Author: ZmnSCPxj 2020-08-04 01:38:55
Published on: 2020-08-04T01:38:55+00:00
In this email conversation, Richard expressed his interest in implementing Taproot version of Decker-Russell-Osuntokun (eltoo). He thanked ZmnSCPxj for providing a summary on the differences between ANYPREVOUT vs. ANYPREVOUTANYSCRIPT and their exploitation. Richard then sketched out the protocol to understand it better and raised some questions. ZmnSCPxj clarified that key-path spending could be used for collaborative close to improve privacy. Regarding the 1.5 round trips for MuSig signing session, ZmnSCPxj believed that using the commitments for the next signing session with the current signing session could reduce it to 1.0 round trips. However, a provably-safe 2-round MuSig was being worked on and would be released soon. The signing sessions for settlement and update txes could be performed simultaneously. ZmnSCPxj also clarified that an output had to have a special taproot version to be spent with SIGHASH_ANYPREVOUT or SIGHASH_ANYPREVOUTANYSCRIPT in the script path and not usable with key path spends. Finally, ZmnSCPxj pointed out that the proposed chaperone signatures for SIGHASH_NOINPUT/SIGHASH_ANYPREVOUT back then would not provide much better security in practice.
Updated on: 2023-06-14T02:53:12.890261+00:00