Delivery-date: Tue, 07 May 2024 01:43:18 -0700 Received: from mail-oa1-f62.google.com ([209.85.160.62]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1s4GPt-0002sH-PO for bitcoindev@gnusha.org; Tue, 07 May 2024 01:43:18 -0700 Received: by mail-oa1-f62.google.com with SMTP id 586e51a60fabf-23c35531224sf2497794fac.3 for ; Tue, 07 May 2024 01:43:17 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715071391; cv=pass; d=google.com; s=arc-20160816; b=Abxn2rOzuPqIgPZFj0h14XG4Ls9V7DEvYYWd6DM5iEgsx5/EDqybl6PyhPss42q1Pb jsF8VpOOgfki7GoMVQw8QXHj2BSD6TvFayDA3/PCaBrk3eJiKa0ltcElsPazk1t1vInl DXHWLQ45ZWuKR684EsozJPwoefDDIlFH7nhZM72rmHVwIaOj77xeIzyyojPA49LD08vo tZtDsOsOr6F2INZGB7w1+kGkufxAFNI6rr0FbsOS1FjuqMlQw4kNNcRqjf8MToCKTc7j WtRZfPRNJrD6Z3voj5CODypQniFqQq/I25Q9BLjX3UvjDlnmIpyRHPxjjG0BzZfoxyQy /A0g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:message-id:user-agent:references :in-reply-to:subject:cc:to:from:date:mime-version:sender :dkim-signature; bh=OAOC1VDcS81EnPqCa+Bm1bbhSpUr5NrSL4jJKByzIPU=; fh=znHqphfH29XGWeezSvHN380q4t23iKE3Nj32ATgrVgE=; b=SHp5PcqQ7FSpUTfvZDJW+UkVmX050SXJaBjAQxGLNQrDGY3jcqm2yGN31e3hbt4W0T NmL2drlK2RokMuBJFb62zZR4vA6rxJUs3su8FrIfG/n5BTVmRIJWm4N53wi0Ol8T/+aM q6ciEUSe9ULV5MyTa1TL3fDzsc2lJIoWuYp5XYbal3/vs+N6pgJtgjr3DStq9EGxkonC PEbgqbSMEY2TYVH6Ap3xRZBZKq78b2IxYDBtysccJedg0QIDcZLmESiJ37pG2oH4ubIk 1M9pe9iayZvgiYbRag6DEkpVEaUOA95ez74uX5nh2RinglxEoD6DgJq6cGGhXYTlxYjz Ri7A==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of dave@dtrt.org designates 2607:fe70:0:3::d as permitted sender) smtp.mailfrom=dave@dtrt.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1715071391; x=1715676191; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:message-id:user-agent:references:in-reply-to :subject:cc:to:from:date:mime-version:sender:from:to:cc:subject:date :message-id:reply-to; bh=OAOC1VDcS81EnPqCa+Bm1bbhSpUr5NrSL4jJKByzIPU=; b=RCMYprivyBWI0oREO/6ClCtFoqpzxn7PdMeqGrTVjPMokxMzOIujCEmypoFNEq416B obEHLutYPevQAJa6iCA7ZPve0WDK0afFzOgsRPDvmNolxQ3+SUh1t/sRO8VLM4Rw8gQ2 Cnb/zPNf3pEezckEpilBgrtvr2ym7N+9l/gFdG/yMqSXx9t9bC7BUWAZvOwdJ25uJ/mV Qs9FIMjirHiVUv5mYMevHMUNMZRpULdr83Do7S7d/K+gX4l43JSg62upnwgP5p9pv8E4 l6x7uNRgLRGTxEJWrq80RjHQ1PJ3EdzvqXz+p6TWGyrbWyJ8MLuO16g2YfofrzTZ+xrw cb4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715071391; x=1715676191; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:message-id:user-agent:references:in-reply-to :subject:cc:to:from:date:mime-version:x-beenthere:x-gm-message-state :sender:from:to:cc:subject:date:message-id:reply-to; bh=OAOC1VDcS81EnPqCa+Bm1bbhSpUr5NrSL4jJKByzIPU=; b=YXrQbsQtg5mTN5CI+eiLOUiorw1xfB2HpNt/EZSbs9+WZyOSDO7e40klBfDpgSWWqm 3EhcziTwMm5nbZ8CHZ8vh41EORsM+eWrIt3qYmNcWDMNn1NJVlLXJn2LyItadCy0k9lj yjlZqHCui6rel9P4Wv0SfmDYtVL/pIBJ3o4EDSEvOTYgaghnpHqSAqiCdtVZaVxi2aq6 50kGRB+N/XAA1w54Y71ZDB3pLwmbATTskElvNLrxJrQp0i9C6cQqbRe6H1onHMruMg9L E8UlJ8ccu2vHqGXOZ6bDo5KsjC8boLOeclcsEnLeo3nq4puHkzMF110ksz9f/pxxN04r