Author: ZmnSCPxj 2019-01-22 09:19:27
Published on: 2019-01-22T09:19:27+00:00
ZmnSCPxj is intrigued by a mechanism using fixed R values to prevent multiple signatures. However, he wonders how to derive the R values uniquely for each blockheight to create signatures or verify them. One possibility is to use standard hierarchical derivation and require staking pubkey to be revealed as actually being `staking_pubkey = P + hash(P || parent_R) * G`. To sign for a blockheight `h`, one must use their public key `P` and the specific `R` derived from hierarchical derivation from `parent_R` and the blockheight as index.
Updated on: 2023-06-13T16:43:13.716098+00:00