Oddbean new post about | logout
sommerfeld | 5 months ago (raw) | root | parent | reply | flag +1 
 Is there a way to verify that a "monero zap" actually happened, or is it like LN zaps which are totally trust-based and can be easily spoofed?
SaberhagenTheNameless | 5 months ago (raw) | root | parent | reply | flag +1 
 Good question 🤔

I'm not sure

@SimplifiedPrivacy.com Podcast is this possible to do in a trustless way?
SimplifiedPrivacy.com Podcast | 5 months ago (raw) | root | parent | reply | flag 
 @sommerfeld @SaberhagenTheNameless

The first question is what Monero we’re talking about, because there’s huge changes coming down the pipeline, I even heard “full membership proofs” discussed and layer 2 possibility from a few different speakers on Monero Talk podcasts and Matrix rooms.

There’s a couple ways it could be made trustless, but our group is not doing them.

Way 1) The server is running a Node and sees the tx.
We’re not doing this because I’m not the only one running a server, this will have random people also running it that may or may not federate.  So then Chainalysis would run them too.  They’d see a 1 in 16 chance, but with full membership proofs it could be trustless.

Way 2) zkProofs
We’re not doing this because you’d need an engineer that exceeds what I’m willing to pay to entertain random fucks for free

Way 3) When they do layer 2 in a year, the guy running L2 can run this as the node in way 1.  Which won’t be me for legal reasons
SimplifiedPrivacy.com Podcast | 5 months ago (raw) | root | parent | reply | flag 
 Yeah so the node sees it.  Which is 1 in 16
SimplifiedPrivacy.com Podcast | 5 months ago (raw) | root | parent | reply | flag +1 
 Yeah but Monero’s ring signatures select random transactions to use as decoys.  If transactions (even if intended to be public) are ruled out as the potential sender, it hurts Monero’s privacy at a rate directly proportional to how popular the nostr zap is.  Think about it, if 90% of transactions are nostr zaps, then the 10% of “private” transactions then it's badly hurt.
SimplifiedPrivacy.com Podcast | 5 months ago (raw) | root | parent | reply | flag +1 
 Yes if it’s kept private, then its totally fine.

Yes complex zkProofs can also be used, that our team is ALSO NOT doing due to cost.

I’m sorry to hear you’re thinking of quitting, maybe your client can be integrated with our rebelnet.me setup?  I’m not concerned with the bounty, more so with spreading adoption
SimplifiedPrivacy.com Podcast | 5 months ago (raw) | root | parent | reply | flag 
 Well what are the requirements on the bounty?  Because ours doesn’t have a built-in wallet, it’s the server side level first.  Then we’re going to add the wallet-client later.  How’s the android version doing the server-side?  It just posts it with a certain tag to the main relays, and then only that client can see it?
SimplifiedPrivacy.com Podcast | 5 months ago (raw) | root | parent | reply | flag +1 
 it would be good to work with retnull regardless of bounty, our's has an API he can easily add to get the server-side.  Do you have his contact info?  Thanks so much for your replies
SimplifiedPrivacy.com Podcast | 5 months ago (raw) | root | parent | reply | flag 
 alright thanks for the insight mate