Published on: 2021-02-18T18:58:54+00:00
In an email conversation, Dr. Maxim Orlovsky and Pieter Wuille discussed the need for a dedicated purpose, or BIP, for BIP340 signatures to avoid key reuse. This would be necessary for a specific way of using keys, such as single-key pay-to-taproot, and for multisig participation. Maxim proposed simplifying this by having a dedicated deterministically-derived hardened key for each use case under a single standard, which would simplify future wallet implementations. However, Pieter pointed out that this doesn't address the more general problem of preventing key reuse in multiple distinct groups of multisig sets. Maxim then proposed a new purpose field supporting all the above: hardened derivation that supports multisigs, single-sigs, etc. The proposal includes a section on how multisigs can be created in a simple and deterministic way without key reuse.Bitcoin Improvement Proposal (BIP) 43 defines a dedicated purpose field for each key derivation and address encoding, including separate purposes for pre-SegWit, SegWit, and multisigs. With the introduction of Schnorr sigs/Taproot outputs, a new purpose is needed. Maxim proposed a solution that supports all previous purposes, making them redundant and simplifying future wallets.During their discussion, Dr. Maxim Orlovsky and Peter Wuille discussed key derivations, security, and key tweaks in the context of Schnorr signatures and Taproot. They emphasized the need for a new BIP-43 based BIP with a new purpose field for keys used in Schnorr signatures. It was advised to never reuse keys for privacy and organizational reasons. Separate keys/derivation branches should be used for different uses to ensure privacy and provable security. Keys used for ECDSA and BIP340 should be separated by a hardened step.Christopher Allen, a co-author of the emerging W3C Decentralized Identifier standard and the BTCR DID method, expressed his interest in supporting the discussion and implementation of the topics discussed by Dr. Maxim Orlovsky and Peter Wuille. He mentioned that some patrons of Blockchain Commons may be willing to financially support reference code related to decentralized identifiers.In a separate email exchange, Dmitry and Maxim discussed the hardening of the testnet path for a proposed project. Dmitry argued against using unhardened paths as it could reduce robustness and add complexity to the test software. Maxim agreed with Dmitry's points but suggested changing the "purpose" part of the path instead of using unhardened paths. The need for private key access to hardened paths in test software was emphasized as expected behavior in production.A proposal emerged from the discussion between Peter Wuille and an unnamed author suggesting the need for a new BIP-43 based protocol with a new purpose field for keys used in Schnorr signatures. The proposal includes introducing a blockchain field to prevent key reuse across blockchains and simplify the use of custom xpub prefixes. The proposal also explores the concept of decentralized login strings as unique user logins or keys for searching user metadata. Multisig wallets creation, authentication, and identity revocations are also discussed in the proposal. Layer-2 and 3 solutions are mentioned to provide users with additional features related to identity meta-information. The proposal was prepared by Dr. Maxim Orlovsky, who is also the engineer behind RGB smart contracts.
Updated on: 2023-08-02T03:04:31.097072+00:00