Erik Aronesty [ARCHIVE] on Nostr: π Original date posted:2018-09-13 π Original message:The paper refers to ...
π
Original date posted:2018-09-13
π Original message:The paper refers to either:
a) building up threshold signatures via concatenation, or. implicitly -
in Bitcoin -
b) by indicating that of M of N are valid, and requiring a validator to
validate one of the permutations of M that signed - as opposed to a scheme,
like a polynomial function, where the threshold is built in to the system.
Maybe there's another mechanism in there that I'm not aware of - because
it's just too simple to mention?
- Erik
On Thu, Sep 13, 2018 at 2:46 PM Andrew Poelstra <apoelstra at wpsoftware.net>
wrote:
> On Tue, Sep 11, 2018 at 01:37:59PM -0400, Erik Aronesty via bitcoin-dev
> wrote:
> > - Musig, by being M of M, is inherently prone to loss.
> >
>
> It has always been possible to create M-of-N threshold MuSig signatures
> for any
> M, N with 0 < M β€ N. This is (a) obvious, (b) in our paper, (c)
> implemented at
>
>
> https://github.com/apoelstra/secp256k1/blob/2018-04-taproot/src/modules/musig/main_impl.h
>
> --
> Andrew Poelstra
> Research Director, Mathematics Department, Blockstream
> Email: apoelstra at wpsoftware.net
> Web: https://www.wpsoftware.net/andrew
>
> "Make it stop, my love; we were wrong to try
> Never saw what we could unravel in traveling light
> Nor how the trip debrides like a stack of slides
> All we saw was that time is taller than space is wide"
> --Joanna Newsom
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180913/88497b38/attachment.html>;
π Original message:The paper refers to either:
a) building up threshold signatures via concatenation, or. implicitly -
in Bitcoin -
b) by indicating that of M of N are valid, and requiring a validator to
validate one of the permutations of M that signed - as opposed to a scheme,
like a polynomial function, where the threshold is built in to the system.
Maybe there's another mechanism in there that I'm not aware of - because
it's just too simple to mention?
- Erik
On Thu, Sep 13, 2018 at 2:46 PM Andrew Poelstra <apoelstra at wpsoftware.net>
wrote:
> On Tue, Sep 11, 2018 at 01:37:59PM -0400, Erik Aronesty via bitcoin-dev
> wrote:
> > - Musig, by being M of M, is inherently prone to loss.
> >
>
> It has always been possible to create M-of-N threshold MuSig signatures
> for any
> M, N with 0 < M β€ N. This is (a) obvious, (b) in our paper, (c)
> implemented at
>
>
> https://github.com/apoelstra/secp256k1/blob/2018-04-taproot/src/modules/musig/main_impl.h
>
> --
> Andrew Poelstra
> Research Director, Mathematics Department, Blockstream
> Email: apoelstra at wpsoftware.net
> Web: https://www.wpsoftware.net/andrew
>
> "Make it stop, my love; we were wrong to try
> Never saw what we could unravel in traveling light
> Nor how the trip debrides like a stack of slides
> All we saw was that time is taller than space is wide"
> --Joanna Newsom
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180913/88497b38/attachment.html>;