Author: Andrew Poelstra 2018-03-21 12:45:21
Published on: 2018-03-21T12:45:21+00:00
In a recent email thread on the bitcoin-dev mailing list, Anthony Towns proposed that an upgrade to Bitcoin should focus solely on Schnorr signatures, Taproot, MAST and re-enabling opcodes instead of interactive signature aggregation. Andrew Poelstra agreed, noting that aggregate signatures complicate blind signature protocols such as partially-blind swaps. This is because they break the assumption that "one signature can spend at most one UTXO," meaning that blind signers cannot determine how many coins they are authorizing with a given signature, even if they have ensured that the key they are using only controls UTXOs of a fixed value. Poelstra suggests this issue could be resolved with creative use of zero-knowledge proofs, but highlights the complexity of signature aggregation compared to other upgrades.
Updated on: 2023-06-13T01:05:57.011671+00:00