Om0A== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCUlFVJddmuqElKrF5gCyHG++AJ0troFznyMX5Hk7sJyCHEfpLTqLL1Jcsgp0wSMFtbDpaBK7z3Git72oQdz5KnevaJDtLI= X-Gm-Message-State: AOJu0YzqVGjJjabv3W/OWxC0jwL6sTSVEEhSXSenFxklN64WMvw3JwjI 2TYlMTD9TCFXJdtr4UzNCSJFAgT5F6vd1pUS/AQiTgMmyHuviM/G X-Google-Smtp-Source: AGHT+IFbnCuGTvtvHGnpaJexQ7eZz76CwBY2QOJJoopm/rKtGT+nFiAxx54jfTR/K47lTB96JrH6bA== X-Received: by 2002:a05:6870:414a:b0:23f:a97d:20ae with SMTP id r10-20020a056870414a00b0023fa97d20aemr4763521oad.23.1715071391098; Tue, 07 May 2024 01:43:11 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:a05:6870:1808:b0:23b:4898:e31b with SMTP id 586e51a60fabf-23dcf7e12fbls1024334fac.0.-pod-prod-08-us; Tue, 07 May 2024 01:43:09 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCX4Q+J7jB+QbANC92mRGttrqD8oNDjJvJPa55Qk3xKPg3IH60BxLbUtU6R/X1crLGyB7BhDfgzn9FFMJ9j0jHBBHM8z0I50SapkAVA= X-Received: by 2002:a05:6808:1996:b0:3c8:4964:cc9f with SMTP id bj22-20020a056808199600b003c84964cc9fmr38898oib.0.1715071389683; Tue, 07 May 2024 01:43:09 -0700 (PDT) Received: by 2002:a05:6808:18a4:b0:3c8:63a7:bea with SMTP id 5614622812f47-3c959b72cefmsb6e; Mon, 6 May 2024 21:11:54 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWMYcElCzABNFNvfr0qYeQs0LlSRnSu+arUzxKnd7lx+vH8B4R31S8/QgjD8WX87s9Mj1QdFE3p6fy5+ld+xMs8T65kSHYT4H93c/U= X-Received: by 2002:a05:6a20:96ce:b0:1ad:878:5006 with SMTP id hq14-20020a056a2096ce00b001ad08785006mr9664176pzc.14.1715055113527; Mon, 06 May 2024 21:11:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1715055113; cv=none; d=google.com; s=arc-20160816; b=EwP2M4LPC0oOwn1SwcYCDmkBQAksuT62HwHoWQRbpZzUI8c6iyWbupbStcWqkRp9++ s1tNSMI/K0W3d2r1i2wSqAX98boDYnB1noEoqo56A05iwsuJJuig2kmxNma2MbZtI62O jUzs4egdjqqwgckgckPwigga6+NGO1AVRLZAZutFY7IXSZWirZcXFN5vMvqh7fw4vx2Q p3E3x6VnfA5NvzBX4R6b+lOSWUtfXeN8QbkOWp8ZpF0J/bI8CJfG7NYgD8IgTHwTBR84 Qdb4LDX0K7AGV54225ZqcjF4LcflhxbuBK9W5XU8F+XMTnrYpY8O4UGh7wIpKaS4ZWyB KiDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:message-id:user-agent:references :in-reply-to:subject:cc:to:from:date:mime-version; bh=N533n4BxoHvBIvHQBtIMMPFl1LStkuiabO69A1P65Ug=; fh=7X/T3vDOuSsw+eb9K8ToPWxv0dJ42tB8e+eDY0O9f90=; b=bBDfTsRRkq57eKYAldMsWteNKVowl+4WO5D40pMs25PhSb5BHvQICEdzlyaEyIw/TB Bo/y/XbP7BZX9AXnQCAn2RbJzYqos2yx6APsmYx6qXD4Jk/syTraOy9v6ayR0AvJayZP f9XRWc/YgqMX35PdK+jiR6XVMlM77w0Qk7jQRWVJ29dkZh1UqlwaPnWcf2t/bhjLPls4 Mg6YdSmtg/WGq+y4EK2O4JoD9JKNtzeRHF086tN3O4cykCBk5kvcsLnHuLHsc0eEDZMw ilpaErszTclWIXI85nCZjcow8gU8N/TQliV532wWXm3kFOTOgLtwkfgFQ+yTuVE4FkEp 9IDA==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of dave@dtrt.org designates 2607:fe70:0:3::d as permitted sender) smtp.mailfrom=dave@dtrt.org Received: from smtpauth.rollernet.us (smtpauth.rollernet.us. [2607:fe70:0:3::d]) by gmr-mx.google.com with ESMTPS id 98e67ed59e1d1-2b5d4eac65csi70343a91.0.2024.05.06.21.11.