1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
|
Delivery-date: Fri, 03 Oct 2025 08:51:58 -0700
Received: from mail-oa1-f60.google.com ([209.85.160.60])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDRYHVHZTUGRBFHC77DAMGQEJQE54GA@googlegroups.com>)
id 1v4i4c-0002WC-FM
for bitcoindev@gnusha.org; Fri, 03 Oct 2025 08:51:58 -0700
Received: by mail-oa1-f60.google.com with SMTP id 586e51a60fabf-33bb2e3a481sf4885114fac.2
for <bitcoindev@gnusha.org>; Fri, 03 Oct 2025 08:51:58 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1759506712; cv=pass;
d=google.com; s=arc-20240605;
b=OS5XpicYGna9u6hr4fO3AazFoVBN12Aoh7U1RiTVc+82D0RFXfmpk6A1IIj4nlk0+J
tNONaxkd0vXPgJy5sylCKJmrhra211LAHFqFqFGGy8clplxD2524SCm18sQtKUAt4hRC
42oQNikJHX7tBiVawvmrpiJxXxD/M7w9/IQ0kSiDvFOOFE3TGcD4hXl0P9C/CWCVKU9G
eus8zzREwmDpcSQQtIUYhT8NI0IxBA/P/zfc9XfuwUyyM08nttMNuROmWsXn6aJtK9eo
7H8rcazdgwVspr923ysWGYqhrY5Xx2kBescZz3XjCrBJRmBN6zem0vNnGK289dyECT1y
fZgw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:in-reply-to:content-disposition
:mime-version:references:message-id:subject:cc:to:from:date
:feedback-id:sender:dkim-signature;
bh=TYTwpMuM5QzJzwFLR3UttfBs1+r7HHn21ej0Pw00s4g=;
fh=UaqnHd+W7gikAVrG/TtKjefEPkmjT1xpPurywZ3XUdA=;
b=bEW3NCks3U6OCGTGNHZwSZSUoqSBIXMQAnXLa2ChpzCkVlfJZcuhvgw9FpAMEkoAr/
RPJ0DfeMrshWsiFNjWihji4cY2rLr44UXdgSJ10W35kk3AlLmuYYAeX2FyGeZhMHUDwG
XfxAe2PfjKiheC9eHNaOmIQ0A1pY/gkhSVHfCqjq46TBt7pQKiYRFBaDnFgelYFMkPFL
NR5ApocprL77+qTVV18Z+aXK4W4h4ZGNepfQP6Q2SmPzLeJxJ1ZbvJdaBeACiIvxqrW+
4MKeEn+iQNaG5qUijCGO8DK4XAp3WqedNVdrLnx/eKP1J/gl2PVNDdpWUWiBcsDDGOJf
QiBw==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=L9Ou89SZ;
spf=pass (google.com: domain of pete@petertodd.org designates 103.168.172.152 as permitted sender) smtp.mailfrom=pete@petertodd.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1759506712; x=1760111512; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id:sender
:from:to:cc:subject:date:message-id:reply-to;
bh=TYTwpMuM5QzJzwFLR3UttfBs1+r7HHn21ej0Pw00s4g=;
b=Rqg6paAFNzM7d5hJqxT0gbY+OPCHvVTE7CufsbbZmYCxcyz6eo/HuY97QjXlJm2r0Y
l7Ta4MXoeO2lSRDHbfGAHe1KReAVmmjnIXQg0k8H9pAY4Z4lQocjF6/3mPFudkvwyDek
M0klSkhObg4sD2uiTLRjrDb9MnwOPjDcWS2SQ7HNHNYAqLW4zyVfMqMGh5fx+XuIjyuv
CGwKBul9GZuoqOuYu2VtZ4ZReNUhM49kZfUpbAdUx+oflj00w64eOOQ2NfeGw5oc78Lt
qOX7gEP8gszq2wZ6ciQhEr4EvBY3HHgKvQJbv2FO/Yx3KazW8yNjXWJeOYTAF5rLkZ6a
HFsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1759506712; x=1760111512;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id
:x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
:message-id:reply-to;
bh=TYTwpMuM5QzJzwFLR3UttfBs1+r7HHn21ej0Pw00s4g=;
b=CFz1wo9ZuHm8wD8PP8AHnGRKMrR/PzEsYCG3rr5fGLjtCNESAVlDg9LEzTBUefywQY
zSIOSvXPczr+0lhKML4jua4wWzZzjjXTurAGXqje/FcLLzSpBQ/geLhrhL+Ix+5C8zWM
