From: Anthony Towns <aj@erisian•com.au>
To: Andrew Chow <lists@achow101•com>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Proposed BIP for MuSig2 PSBT Fields
Date: Thu, 12 Oct 2023 09:47:58 +1000 [thread overview]
Message-ID: <ZSc0Luwg3rpNvkfJ@erisian.com.au> (raw)
In-Reply-To: <c3aad7de-ec6d-407a-b33e-b52663523ef7@achow101.com>
On Tue, Oct 10, 2023 at 10:28:37PM +0000, Andrew Chow via bitcoin-dev wrote:
> I've written up a BIP draft for MuSig2 PSBT fields. It can be viewed at
> https://github.com/achow101/bips/blob/musig2-psbt/bip-musig2-psbt.mediawiki.
I was hoping to see adaptor signature support in this; but it seems that's
also missing from BIP 327? Though libsecp256k1-zkp has implemented it:
https://github.com/BlockstreamResearch/secp256k1-zkp/blob/master/include/secp256k1_musig.h
(adaptor arg to process_nonce; adapt, and extract_adaptor functions)
https://github.com/BlockstreamResearch/secp256k1-zkp/blob/master/src/modules/musig/musig.md#atomic-swaps
I would have expected the change here to support this to be:
* an additional field to specify the adaptor, PSBT_IN_MUSIG2_PUB_ADAPTOR
(optional, 33B compressed pubkey, 32B-hash-or-omitted), that signers
have to take into account
* an additional field to specify the adaptor secret,
PSBT_IN_MUSIG2_PRIV_ADAPTOR (32B), added by a Signer role
* PartialSigAgg should check if PUB_ADAPTOR is present, and if so,
incorporate the value from PSBT_IN_MUSIG2_PRIV_ADAPTOR, failing if
that isn't present
(Note that when using adaptor signatures, signers who don't know the
adaptor secret will want to ensure that the partial signatures provided by
signers who do/might know the secret are valid. But that depends on the
protocol, and isn't something that can be automated at the PSBT level,
I think)
Seems like it would be nice to have that specified asap, so that it can
be supported by all signers?
FWIW, "participant" is typoed a bunch ("particpant") and the tables are
hard to read: you might consider putting the description as a separate
row? eg:
https://github.com/ajtowns/bips/blob/202310-table/bip-musig2-psbt.mediawiki
Cheers,
aj
next prev parent reply other threads:[~2023-10-11 23:48 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-10 22:28 Andrew Chow
2023-10-11 23:47 ` Anthony Towns [this message]
2023-10-11 23:59 ` Andrew Chow
2023-10-12 7:39 ` Anthony Towns
2023-10-12 7:43 ` Jonas Nick
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZSc0Luwg3rpNvkfJ@erisian.com.au \
--to=aj@erisian$(echo .)com.au \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=lists@achow101$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox