IMO, there is no benefit to an additional message signing standard, especially
one that doesn't address the problems with the current standard or (at
present) BIP322.
In that case, I propose the following:
- I scrap the Taproot/Schorr and the two extensions inside the BIP, which will leave it with only parts and formats which have already been standardized (effectively, the legacy and segwit addresses).
Because here's the thing: The reason why wallets are not implementing sign/verify correctly is because there is no reference manual for doing so. This informational BIP is supposed to solve that problem by providing only a list of instructions for computing ECSDA sign/verify correctly.
Also, it is not visible right now, but there will also be a reference implementation so that wallet developers can actually code them correctly, as you've stated.
- Ali
On Fri, Aug 5, 2022 at 9:51 AM, Luke Dashjr <luke@dashjr.org> wrote: On Friday 05 August 2022 04:05:56 Ali Sherief wrote:
> Yeah, I have a specific reason to advance this first (emphasis on the word
> first).
>
> I briefly mentioned in the BIP that BIP322 has superior message
> verification capabilities. This is true, but it suffers from the drawback
> that wallets are not using it.
Likely because it is a draft and incomplete.
> Message signatures are highly relied upon in some places (just to name a
> few, at many mining pools e.g. Slushpool, and the Bitcointalk forum),
I'm not aware of any using the current message signatures _correctly_.
Note they are not useful for proving that you sent a transaction, nor have the
ability to send a transaction or access to bitcoins.
> This BIP is kind of like a "bumper car", in that it forces compliance with
> previous BIPs that extend the message signing format, in particular BIP137.
BIPs can't force anything, they're just documentation.
IMO, there is no benefit to an additional message signing standard, especially
one that doesn't address the problems with the current standard or (at
present) BIP322.
Luke