oxen-core
oxen-core copied to clipboard
oxen-io
Oxen seems to be affected by the same issue with the decoy selection algorithm that Monero is also affected by
Since oxen-core was forked from monero-core, it looks like Oxen is affected by the recently found issue with Monero's decoy selection algorithm as well: https://twitter.com/monero/status/1419852036913475587 https://github.com/monero-project/monero/issues/7807 https://github.com/monero-project/monero/blob/de3456e1275836725291ba71036b7ef0e2cda91f/src/wallet/wallet2.cpp#L1010-L1034 https://github.com/oxen-io/oxen-core/blob/dev/src/wallet/wallet2.cpp#L898-L922
Monero hasn't implemented a fix for this yet afaik, but when they do I would recommend that Oxen implements the fix as well.
That's great to hear! Monero seems to consider two possible fixes apparently, but there are apparently some issues with transaction uniformity, so it requires careful consideration in order to not break more than would be fixed: https://github.com/monero-project/monero/pull/7798 https://github.com/monero-project/monero/pull/7821
It's also worth pointing out two other Oxen-specific things here:
- Monero is particularly strongly affected by this because of its high recent output volume (and the calculated time between outputs is made worse by the 7798 bug, which truncates 1.9 seconds between outputs to just 1 second between outputs for the calculation). We're probably more like 30 seconds between outputs (very rough guess), which makes these issues much less urgent.
- We will also have to revisit this selection code already with reblink, because with reblink we will not only have no lock period, but we can even have transactions that reference each other within the same block--which means decoy selection now has to (sometimes) select from any blink txes in the mempool.