Author: Andrew Poelstra 2021-03-15 23:12:18
Published on: 2021-03-15T23:12:18+00:00
Luke Dashjr, a Bitcoin developer, raised concerns about the proposal to make use of raw keys public prior to spending in Taproot. He stated that there would be no gain from this and that the same features could be implemented using hashed keys instead. However, Andrew Poelstra, Director of Research at Blockstream, pointed out that there would be significant savings in CPU time and bandwidth. He also noted that exposing keys allows for ring signatures over outputs, creating the ability to do private proof of funds via Provisions. Despite this, Luke Dashjr still suggested adding a hash on top as an additional softfork to fix this issue, but Andrew Poelstra argued that doing so would make Bitcoin strictly worse. In response to Pieter's argument that 37% of the supply is at risk due to the reuse of Bitcoin invoice addresses, Andrew Poelstra stated that the real number is close to 100% because every address derived using BIP32 should be assumed compromised to a QC attacker. He also highlighted that Taproot keys, when used according to the recommendation in BIP-0341, are already hashes of their internal keys, providing better quantum resistance than legacy outputs. Therefore, adding another hash would be strictly redundant.
Updated on: 2023-06-14T19:32:55.484346+00:00