The Sovereign Individual

One thing that teach me why #Monero $XMR is the future. Watch "The Godfather II" when Michael Corleone (Al Pacino) discusses Cuban Rebels "They Could Win"

MoneroTopia26 about to kickoff !!! But first a quick Monero 101 in Spanish so all the onboarded vendors know how to use their @cakewallet @EdgeWallet @monerujowallet and WHY they should be accepting and using Monero ! 🚀🚀🚀

jberman outlined a 4-phase audit plan for FCMP++ integration code, starting with crypto and progressing to consensus, with funds to be raised via CCS; discussions covered phasing, timelines (estimated 3 months), auditors (potentially @cypher_stack), and related upstream PRs. jberman: My current plan on the table is to have the fcmp++-stage in the seraphis-migration repo ready for auditing. I'd like to audit the integration code in 4 phases: 1) Crypto, 2) Crypto Integration, 3) Tree building / prove / verify, 4) Consensus integration Each subsequent phase essentially utilizes the building blocks of its preceding phase So right now, I have PR's prepped (and am working with jeffro to get those PR's merged), and then would like to get started with auditing on a specific commit of fcmp++-stage rbrunner: So with possible working-in of the results of one phase's audit results before going to the audit of the next phase? jberman: Of note, I've already opened a couple PR's upstream, which jeffro and vtnerd reviewed. I'm proposing we get that code + other related building block crypto audited as well rbrunner, Yes. I'm thinking about a distinct CCS like kayaba's where I raise funds for the audits in advance, to minimize downtime between each phase rbrunner: I see. Makes sense Will be interesting to see how long the whole process takes, over all 4 phases jberman: Here are the specific sections I want to get audited: paste.debian.net/hidden/82c00500 Audit 1 Crypto - rct::zeroCommitVartime - fe_batch_invert - ed25519 -> wei conversion - point_to_ed_derivatives - ed_derivatives_to_wei_x_y - fe_ed_derivatives_to_wei_x_y - torsion clearing - clear_torsion - get_valid_torsion_cleared_point - rct::verPointsForTorsion - unbiased key image generator - unbiased_hash_to_ec - Review that this achieves the stated goal of eliminating bias. Hash to point safety. Review: safety, constant timedness Out of scope (slated for future optional audit): - torsion check - torsion_check_vartime - get_valid_torsion_cleared_point_fast - fe_reduce - fe_dbl ______________________ Audit 2 Integrated Crypto - output_to_tuple - output_to_pre_leaf_tuple - selene_scalar_from_bytes - set_valid_leaves - hash_grow - hash_init_point - point_to_cycle_scalar - from_bytes / to_bytes ______________________ Audit 3 Curve Tree building - get_tree_extension - get_leaf_layer_grow_instructions - hash_children_chunks - set_next_layer_extension - get_grow_layer_instructions - get_next_layer_extension ______________________ Audit 4 Consensus Integration advance_tree grow_tree trim_block trim_tree get_last_path handle_fcmp_tree batch_verify_fcmp_pp_txs - batchVerifyFcmpPpProofs // Make sure the block uses the correct FCMP++ tree root and n tree layers jberman: rbrunner, I think 3 months is a reasonable expectation. First 2 audit phases ~1 month, and the latter 2 ~two months rbrunner: Sounds like a good sprint :) Hopefully without burnout at the end ... rucknium: Do you have specific firm(s) in mind? jberman: Will probably start with CS if they have availability between the other work rucknium: Code auditing plan sounds good to me. I am no code auditing expert of course :) #c656005" target="_blank" rel="nofollow noopener">libera.monerologs.net/monero-researc…