Meeting summary: Monero Research Lab, 5 October 2022

This is a comprehensive summary, with added reference links, of the MRL meeting¹ from October 5th 2022, 1700 UTC.

Logs

The raw, unedited, full log file for this meeting:

221005-mrl.log (57 lines)

Summary

Note: it is possible that some relevant information may be missing from this summary; read the full log file for the complete, unedited discussion.

• Participants: 9 (UkoeHB², rbrunner³, dangerousfreedom⁴, vtnerd⁵, ArticMine⁶, Rucknium⁷, jberman⁸, premined_POS⁹, isthmus¹⁰)

• (1) Updates

  • (1.1) on outreach initiatives / MRL recruitment efforts¹¹:

  • Rucknium noted that the MAGIC Monero Fund¹² will soon submit its grant application to some research grant databases in hopes of attracting more researchers

  • (1.2) on Seraphis¹³ (library, bug fixes, wallet, audit framework¹⁴):

  • dangerousfreedom has been investigating the grootle proofs in seraphis and trying to make a parallel implementation of it in an attempt to correct any potential flaws

  • UkoeHB was planning to focus on the remaining seraphis library updates: finish unit testing legacy balance recovery for the legacy-seraphis transition, add legacy inputs to multisig, add coinbase tx type

  • jberman finished work on PR #8566¹⁵ (wallet2: fix rescanning tx via scan_tx) and was getting ready to finish background sync mode, before moving on to Seraphis wallet work

  • rbrunner found the Seraphis library interesting after taking a closer look at the code

  • (1.3) on P2P E2E encryption¹⁶ and the Noise Protocol¹⁷:

  • vtnerd was considering dropping the planned noise method due to fingerprinting

  • (1.4) on multisig security proofs:

  • jberman reported that no answer was received from veorq one week after contact and he was still waiting on a response from the Inference¹⁸ security team

• (2) Open discussions

  • (2.1) on the need for a Seraphis formal peer review:

    • dangerousfreedom was wondering about the legal implications of formality and if there is a real need for a ‘paper’ of Seraphis to be peer-reviewed

    • UkoeHB noted that the seraphis composition proof is a novel scheme and it is standard practice to at least have security proofs for signature schemes

    • premined_POS pointed out that precautions, redundancy and tests are good even in trivial scenarios

    • Rucknium thought that a formal peer review is important and a paper is the best way to have a review of the math, noting that in case of a critical error, the Monero network would probably be destroyed

    • UkoeHB answered rbrunner’s question about the current state of security proofs for Seraphis: it’s in limbo until I get a chance to properly refresh the paper; after that we need to find someone to help us

Let me know if you find this kind of report helpful.

Feedback, edits always welcome @/about.

-3RA