Author: Daniel Edgecumbe 2018-02-22 19:44:21
Published on: 2018-02-22T19:44:21+00:00
A non-interactive schnorr aggregation trick can be used to merge the S values of all graftroots and signatures in a transaction into a single aggregate. This reduces the overhead to ~32 bytes, which is the same as taproot's overhead. The published grafts are then bound to a particular transaction, which could help avoid some mistakes. However, the binding of grafts to a specific transaction might not require this aggregation. It may be possible to sign H(txid, script) instead of H(script). Its impact on aggregation is unknown.
Updated on: 2023-06-13T00:24:13.048321+00:00