ZmnSCPxj [ARCHIVE] on Nostr: 📅 Original date posted:2019-12-17 📝 Original message: Good morning David, ...
📅 Original date posted:2019-12-17
📝 Original message:
Good morning David, t-bast, and all,
> I'm not aware of any way to currently force single-show signatures in
> Bitcoin, so this is pretty theoretical. Also, single-show signatures
> add a lot of fragility to any setup and make useful features like RBF
> fee bumping unavailable.
With `OP_CAT`, we can enforce that a particular `R` is used, which allows to implement single-show signatures.
# Assuming signatures are the concatenation of (R,s)
<R> OP_SWAP OP_CAT <ACINQ> OP_CHECKSIG
The above would then feed `s` only on the witness stack.
Regards,
ZmnSCPxj
📝 Original message:
Good morning David, t-bast, and all,
> I'm not aware of any way to currently force single-show signatures in
> Bitcoin, so this is pretty theoretical. Also, single-show signatures
> add a lot of fragility to any setup and make useful features like RBF
> fee bumping unavailable.
With `OP_CAT`, we can enforce that a particular `R` is used, which allows to implement single-show signatures.
# Assuming signatures are the concatenation of (R,s)
<R> OP_SWAP OP_CAT <ACINQ> OP_CHECKSIG
The above would then feed `s` only on the witness stack.
Regards,
ZmnSCPxj