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 21:11:53 -0700 (PDT) Received-SPF: pass (google.com: domain of dave@dtrt.org designates 2607:fe70:0:3::d as permitted sender) client-ip=2607:fe70:0:3::d; Received: from smtpauth.rollernet.us (localhost [127.0.0.1]) by smtpauth.rollernet.us (Postfix) with ESMTP id 5A61C280087F; Mon, 6 May 2024 21:11:49 -0700 (PDT) Received: from webmail.rollernet.us (webmail.rollernet.us [IPv6:2607:fe70:0:14::a]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by smtpauth.rollernet.us (Postfix) with ESMTPSA; Mon, 6 May 2024 21:11:48 -0700 (PDT) MIME-Version: 1.0 Date: Mon, 06 May 2024 18:11:48 -1000 From: "David A. Harding" To: Andrew Poelstra Cc: Matthew Zipkin , Ethan Heilman , Bitcoin Development Mailing List Subject: Re: [bitcoindev] Signing a Bitcoin Transaction with Lamport Signatures (no changes needed) In-Reply-To: References: <47711dc4ffe9d661e8321b05b6adab4e@dtrt.org> User-Agent: Roundcube Webmail/1.4.15 Message-ID: <93b8ed39b0aa3955eb9cb99f9fc5aae9@dtrt.org> X-Sender: dave@dtrt.org Content-Type: text/plain; charset="UTF-8"; format=flowed X-Rollernet-Abuse: Contact abuse@rollernet.us to report. Abuse policy: http://www.rollernet.us/policy X-Rollernet-Submit: Submit ID 2c37.6639aa04.e5e0d.0 X-Original-Sender: dave@dtrt.org X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of dave@dtrt.org designates 2607:fe70:0:3::d as permitted sender) smtp.mailfrom=dave@dtrt.org Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.8 (/) On 2024-05-06 09:06, Andrew Poelstra wrote: > You can implement ECDSA. It will just take a *lot* of opcodes. I'll accept that as a given, but how do you know that a given ECDSA signature actually commits to the transaction that contains it if OP_CHECKSIG only operates on fixed-size schnorr signatures? Is this what you're describing: if the controlling signature is a lamport signature that commits to an ECDSA signature, it's safe to disclose the private key for the ECDSA signature; when you don't have to worry about private key disclosure, it's safe to construct a schnorr signature that uses the same private key, nonce, and message commitment as the ECDSA signature; if that schnorr signature makes OP_CHECKSIG return true, then you know the message is the current transaction? That still leaves me confused. If ECDSA can be implemented within tapscript, then I would expect that schnorr could also be implemented within tapscript; that gives you an OP_CSFS equivalent. If being able to implement ECDSA in tapscript allows introspection, then I would expect implementing schnorr in tapscript would allow introspection; that gives you an OP_CAT equivalent. If you have OP_CSFS and OP_CAT, you have covenants and there's no need for lamport signatures or ECDSA. Apologies for my remaining confused in the face of something that's probably obvious, -Dave -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/93b8ed39b0aa3955eb9cb99f9fc5aae9%40dtrt.org.