John Seggerman
5.7K posts
@CONSERVATIV3573
#bitcoin @bitcoin #monero @monero
JUST IN: US seized $450 million in Iranian crypto
The FCMP++ 1a/1b integration audit has officially kicked off. @MagicGrants selected Trail of Bits (Vendor 1) over the other shortlisted vendor due to significantly better scheduling (expected start May 11 after a preparation week, completion by May 22). The chosen auditors bring strong relevant experience in cryptographic theory, implementation review, and Rust FFI. @cypher_stack is conducting an independent, unfunded parallel code review and has already made substantial progress. sgp_: The FCMP++ 1a/1b audit process has kicked off. I have a call to discuss GBPs with zksec tomorrow. I hope to move forward with that quickly, with a goal of final approval during next week's meeting. sgp_: For FCMP++ 1a/1b, we ended up going with vendor 1 instead of 4 due to scheduling. Both are good choices, but vendor 1 will deliver 2 months sooner tevador: Who is Vendor 1? jberman: Vendor 1 is Trail of Bits rucknium: > The FCMP++ 1a/1b audit process has kicked off. rucknium: > I have a call to discuss GBPs with zksec tomorrow. I hope to move forward with that quickly, with a goal of final approval during next week's meeting. rucknium: > The divisors paper from zksec suggested small fixes and we're looking at those, but we don't expect these to require actual changes in the code. rucknium: > A helioseleine secondary audit will be prudent. I need to write up what makes the most sense for that. Some stuff was formally proven, but other stuff wasn't and needs manual review rucknium: > For FCMP++ 1a/1b, we ended up going with vendor 1 instead of 4 due to scheduling. Both are good choices, but vendor 1 will deliver 2 months sooner jberman: The specific candidates Trail of Bits (ToB) shared who would work on the integration audit had direct relevant experience on cryptography theory and impl review, as well as with Rust FFI's jeffro256: ToB can allegedly start working May th jeffro256: 4th jberman: May 11th* articmine: ..and expected completion jberman: With expected completion date of May 22nd jeffro256: Did they change it? jberman: They want to use next week to prepare and plan with us, and then actually begin the 11th tevador: I have a comment about the future audit of mx25519: Since Carrot doesn't use the scalar inversion code, it could be removed from the library to simplify the audit. Pinging jeffro256 to confirm. jeffro256: Yes, Carrot doesn't ever use the scalar inversion code jeffro256: Although, wouldn't Jamtis still use it for the Janus check? tevador: Yes, Jamtis will use it, but I'll have to check if your changes in the library are compatible. tevador: It might be better to leave it for a future Jamtis audit. jeffro256: That's totally fair. It could definitely be excluded from an audit scope koe000: It may be more efficient to review the inversion now instead of later, since the auditor will already be in the mindset. Separating means paying for an auditor to set up that mindset twice. tevador: koe000: the inversion code is completely separate from the ladder code, it should have been two libraries instead of one diego: hi can I speak on the audit thing? I can do so after the meeting rucknium: diego, Yes diego: Cypher Stack is doing a code review too. We weren't chosen for the money, but it doesn't matter. We started weeks ago. You should still go with the other group too btw. Should be done in a few weeks. Big progress on it already. #c671214" target="_blank" rel="nofollow noopener">libera.monerologs.net/monero-researc…
JUST IN: 🇺🇸 Tether freezes $344 million in $USDT following requests by US law enforcement.
