Pieter Wuille [ARCHIVE] on Nostr: 📅 Original date posted:2021-11-24 📝 Original message:On Wednesday, November ...
📅 Original date posted:2021-11-24
📝 Original message:On Wednesday, November 24th, 2021 at 7:44 AM, Sjors Provoost via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
> Hi Andrew,
>
> I'm confused why PSBT_IN_TAP_BIP32_DERIVATION and PSBT_OUT_TAP_BIP32_DERIVATION
> contain not just the derivation path for the xonlypubkey, but also the tapleaf merkle path.
>
> First I thought it was perhaps necessary in order for a signer to guess which
> script leaves it can sign with its own keys. But you can't really know that without
> actually seeing the script. When a signer looks at a script, it presumably already
> knows the leaf path.
No, that's exactly it. Signers aren't expected to know or understand scripts ahead of time. With a field telling them which keys are present in which leaves, and how those keys are derived, they can sign without fully understanding the script, or needing the ability to parse the relevant script at all. The actual script information is there too of course, for those that do want to analyze it, or factor that into the decision whether to sign or not.
Cheers,
--
Pieter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20211124/30416f16/attachment-0001.html>
📝 Original message:On Wednesday, November 24th, 2021 at 7:44 AM, Sjors Provoost via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
> Hi Andrew,
>
> I'm confused why PSBT_IN_TAP_BIP32_DERIVATION and PSBT_OUT_TAP_BIP32_DERIVATION
> contain not just the derivation path for the xonlypubkey, but also the tapleaf merkle path.
>
> First I thought it was perhaps necessary in order for a signer to guess which
> script leaves it can sign with its own keys. But you can't really know that without
> actually seeing the script. When a signer looks at a script, it presumably already
> knows the leaf path.
No, that's exactly it. Signers aren't expected to know or understand scripts ahead of time. With a field telling them which keys are present in which leaves, and how those keys are derived, they can sign without fully understanding the script, or needing the ability to parse the relevant script at all. The actual script information is there too of course, for those that do want to analyze it, or factor that into the decision whether to sign or not.
Cheers,
--
Pieter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20211124/30416f16/attachment-0001.html>