📅 Original date posted:2023-07-26 🗒️ Summary of this message: The scheme for ...

Tom Trevethan [ARCHIVE] /

npub1axs…yw7n

2023-07-27 00:26:34

in reply to nevent1q…kg40

📅 Original date posted:2023-07-26
🗒️ Summary of this message: The scheme for blinding the challenge works well and doesn't require modifying the aggregated pubkey. The receiver of a statecoin would verify the signatures and transactions.
📝 Original message:
@moonsettler

Your scheme for blinding the challenge (e in your notation) works as far as
I can tell. It is better than the way I suggested as it doesn't require
modifying the aggregated pubkey (and the blinding nonce can be different
for each signature).

@AdamISZ and @Jonas

It is not necessarily the server that would need to verify that the
challenge is 'well formed', but the receiver of a statecoin. The concept of
having a blinded statechain server is that each signature generated for a
shared public key must be verified by the receiver of the corresponding
coin. So a receiver would retrieve the number of co-signings performed by
the server (K) and then verify each of the K signatures, and K transactions
that they have received from the sender. They can additionally verify that
each of the K R values has been correctly formed with a proof of secret
value for creating R2 (along with the R1 from the server).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20230726/28eeeab3/attachment-0001.html>;

Author Public Key

npub1axshsyxsl3vasj4z9549rvwdvhjmh52fw0ayj3ghtmdezx8cnuxqlwyw7n

Seen on

Show more details

Published at

2023-07-27 00:26:34

Kind type

1 Short Text Note

Event JSON

{ "id": "dd5699e74c726bc70651daa1d5b82e40ee899bb86eb932e99fc6e2f97173cd25", "pubkey": "e9a17810d0fc59d84aa22d2a51b1cd65e5bbd14973fa4945175edb9118f89f0c", "created_at": 1690417594, "kind": 1, "tags": [ [ "e", "961d711feb21f391e929fc93a5451f3654c2d8c47ecb46ca44c4b148516657b4", "", "root" ], [ "e", "7792a36e445e89366b691701dff54b5240ebcc443aa8f8114f6af1721009ae3f", "", "reply" ], [ "p", "9aea8afdad20bf625005d962b4f7490065bbc193226d24c1a04c6303f4de9637" ] ], "content": "📅 Original date posted:2023-07-26\n🗒️ Summary of this message: The scheme for blinding the challenge works well and doesn't require modifying the aggregated pubkey. The receiver of a statecoin would verify the signatures and transactions.\n📝 Original message:\n@moonsettler\n\nYour scheme for blinding the challenge (e in your notation) works as far as\nI can tell. It is better than the way I suggested as it doesn't require\nmodifying the aggregated pubkey (and the blinding nonce can be different\nfor each signature).\n\n@AdamISZ and @Jonas\n\nIt is not necessarily the server that would need to verify that the\nchallenge is 'well formed', but the receiver of a statecoin. The concept of\nhaving a blinded statechain server is that each signature generated for a\nshared public key must be verified by the receiver of the corresponding\ncoin. So a receiver would retrieve the number of co-signings performed by\nthe server (K) and then verify each of the K signatures, and K transactions\nthat they have received from the sender. They can additionally verify that\neach of the K R values has been correctly formed with a proof of secret\nvalue for creating R2 (along with the R1 from the server).\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20230726/28eeeab3/attachment-0001.html\u003e", "sig": "173f938ff878d62e53ca31ed0d2836408d0a9531dea74ec3cbdfd5fa233e1cae92678f00f1713d9ca98aafa6285ea9245a0613faff0b17fbddff368b8c70c8e5" }