Luke Parker kayabaNerve

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                kayabaNerve
                / keybase.md
            
            
              Created
              January 11, 2018 18:28
            
          
    Keybase proof

I hereby claim:

I am kayabanerve on github.
I am techaspirer (https://keybase.io/techaspirer) on keybase.
I have a public key ASCSYCHgV_SH_oBFWZp_chFXw-R-AawQgVbKfx_9Oi1lego

To claim this, I am signing this object:

  
## NaturalObject.nim
import tables

#Valid object times.
type NaturalObjectKind* = enum
    nokBoolean, nokInt, nokString, nokArray, nokObject

#Natural Object.
type NaturalObject* = ref object of RootObj
    case kind*: NaturalObjectKind
        of nokBoolean:

## gist:73d372abb7f9f5e788768b9a18c6738f
#Constructor 1.
proc newSketcher*[T](): Sketcher[T] {.inline, forceCheck: [].} =
    @[]

#Constructor 2.
proc newSketcher*[T](
    elements: seq[T] = @[]
): Sketcher[T] {.forceCheck: [].} =
    result = @[]
    for element in elements:

## parseSend.nim
import ../../../lib/[Errors, Hash]
import ../../../Wallet/Wallet

import ../../../Database/Transactions/objects/SendObj

import ../SerializeCommon

proc parseSend*(
  sendStr: string,
  diff: uint32,

## lib.rs
extern crate libc;

use std::{
  ptr,
  mem,
  os::raw::c_char,
  ffi::{CStr, CString}
};

use serde_json;

## guaranteed_addresses.md

      
              1 file
            
          
              0 forks
            
          
              2 comments
            
          
              1 star
            
          
                kayabaNerve
                / guaranteed_addresses.md
            
            
              Last active
              November 3, 2022 00:29
            
              
                [Deprecated] Monero - Guaranteed Addresses
              
          
    This has been deprecated for Featured Addresses.
Guaranteed Addresses

Monero payments are not guaranteed to be spendable, when individual transactions are scanned. Only when the entire chain is scanned will you learn if an output has conflicts, and only with the private spend key can you see if one of those conflicts has been spent, already having burnt all potentially usable outputs. This makes view-only scanning of the chain insecure, under the standing policy of "credit difference", as the wallet will credit the difference even if the funds are already burnt.
It should be noted wallet2 will stop crediting the difference if it knows the key image was used, as it should, yet it will continually credit if view-only, as it'll never learn when key images are used (unless imported, which may break a desired privacy model). Unfortunately, this is not an issue with a simple fix. Solely crediting the initial transfer potentially leaves fun

  
## featured_addresses.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                kayabaNerve
                / featured_addresses.md
            
            
              Last active
              April 4, 2024 19:14
            
              
                Monero - Featured Addresses
              
          
    Featured Addresses

A previous proposal, Guaranteed Addresses, discussed a bit flag for the existing Monero address formats, extending their functionality by removing the burning bug as a potential exploit. This design ended up requiring per-network bits, leading to the suggestion from jberman to create a new address type per-network, one which is followed by a bit-flagged VarInt specifying features. This would create a highly composable address format allowing adding new features when demand is sufficient, without running into the original problem yet again.
Specification

Monero addresses are currently:

VarInt type
Public spend key
Public view key


## polynomial.rs
fn polynomial<F: PrimeField + Zeroize>(coefficients: &[Zeroizing<F>], l: u16) -> Zeroizing<F> {
  let l = F::from(u64::from(l));
  let mut share = Zeroizing::new(F::zero());
  for (idx, coefficient) in coefficients.iter().rev().enumerate() {
    *share += coefficient.deref();
    if idx != (coefficients.len() - 1) {
      *share *= l;
    }
  }
  share

## CurveCycle.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                kayabaNerve
                / CurveCycle.md
            
            
              Created
              July 26, 2023 23:04
            
              
                Monero and Moving to a Curve Cycle
              
          
    Personally, I believe not moving to a curve cycle may be the biggest failure possible with Seraphis, and I'd likely lose interest in further contributing to Monero.
The end goal of any protocol is properly and efficiently doing its stated goal. For Monero, we prioritize privacy, yet we always seek out the best ways to be private. This shows with us not adopting a trusted setup (offering constant-time verification of any statement of any complexity, yet not being verifiable), yet moving from Borromean signatures to Bulletproofs, and later Bulletproofs+. We value performance, yet not when it's unsafe.
Currently, the only known sublinear proofs either:

Require pairing-based curves, whose security is an active discussion (notably, within the last decade they lost tens of bits)
A curve cycle

While Monero can find efficient proofs without a curve cycle, as seen with Bulletproofs, and still implement Curve Trees without a curve cycle (the current best case for full-chain membership proofs), via tower-hashin

  
## gist:7336bf7d95176deaa9c2807690e8c47e
The following is a rough sketch of a potential design, largely written in
present-tense.

---

We achieve a constant-time constant-size trustless ZK proof by recursing a
trustless sublinear Spartan instance to a minimum bound.

We then allow arbitrary users to specify a R1CS proof of size equal to the
minimum bound, allowing said users to in-effect specify and verify Spartan
	import tables

	#Valid object times.
	type NaturalObjectKind* = enum
	nokBoolean, nokInt, nokString, nokArray, nokObject

	#Natural Object.
	type NaturalObject* = ref object of RootObj
	case kind*: NaturalObjectKind
	of nokBoolean:
	#Constructor 1.
	proc newSketcher*[T](): Sketcher[T] {.inline, forceCheck: [].} =
	@[]

	#Constructor 2.
	proc newSketcher*[T](
	elements: seq[T] = @[]
	): Sketcher[T] {.forceCheck: [].} =
	result = @[]
	for element in elements:
	import ../../../lib/[Errors, Hash]
	import ../../../Wallet/Wallet

	import ../../../Database/Transactions/objects/SendObj

	import ../SerializeCommon

	proc parseSend*(
	sendStr: string,
	diff: uint32,
	extern crate libc;

	use std::{
	ptr,
	mem,
	os::raw::c_char,
	ffi::{CStr, CString}
	};

	use serde_json;
	fn polynomial<F: PrimeField + Zeroize>(coefficients: &[Zeroizing<F>], l: u16) -> Zeroizing<F> {
	let l = F::from(u64::from(l));
	let mut share = Zeroizing::new(F::zero());
	for (idx, coefficient) in coefficients.iter().rev().enumerate() {
	*share += coefficient.deref();
	if idx != (coefficients.len() - 1) {
	share = l;
	}
	}
	share
	The following is a rough sketch of a potential design, largely written in
	present-tense.

	---

	We achieve a constant-time constant-size trustless ZK proof by recursing a
	trustless sublinear Spartan instance to a minimum bound.

	We then allow arbitrary users to specify a R1CS proof of size equal to the
	minimum bound, allowing said users to in-effect specify and verify Spartan