Monero MissivesSeptember 15th, 2014Hello, and welcome to our twelfth Monero Missive! This is our first Missive after a bit of a break whilst we thwarted two related blockchain attacks. Nonetheless, we have not sat by idly, we have been finalising and completing a brand new aspect of Monero designed to protect your privacy now and in the future:
Major Updates1. The Monero Research Lab is an open collective and a multi-faceted academic group focused on the ongoing improvement of Monero. Membership is not fixed, and comes and goes as researchers become interested in Monero. This isn't a group focused on the addition of "features" to Monero, but rather the analysis and improvement of the underlying core of Monero to make sure that the theories and cryptography behind Monero continue to remain robust and sound. With that in mind, we are proud to announce the release of the first two publications out of the Monero Research Lab:
2. This week Friday we're going to have our second #Monero-Dev Fireside Chat this week Friday, September 19th, 2014, at 10:00 EST which is 14:00 UTC and 16:00 UTC +2. For a full table of the time zones you can refer to
this image, or you can use
this online tool to add your city and make sure you have the correct starting time. Please note that this is a developer event, and so most of the focus will be from that perspective.
3. To pick up where we left off with our last Missive, we are also happy to announce the availability of Monero merchandise on the Monero Gear store, powered by Zazzle. The advantage of us using Zazzle is that it is on-demand and we never have to worry about print runs or stock or anything. In return we get 15% of each sale as a "royalty" that will go towards enabling further Monero development, although Zazzle do not (yet!) accept Bitcoin or Monero. We hope to add new designs to the store on a regular basis. You can check the store out here:
http://www.zazzle.com/monerogear* or take a peek at some of the new designs:
4. We are also pleased to announce the release of URS, a Monero project written in Go that allows you to sign messages using ring signatures as part of a group. The signature can be verified, but it cannot be determined which one of the signatories in the group did the actual signing (just like Monero uses for transactional unlinkability!). You can take a look at the project here:
https://github.com/monero-project/urs, and the Bitcointalk thread dedicated to the project is here:
https://bitcointalksearch.org/topic/unique-ring-signatures-using-secp256k1-keys-7684995. We have a new tagged release, 0.8.8.4, available for download (binaries:
Windows,
Mac,
Linux,
FreeBSD). This adds the following features:
- Testnet: we now have an operating testnet. When using bitmonerod or simplewallet you can now use the --testnet flag to use testnet instead of mainnet. Feel free to run a mining node or just a testnet node, we will be setting up email alerts for testnet nodes when an update is pending (although having a few older testnet nodes on the network won't hurt testing).
- FreeBSD Compatability: Monero now works on FreeBSD out the box. We will add it to the ports tree soon. At the moment compilation is no different from regular Linux and Unix compilation, and the same dependencies apply.
- GPG commits: we have begun GPG-signing commits and merges. This is an important step in maintaining the integrity of the codebase, and will ensure that any compromise of our computers or even the github account won't allow a malicious attacker to push code to the repository without the unsigned commits being spotted. Verification can be done by running 'git log --show-signature', which will show and verify signatures. An example of what you should see is below:
- Versioning: versioning is a lot easier, now, as tagged releases from 0.8.8.4 onwards will show version-final (eg. 0.8.8.4-final) as their version, and those built between tagged releases will show version-commithash (eg. 0.8.8.4-9088ea1). We expect this will greatly aid in debugging problems, as we can immediately pinpoint the actual version / commit a user is on.
- Logging: default log levels have been adjusted so that non-critical warnings are now relegated to log-level 1 and above. Apart from the normal reorganisation notifications, the only messages in red that should show up in the daemon are actual errors.
6. We have slowed down development on the GUI to give us a bit more time to focus on the Monero internals. This is especially important given the recent attack. However, work has not come to a complete halt, and so we wanted to show off a couple of pages from the first start wizard. Bear in mind that these aren't mockups, this is the actual running Qt interface:
7. Monero has been added to another exchange, Coin Swap. You can find the market here:
https://coin-swap.net/market/XMR/BTCDev DiaryCore: because of all of the rapid changes that we had to merge into master to deal with the aftermath of the block 202612 attack, we have to bring the development branch in sync. At this stage the development branch should not be considered usable until the rebase is complete.
Build: the big change is FreeBSD compatibility, as mentioned above. A more subtle change is that the build will now first look for miniupnpc on the local system, and use that if found. If it fails to find miniupnpc it will fall back to the local copy.
Build: there is a new Makefile target, release-static, that builds statically linked binaries for redistribution. At this stage it forces 64-bit builds, once we have the embedded database working cleanly we can remove this.
Wallet: per-kb fees are nearly complete, and will be deployed to testnet within the next week or so. Once some thorough testing has been done on testnet we can merge this into master, and transaction fees can return to "normal".
Blockchain: this took a bit of a backseat with the blockchain attacks. Now that things are back to some semblance of normality, the first implementation can be written. We have chosen LMDB for the initial implementation, as this will allow us to rapidly write a Berkeley DB interface based off of it (they use similar APIs) and thus have a baseline for performance comparisons.
Core: all non-critical "errors" and warnings have been moved to log-level 1. As a developer, you may find it useful to run log-level 1 or 2 as your default.
Until next week!
- updated by fluffypony