Author: Jeremy 2019-06-23 06:43:22
Published on: 2019-06-23T06:43:22+00:00
On a Bitcoin-dev mailing list, Anthony Towns suggested using an ANYPREVOUT sighash to simulate OP_SECURETHEBAG. This would require calculating a signature sig = Schnorr(P,m) for some pubkey P and making the script "CHECKSIG". However, this loses the ability to commit to the number of inputs or restrict the nsequence of other inputs, and requires a bigger script (sig and P are ~96 bytes instead of X's 32 bytes). To construct "X" via script instead of hardcoding a value, one could use CAT, LEFT, and RIGHT.
Updated on: 2023-06-13T19:11:22.425128+00:00