Hello All, I have made a pull request based on the discussion currently. Please move discussion there. https://github.com/bitcoin/bips/pull/801 Thanks, Jonathan 2019年6月29日(土) 17:11 Jonathan Underwood : > Even if the difference is apparent outside the signed data (in the > output). Signing the data explicitly is more secure. > > ie. if some sort of vulnerability / way to break this system for 1-of-1 > multisig is found, someone who signed a single sig xpub whitelist will not > be exposed. > > 2019年6月29日(土) 13:43 Dmitry Petukhov : > >> В Sat, 29 Jun 2019 09:19:41 +0900 >> Jonathan Underwood пишет: >> >> > > Other note: you have 'unused' value of 1 for `m` in your scheme, why >> > > not require m=1 for single-sig case, and use 0 as indicator that >> > > there are a serlal number following it? >> > > >> > >> > 0x00 is single sig, aka, OP_CHECKSIG >> > >> > 0x01 is multisig, aka, 1-of-3, 1-of-2 OP_CHECKMULTISIG >> >> This informatin is available in per-output redeem/witness script, >> signer will be able to distinguish between multisig/single-sig by >> looking at this script. I think it only need to know the total number >> of keys participating in the signing, and check that this number >> matches the particulars of redeem/witness script. >> > > -- ----------------- Jonathan Underwood ビットバンク社 チーフビットコインオフィサー ----------------- 暗号化したメッセージをお送りの方は下記の公開鍵をご利用下さい。 指紋: 0xCE5EA9476DE7D3E45EBC3FDAD998682F3590FEA3