Author: Lloyd Fournier 2023-05-08 04:37:48
Published on: 2023-05-08T04:37:48+00:00
In an email exchange between AdamISZ and Lloyd Fournier, they discussed the usefulness of single signer adaptors. While Fournier had previously claimed that they were useless as they did not provide a way to create enforcement that the publication of signature on a pre-defined message will reveal a secret, AdamISZ disagreed. He argued that if he held a secret key for X and created a signature adaptor with some encryption key Y with message m and did not create any further signatures (adaptor or otherwise) on m, then any signature on m that is published necessarily reveals the secret on Y to him. This property is useful in theory and practice. Fournier was confused by AdamISZ's statement and asked for clarification on what he meant by "any signature on m that is published reveals y." AdamISZ elaborated that if only one adaptor signature is generated on m and no other signatures on m are created, then a signature on m that appears under the key would reveal y to him. Fournier thought that the confusion might be about the DLC construct, which is analogous to single key Schnorr. However, AdamISZ clarified that he was not referencing the DLC oracle attestation protocol but was pointing out that DLC client implementations have been using single signer adaptor signatures as signature encryption in practice for years for transaction signatures. There are even channel implementations using them as well as atomic swaps doing this, making them a pretty useful thing.
Updated on: 2023-06-16T18:07:56.216953+00:00