Now that fcmp++ has been delayed, will we see an ospead fix?
Discussion
Why delay?
They are using some new experimental math called divisors which they needed to do additional security audits on. Divisors make the fcmp++ transaction sizes smaller and more efficient from what I understand.
Interestingโฆ
Thank you I appreciate the response!
OSPEAD (Optimal Ring Signature Research) is a recent study (April 2025) that measures anonymity efficiency and detected a risk: the attacker could guess the anonymous signature in 1 out of 4.2 cases instead of 1/16.
But beware: this is only a theoretical finding. So far, an "ospead fix" has not been implemented, because it would involve a hard fork, and the intention is to resolve it in a more comprehensive way with FCMP++.
So:
OSPEAD illustrates a real vulnerability in the selection of decoys, but there is still no technical solution in production.
The definitive solution will be part of FCMP++, which will robustly solve the modeling and privacy issues (and will arrive when the code is fully audited and tested).
Do you think the community will just wait it out for fcmp++ or does the delay justify a hard fork sooner for improving ring signatures like mentioned in the ospead report, before fcmp++ gets implemented?
Fork it
This ๐๐ป
"OSPEAD illustrates a real vulnerability in the selection of decoys, but ๐ญ๐ก๐๐ซ๐ ๐ข๐ฌ ๐ฌ๐ญ๐ข๐ฅ๐ฅ ๐ง๐จ ๐ญ๐๐๐ก๐ง๐ข๐๐๐ฅ ๐ฌ๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง ๐ข๐ง ๐ฉ๐ซ๐จ๐๐ฎ๐๐ญ๐ข๐จ๐ง.
๐๐ก๐ ๐๐๐๐ข๐ง๐ข๐ญ๐ข๐ฏ๐ ๐ฌ๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง ๐ฐ๐ข๐ฅ๐ฅ ๐๐ ๐ฉ๐๐ซ๐ญ ๐จ๐ ๐ ๐๐๐++, which will robustly solve the modeling and privacy issues (and will arrive when the code is fully audited and tested)."