π
Original date posted:2018-03-21
π Original message:Good morning aj,
βSent with ProtonMail Secure Email.β
βββββββ Original Message βββββββ
On March 21, 2018 7:21 PM, Anthony Towns <aj at erisian.com.au> wrote:
> On Wed, Mar 21, 2018 at 03:53:59AM -0400, ZmnSCPxj wrote:
>
> > Good morning aj,
>
> Good evening Zeeman!
>
> [pulled from the bottom of your mail]
>
> > This way, rather than gathering signatures, we gather public keys for aggregate signature checking.
>
> Sorry, I probably didn't explain it well (or at all): during the script,
>
> you're collecting public keys and messages (ie, BIP 143 style digests)
>
> which then go into the signing/verification algorithm to produce/check
>
> the signature.
Yes, I think this is indeed what OP_CHECK_AGG_SIG really does.
What I propose is that we have two places where we aggregate public keys: one at the script level, and one at the transaction level. OP_ADD_AGG_PUBKEY adds to the script-level aggregate, then OP_CHECK_AGG_SIG adds the script-level aggregate to the transaction-level aggregate.
Unfortunately it will not work since transaction-level aggregate (which is actually what gets checked) is different between pre-fork and post-fork nodes.
It looks like signature aggregation is difficult to reconcile with script...
Regards,
ZmnSCPxj
ZmnSCPxj at protonmail.com [ARCHIVE] /
npub1yhβ¦c9zz5
2023-06-07 18:11:19
in reply to nevent1qβ¦v5hj
Author Public Key
npub1yh98t8wjuhmy7gsf22h3m58e3cs6mpy0sc635wmqdspajae9mymqdc9zz5Seen on
wss://relay.noswhere.comPublished at
2023-06-07 18:11:19Event JSON
{
"id": "f1fe5ca95c0ac05d9bc7ce50d8b50ff6767717879d85ef389f244f049851d141",
"pubkey": "25ca759dd2e5f64f220952af1dd0f98e21ad848f86351a3b606c03d97725d936",
"created_at": 1686161479,
"kind": 1,
"tags": [
[
"e",
"c642cb03cf53d09173f83ef94f54b92b8b7adc0fc71062ee502c68afe8983be5",
"",
"root"
],
[
"e",
"51ee38b3135025e89f66596b84646df5796696b61274d87d9b9a1d9d1bb47b9a",
"",
"reply"
],
[
"p",
"f0feda6ad58ea9f486e469f87b3b9996494363a26982b864667c5d8acb0542ab"
]
],
"content": "π
Original date posted:2018-03-21\nπ Original message:Good morning aj,\n\n\n\n\nβSent with ProtonMail Secure Email.β\n\nβββββββ Original Message βββββββ\n\nOn March 21, 2018 7:21 PM, Anthony Towns \u003caj at erisian.com.au\u003e wrote:\n\n\u003e On Wed, Mar 21, 2018 at 03:53:59AM -0400, ZmnSCPxj wrote:\n\u003e \n\u003e \u003e Good morning aj,\n\u003e \n\u003e Good evening Zeeman!\n\u003e \n\u003e [pulled from the bottom of your mail]\n\u003e \n\u003e \u003e This way, rather than gathering signatures, we gather public keys for aggregate signature checking.\n\u003e \n\u003e Sorry, I probably didn't explain it well (or at all): during the script,\n\u003e \n\u003e you're collecting public keys and messages (ie, BIP 143 style digests)\n\u003e \n\u003e which then go into the signing/verification algorithm to produce/check\n\u003e \n\u003e the signature.\n\nYes, I think this is indeed what OP_CHECK_AGG_SIG really does.\n\nWhat I propose is that we have two places where we aggregate public keys: one at the script level, and one at the transaction level. OP_ADD_AGG_PUBKEY adds to the script-level aggregate, then OP_CHECK_AGG_SIG adds the script-level aggregate to the transaction-level aggregate.\n\nUnfortunately it will not work since transaction-level aggregate (which is actually what gets checked) is different between pre-fork and post-fork nodes.\n\nIt looks like signature aggregation is difficult to reconcile with script...\n\nRegards,\nZmnSCPxj",
"sig": "8a33d9d691cc34f24676f09c70cf57bb89d4a5d0bb7b9767c491bc25c953c172349ccd1bd07d95d3e94a9a450a4848c7d56714864b8bbab5a8b2002f163de405"
}