Author: Peter Todd 2019-08-13 14:15:32
Published on: 2019-08-13T14:15:32+00:00
In a recent email exchange, Bryan Bishop proposed a new multisig scheme where a group can participate with provably-unknown ECDSA keys. Instead of deleting the key, the idea is to agree on a blockheight and then select the blockhash (or some function of the chosen blockhash) as the signature. The group agrees on a transaction and recovers the public key from the signature using ECDSA pubkey recovery. When asked why an entropy source was needed, Peter Todd suggested that hashing anything would be sufficient to create a pubkey with an unknown private key under the standard assumption that hash functions are random oracles. Additionally, he proposed using a random nonce rather than unique pubkeys for better privacy.
Updated on: 2023-06-13T20:51:53.075509+00:00