this post was submitted on 09 Nov 2023
4 points (75.0% liked)
Monero
1677 readers
28 users here now
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't know where to begin but I'll give it a try:
Statement: ...at present monero-multisignature wallet tech is not 100% ... and would probably make things more complicated and not easier. Response: The easier it is for you to get funds, the easier it is for a hacker to get them, so what's wrong with this.
Statement: Using direct donation payments to devs is not an option for couple of reasons since there will be no oversight on their work / spend hours. Response: It is if done naively, but trivial if each CSS proposal had its own wallet. After validation, final payment can be made by handing over the keys (no transfers required). If there are multiple milestones, make a wallet for each milestone. This will take less time to manage than a big wallet, it would be easier to automate, and be harder on hackers.
Statement: Bitcoin multi-signature is much more tested.... Response 1: And Monero multi-signature will always be less tested if it isn't used. Please "eat your own dog food" (i.e. use Monero the way it should be). When Linux lost access to the proprietary version control the core team was using, Linus wrote his own. It was buggy, but did the job. Because it was used, it was made to work the way the core team needed, and eventually took over the world (i.e. GIT). Use Monero multi-signature so that it becomes better and works the way you need it to work. Response 2: Effectively, the CSS team would be proclaiming "Don't trust a big chuck of funds to Monero. Use Bitcoin".
Statement: I gave plowsof and luigi as example to keep CCS structure as much AS-IS. Response: This is precisely the problem. If there are OP-SEC issues, you can use multisig and all the advanced tech you want but it will not stop the funds being being hacked because tech wasn't the problem. Please see the most recent Monero-Talk with Artic mine for details. Yes, having good OP-SEC is a pain, but rebuilding trust is a lot more expensive. How much do you think the CSS will raise if people don't trust it? Note, the core team might be the most trustworthy people on earth, but if they had poor op-sec, it can happen again. Also, I am extremely trustworthy to a fault, but if someone but if someone put a gun to the head of my family, I don't know if I wouldn't give up the keys to save them.
Could you add your comment(s) to the thread so that they can read them? (I’m not the author of the proposal, only shared a link.)