What is Nostr?
llfourn / Zero-Knowledge Goof
npub1xh8…gst6
2024-08-06 00:14:06
in reply to nevent1q…7nsm

llfourn on Nostr: If the attacker has the xpub then it's definitely much easier and it should be ...

If the attacker has the xpub then it's definitely much easier and it should be possible in one sig. Your aglo looks right. You can also do it in a single address reuse.

https://x.com/LLFOURN/status/1733992948294181299

The reason we thought this attack was notable and worth disclosing is that it doesn't depend whatsoever on the user's behavior or precautions (i.e. not giving out xpubs).
Author Public Key
npub1xh897wvhn93tda0zws94mdyc7eagc8qm0798clp7x48zh6kjwazq29gst6