What is Nostr?
Jonas Nick [ARCHIVE] /
npub1at3ā€¦3z5a
2023-06-07 23:04:32
in reply to nevent1qā€¦d6c4

Jonas Nick [ARCHIVE] on Nostr: šŸ“… Original date posted:2022-02-18 šŸ“ Original message:On the topic of half ...

šŸ“… Original date posted:2022-02-18
šŸ“ Original message:On the topic of half aggregation, Chalkias et al. gave a convincing security
proof last year:
https://eprint.iacr.org/2021/350

As an aside, half aggregation is not exactly the scheme in the OP because that
one is insecure. This does not affect Zmn's conclusion and was already
pointed out in the original half aggregation thread:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014306.html

It is required that each of the "s"-values are multiplied with a different
unpredictable value, for example like this:
https://github.com/ElementsProject/cross-input-aggregation/blob/master/slides/2021-Q2-halfagg-impl.org#schnorr-signature-half-aggregation-1
Author Public Key
npub1at3pav59gkeqz9kegzqhk2v4j4r435x42ytf23pxs8crt74tuc8s2y3z5a