BEKjXU2lqZDxvunJa7WB5DQ91+be7Bmqffv7/qWgR+pKD+fKRtpVqy+EvK8uu7Ae/SG8
RAgZPrixcxjgSp7KnoWToX6dAuWj6TW+POq3gcbNkQDgTWJ19msQpNHxDa9u6kdO1USu
MejmZUTHg0VdmgSsogLlIw6Tnh0qu+1qa7h+ST9Oh7BsCwR3ZG5g8c7S/AWZC5GAros3
ARrQ==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCUZIgBFawVBO8mTIUundz4kTZmiDkqTiLNexskjSCNRhQDmxVFKV8I2WEJ0vmuQ7RNcwMr5N/0XoxtB@gnusha.org
X-Gm-Message-State: AOJu0YxOIfGqV52s6sb3s0/xoM9NJRaXoQLDsEhwHUDX88gioGFJ59MP
TNSHd65SCSROu5oI3IxtyvC1j9bMNbaDZs5bQ/QPL44Zmuipip6GVb3i
X-Google-Smtp-Source: AGHT+IHGFHuuiMIm0proDUfe+UPPmfehy4sXTQ+oQzogLhYW6hefJpr47Rb/I0Zu4Otphhu2hpqYqg==
X-Received: by 2002:a05:6870:80cb:b0:30c:2b9:6bb6 with SMTP id 586e51a60fabf-3b0f46fbe07mr2059779fac.0.1759506712520;
Fri, 03 Oct 2025 08:51:52 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h="ARHlJd6LCpU2FMYXaj2o6wrn6ISnsu2f4K3b1CHZLnj6gHfkAg=="
Received: by 2002:a05:6871:d685:20b0:330:f9af:ee37 with SMTP id
586e51a60fabf-3abfec49dcals962927fac.1.-pod-prod-01-us; Fri, 03 Oct 2025
08:51:48 -0700 (PDT)
X-Received: by 2002:a05:6808:1b2a:b0:438:3d00:a46a with SMTP id 5614622812f47-43fc186944fmr1842700b6e.43.1759506708319;
Fri, 03 Oct 2025 08:51:48 -0700 (PDT)
Received: by 2002:a05:620a:a102:b0:851:28d8:13e with SMTP id af79cd13be357-877bbf10b61ms85a;
Fri, 3 Oct 2025 06:24:46 -0700 (PDT)
X-Received: by 2002:a05:6102:512b:b0:5b9:c38a:c4f9 with SMTP id ada2fe7eead31-5d41d1728fcmr970464137.31.1759497885489;
Fri, 03 Oct 2025 06:24:45 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1759497885; cv=none;
d=google.com; s=arc-20240605;
b=JWGXWby5tVJwrRLOCx4yO3eQU0vUBaENB3CR2Vn0x5LPPlyu8BT5CIovLUweBmmfsE
moh08Q73NkcPbfff60osOqfL7TKqhQznBltYa21zEhXOlS9A+v6Ve/pQZGCKdaZGVaoX
s5+RNUdRRBecBdUy2qVihk50zgwXGCANYwTvAyhHy6dWcidYxrxJEiEWoR7B871tRVbH
KwvYDe3sERYcZwNI7MkOkZeJi7+qMXKFznCFu8V+Ghb/JsdANut9rgIMDqpn3gUxSOqa
Wb/de3d69IZwFKEfmLbPb+kMnzV/JXoKw7p82QNU85zocb+FQ/s3LbcFH+MjLHcowQ4X
X5NQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=in-reply-to:content-disposition:mime-version:references:message-id
:subject:cc:to:from:date:feedback-id:dkim-signature;
bh=eCrS1atqw3v24jaRzZiL2gWtq/g5yVmDvFpCsRbdAbE=;
fh=zwD6MnSx31+wTUYXvjlRY9wKEAVfUFCZok1hjFoWcUg=;
b=JQOl32Yd5+BRQM/7TXs6aSp3uZ/vKG8AYOeHpgYGskeLj2gQF6bXol1e8saZR74Lq7
3qgegBGqm3BujOynzi0onRNznWOhnzarV9aowtlVpZWojXypikKbg8b5hcZvoECe3jtp
LYeLBhMq5X75rRb7KOj9m+wXGy6LgXcR2bkOE7C/3d4EYzCRQI678+kFA0dAqinfs198
mSbahWYRBP/UMqHxZEHfbhJ2hD7LvT9lFLqpkO7q4dXNvSLeYXhsN7A3SiXfT7nFrB+3
rRRS5VjMjzYeN8OfBfoR28Eo6YaREjYUnLuLsc4QuzWzTNHGf2vQqExhRZGMvKLhCQUJ
DWoA==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=L9Ou89SZ;
spf=pass (google.com: domain of pete@petertodd.org designates 103.168.172.152 as permitted sender) smtp.mailfrom=pete@petertodd.org
Received: from fhigh-a1-smtp.messagingengine.com (fhigh-a1-smtp.messagingengine.com. [103.168.172.152])
