Author: ZmnSCPxj 2022-03-09 14:30:34
Published on: 2022-03-09T14:30:34+00:00
In a recent email exchange, ZmnSCPxj discussed the benefits of cross-input signature aggregation (sigagg) for Bitcoin. Although sigagg has several complexities except when using BLS signatures, which can aggregate everything all the time after the fact noninteractively, it makes sense to have a special aggregated signature that always comes with a transaction or block. ZmnSCPxj suggested that saving bytes by having multiple inputs of a transaction use the same single signature is similar to saving bytes by having multiple inputs of a transaction use the same `scriptPubKey` template. He also pointed out that HTLCs in Bitcoin have 13 bytes if we remove the `OP_PUSH`es and that one could reduce their witness data by 13 bytes minus whatever number of bytes needed to indicate this. This amounts to about 3 vbytes per HTLC, which can be significant enough to be worth it. However, PTLCs remain more space-efficient than HTLCs. The conversation then moved on to the complexities of using covenant features and the risks associated with this approach.
Updated on: 2023-06-15T17:33:04.814140+00:00