you don't already have a Matrix account.
Time: 17:00 UTC Check in your timezone
Main discussion topics:
Greetings
Discuss: How to confirm security of Monero's multisignature protocol? Do we need mathematical security proofs, and can we get them? Info:
Discuss: Exploring Trustless zk-SNARKs for Monero's payment protocol. What are the bottlenecks for potential implementation?
Improvements to the decoy selection algorithm ( Decoy Selection Algorithm - Areas to Improve, Binning PoC, OSPEAD ) @j-berman @Rucknium
Seraphis. ( UkoeHB's Seraphis Proof of Concept work, Seraphis repo ).
MRL Meta: "Cat herding", i.e. prioritization of research areas and features. Active recruitment of technical talent, MRL structure, funding (@Rucknium & others) MoneroResearch.info repository of Monero-related research papers, Reddit discussion
Any other business
Confirm next meeting agenda
Please comment on GitHub in advance of the meeting if you would like to propose an agenda item.
Logs will be posted here after the meeting.
Meeting chairperson: Rucknium
Previous meeting agenda/logs:
959