Hi, everybody! (Hi, Dr. Noether!) It's your pal Sarang here to deliver my monthly report for September. Even though it might get old, I never tire of offering sincere thanks to the entire community for your support of my research and the Monero Research Lab in general. We work to improve the project and provide value through research and development.
There are few big and flashy accomplishments to tout this month, but a number of small additions to our growing base of knowledge. My repository contains updated technical notes on dual-key ring signatures and an easy set-theoretic representation of spent outputs that you may find interesting. The goal of the first paper is to examine new fundamentals that could be useful in off-chain applications. The goal of the second is to provide a simple generalization of output blackballing.
As the clock ticks down on our network upgrade, optimizations and updates continue. Some of these will be included in later releases due to timing. An updated scalar inversion algorithm removes our reliance on OpenSSL libraries, and we now have a simple and efficient batching approach to these operations for use in Bulletproofs, for example.
I was interested to understand use cases for view keys, and ways in which a user could safely provide balance information without compromising knowledge of spent outputs. New approaches that were examined all had major issues with efficiency and knapsack-style information leakage, leading me to conclude that our current method of balance proof (providing an auditor with your view key and signed key images) provides approximately the same attack surface as potential alternatives. There are certainly valid arguments for wishing to provide outgoing transaction information for transparency if a user wishes, and I hope we can identify better solutions in the future.
My next funding round, which covers full-time research for the rest of this calendar year, has completed. Work for the next few months will be varied and includes several larger projects that I've been working on throughout this funding period as well. One is to complete a feasibility study for sublinear ring signatures with operational prototype code; this was delayed by other more pressing projects, but I am returning to it in order to solve some lingering computational problems. Another is to determine useful applications of Bulletproofs to Monero-specific zero-knowledge statements, which would require quite a bit of new code to handle this more general approach to the proving system. A third is some new work into graph-theoretical representations of ring signatures, which may provide us useful adversarial heuristic information and help us better understand what approaches an adversary might take to distinguish particular transactions. Each of these is a large and complex area of study, but this is the purpose of the Lab!
As always, I welcome comments and questions regarding this research. Monero continues to thrive because of community dedication and support. Onward!