Author: Gregory Maxwell 2014-04-04 16:25:14
Published on: 2014-04-04T16:25:14+00:00
In an email thread on April 4th, 2014, Gregory Maxwell and Matt Whitlock discussed a concern over the compatibility of any private key secret sharing scheme with threshold ECDSA. Whitlock acknowledged this concern while pointing out that the BIP (Bitcoin Improvement Proposal) could be used to decompose BIP32 master seeds which can be up to 512 bits in size. Maxwell suggested using a small field for computational efficiency and implementation simplicity reasons, which would also make it easier to deal with different data sizes. He also proposed encoding the encryption optional version rather than BIP32 master keys. Additionally, he suggested Mark Friedenbach's error-correcting capable scheme for armored private key formats, although he noted that a decoding scheme supporting list decoding without increasing complexity would be preferable. Whitlock agreed with Maxwell's suggestions, stating that changing to a small field with a simple implementation and encoding the form with encryption would make it distinct enough from an ECDSA thresholding implementation to avoid redundancy.
Updated on: 2023-05-19T18:26:51.039923+00:00