Return-Path: <earonesty@gmail.com> Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 6E64DC9E for <bitcoin-dev@lists.linuxfoundation.org>; Thu, 13 Sep 2018 20:20:53 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id B41FC7EB for <bitcoin-dev@lists.linuxfoundation.org>; Thu, 13 Sep 2018 20:20:52 +0000 (UTC) Received: by mail-wm1-f43.google.com with SMTP id b19-v6so88478wme.3 for <bitcoin-dev@lists.linuxfoundation.org>; Thu, 13 Sep 2018 13:20:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=q32-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=va1SfLiSNWtBbQZBistDHDjxcqcnmdcF+43E35NBpvg=; b=cOTDcEvRnuco4Tly1Jpe3AjHTW/5ZjIvhVWTj/ZwU9MHMbhy5lWnh+unVKSmRg9xgE ick2rTh8zd1oExJ0A0M0vfrW6IyE2BOsRpVd3Au+4xCeF/0QTPCC89IXHyZxChJQjXKK 6UDMxenRbkQK8ADNoVzoMeh484HagxfoEekAj8Pmi1sJauY4v67DTzGexyiUfeyzTyuC JmLeDtZsVafbpQdf6Gq6N1fyeRhLwQ8nVo9IcwUISJ5qewCuj0S21/3iRJPf23qmTXD6 3g9fZ1Pxq1ZUyOHJsBiyHFs9aTtUezGVNwoObpgGSNBi28NG8xN4c1wX+4I/hLzSiCng GSbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=va1SfLiSNWtBbQZBistDHDjxcqcnmdcF+43E35NBpvg=; b=ra7mJ/LZtPY2XdOE/b5D6rsg+ysHUXFiw286F52lbk54XBxglNuD+KZ/kJC7rpKKZw ZI1lFc3hgtkT+s45fcesc4b2eUyG9Ow1Sx19cTJa5atXZDYmckHlE935OpP9X15jFTur oflFzkhWMPpQ+1iAM14CYAujP4aeRnwwDsUcQwjSXmub/M/k5V4vqIWFUr/VhX6boxrs AE11aZoRnnOQBoVE9Sffl4ycrPee7TY7fgs+a+ECoA/NEctJnATHIhYRB+7e0JRAsYem tn+172bAb75O8FqnPYTI1OZWVyOuefNpRzRxmgCiSR5vziTwPk+fvkf45gcwrwlJhKbo MWcg== X-Gm-Message-State: APzg51Dg9SO/SCNVpBpDSi7jpsp76PFQ8Dz2Ro5rYmBrG1a4YcuKFVDN Eq9JjSiXzEBdwhcmvMqSSjrM409vnAiJB+6SsfUQEMI= X-Google-Smtp-Source: ANB0VdauJsHWCjzs21wFKaOrgXG9FD1suItiYyFoiJdEWf2BNBlc78j5Ffo4dZvJdJGWrbd9mAXu92cHoam4tTHZPoI= X-Received: by 2002:a1c:90e:: with SMTP id 14-v6mr6942147wmj.130.1536870051024; Thu, 13 Sep 2018 13:20:51 -0700 (PDT) MIME-Version: 1.0 References: <20180812163734.GV499@boulet.lan> <CAJowKg+h11YkwOo-gyWCw+87Oh-9K34LOnJ1730hhpoVR2m5sA@mail.gmail.com> <20180903000518.GB18522@boulet.lan> <CAJowKg+PDtEV3je_N9Ra6u3n4+ZQ3ozYapt8ivxGYYU28Qad+w@mail.gmail.com> <CAAS2fgT0uBGbLBOW4TxA-qCzOLwoQ1qSV-R0dMKRzPLAm_UOqQ@mail.gmail.com> <CAJowKg+-45h6vraL1PpnqfhHSbG+G40L+FD7xN+C-Dn1E6Y_Vg@mail.gmail.com> <CAAS2fgSfdfQ2CiEabjrjspQGQufwzk84f1mzM1j_LRWqAPd8wA@mail.gmail.com> <CAJowKgK3Pxev4pDH4xVLPvmHda8oAfq=fya4TY+_dodUJ7j9Nw@mail.gmail.com> <CAAS2fgQOb4UJBkH=pMre=tsbAUmMNYx=4jkBawX4Rc_dKcpwZg@mail.gmail.com> <CAJowKgK9UdavrGnKum43dx+DXe+LakHXuVU6bNhMFtEoy2U3Og@mail.gmail.com> <20180913184649.GC18522@boulet.lan> In-Reply-To: <20180913184649.GC18522@boulet.lan> From: Erik Aronesty <erik@q32.com> Date: Thu, 13 Sep 2018 16:20:36 -0400 Message-ID: <CAJowKg+0uOZ5_ryFit6-GW_fEbkXwBU8m7VAAOxgZAzP_5rF8A@mail.gmail.com> To: apoelstra@wpsoftware.net Content-Type: multipart/alternative; boundary="0000000000007515910575c67147" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,FREEMAIL_FROM,HTML_MESSAGE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Fri, 14 Sep 2018 13:50:09 +0000 Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org> Subject: Re: [bitcoin-dev] Schnorr signatures BIP X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> X-List-Received-Date: Thu, 13 Sep 2018 20:20:53 -0000 --0000000000007515910575c67147 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable The paper refers to either: a) building up threshold signatures via concatenation, or. implicitly - in Bitcoin - b) by indicating that of M of N are valid, and requiring a validator to validate one of the permutations of M that signed - as opposed to a scheme, like a polynomial function, where the threshold is built in to the system. Maybe there's another mechanism in there that I'm not aware of - because it's just too simple to mention? - Erik On Thu, Sep 13, 2018 at 2:46 PM Andrew Poelstra <apoelstra@wpsoftware.net> wrote: > On Tue, Sep 11, 2018 at 01:37:59PM -0400, Erik Aronesty via bitcoin-dev > wrote: > > - Musig, by being M of M, is inherently prone to loss. > > > > It has always been possible to create M-of-N threshold MuSig signatures > for any > M, N with 0 < M =E2=89=A4 N. This is (a) obvious, (b) in our paper, (c) > implemented at > > > https://github.com/apoelstra/secp256k1/blob/2018-04-taproot/src/modules/m= usig/main_impl.h > > -- > Andrew Poelstra > Research Director, Mathematics Department, Blockstream > Email: apoelstra at wpsoftware.net > Web: https://www.wpsoftware.net/andrew > > "Make it stop, my love; we were wrong to try > Never saw what we could unravel in traveling light > Nor how the trip debrides like a stack of slides > All we saw was that time is taller than space is wide" > --Joanna Newsom > > --0000000000007515910575c67147 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div>The paper refers to either:</div><div><br></div><div>= =C2=A0 a) building up threshold signatures via concatenation, or. implicitl= y - in Bitcoin - <br></div><div>=C2=A0 b) by indicating that of M of N are = valid, and requiring a validator to validate one of the permutations of M t= hat signed - as opposed to a scheme, like a polynomial function, where the = threshold is built in to the system.</div><div><br></div><div>Maybe there&#= 39;s another mechanism in there that I'm not aware of - because it'= s just too simple to mention?</div><div><br></div><div>- Erik<br></div><div= ><br></div><div><br></div><div><br></div><div><br></div><div><br></div></di= v><br><div class=3D"gmail_quote"><div dir=3D"ltr">On Thu, Sep 13, 2018 at 2= :46 PM Andrew Poelstra <<a href=3D"mailto:apoelstra@wpsoftware.net" targ= et=3D"_blank">apoelstra@wpsoftware.net</a>> wrote:<br></div><blockquote = class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid= ;padding-left:1ex">On Tue, Sep 11, 2018 at 01:37:59PM -0400, Erik Aronesty = via bitcoin-dev wrote:<br> > - Musig, by being M of M, is inherently prone to loss.<br> ><br> <br> It has always been possible to create M-of-N threshold MuSig signatures for= any<br> M, N with 0 < M =E2=89=A4 N. This is (a) obvious, (b) in our paper, (c) = implemented at<br> <br> <a href=3D"https://github.com/apoelstra/secp256k1/blob/2018-04-taproot/src/= modules/musig/main_impl.h" rel=3D"noreferrer" target=3D"_blank">https://git= hub.com/apoelstra/secp256k1/blob/2018-04-taproot/src/modules/musig/main_imp= l.h</a> <br> <br> -- <br> Andrew Poelstra<br> Research Director, Mathematics Department, Blockstream<br> Email: apoelstra at <a href=3D"http://wpsoftware.net" rel=3D"noreferrer" ta= rget=3D"_blank">wpsoftware.net</a><br> Web:=C2=A0 =C2=A0<a href=3D"https://www.wpsoftware.net/andrew" rel=3D"noref= errer" target=3D"_blank">https://www.wpsoftware.net/andrew</a><br> <br> "Make it stop, my love; we were wrong to try<br> =C2=A0Never saw what we could unravel in traveling light<br> =C2=A0Nor how the trip debrides like a stack of slides<br> =C2=A0All we saw was that time is taller than space is wide"<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0--Joanna Newsom<br> <br> </blockquote></div> --0000000000007515910575c67147--