by gmr-mx.google.com with ESMTPS id a1e0cc1a2514c-92eb4c4ab3bsi207462241.0.2025.10.03.06.24.45
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 03 Oct 2025 06:24:45 -0700 (PDT)
Received-SPF: pass (google.com: domain of pete@petertodd.org designates 103.168.172.152 as permitted sender) client-ip=103.168.172.152;
Received: from phl-compute-10.internal (phl-compute-10.internal [10.202.2.50])
by mailfhigh.phl.internal (Postfix) with ESMTP id 2071714001BA;
Fri, 3 Oct 2025 09:24:45 -0400 (EDT)
Received: from phl-mailfrontend-01 ([10.202.2.162])
by phl-compute-10.internal (MEProxy); Fri, 03 Oct 2025 09:24:45 -0400
X-ME-Sender: <xms:nM7faHCvsLra49DPZojgkP6v-xFL7RUBKHeoOzlHGnVZCfq2N_B52g>
<xme:nM7faJ0_xNdbF8OMq_3S91rochtV7r9mk0V9pccDEweIgCyE5eHGULGH6kSWrxfob
5C9KC6UV6Kf2TerIRD50JDLb1G7tzzSNlNcWGpTIMLqvgVz5PF1luE>
X-ME-Received: <xmr:nM7faFUtcQkqJdcXjR8xIwmAkBDLM1MvwR1-Jq4xB_ABe17O3amr_yCi>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdekledtudcutefuodetggdotefrod
ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr
ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug
hrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvghtvghrucfv
ohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrthhtvghrnh
eptddtgedtffetueekfffhffekkeeihfetuddvteejueejffegveeghfduteejhfevnecu
ffhomhgrihhnpehgihhthhhusgdrtghomhdpphgvthgvrhhtohguugdrohhrghenucevlh
hushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvghtvgesphgv
thgvrhhtohguugdrohhrghdpnhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouh
htpdhrtghpthhtohepvghkrghgghgrthgrsehgmhgrihhlrdgtohhmpdhrtghpthhtohep
sghithgtohhinhguvghvsehgohhoghhlvghgrhhouhhpshdrtghomh
X-ME-Proxy: <xmx:nM7faLlK2gxEsMwJVhPiJ0vGlnnccdRTgS0j-zlMicEskbvaaC67Vw>
<xmx:nM7faPD86BwbLEophuwhMo0SPwSv57J-lTmEpCteUXjNoqS1_T5LNg>
<xmx:nM7faDebjRcknwthrXvXPI8PuJu8oWb7GwBjnA4YNa07ZmeeZDjw6Q>
<xmx:nM7faCL-OPOgFmWZPfY75GfDuJyz_AxgvNnG59G5XpJxemtEc2mTvg>
<xmx:nc7faCdLCy2BtuMEFa_vkGUvDNzxf1EWl0Y6NXGcuBL9Qz0lXdooYe8i>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
3 Oct 2025 09:24:44 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
id 99E009FC9B; Fri, 3 Oct 2025 13:24:38 +0000 (UTC)
Date: Fri, 3 Oct 2025 13:24:38 +0000
From: Peter Todd <pete@petertodd.org>
To: waxwing/ AdamISZ <ekaggata@gmail.com>
Cc: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] On (in)ability to embed data into Schnorr
Message-ID: <aN_OlgvB-Co1BL19@petertodd.org>
References: <0f6c92cc-e922-4d9f-9fdf-69384dcc4086n@googlegroups.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="qq1aX4FXbpeNWI67"
Content-Disposition: inline
In-Reply-To: <0f6c92cc-e922-4d9f-9fdf-69384dcc4086n@googlegroups.com>
X-Original-Sender: pete@petertodd.org
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@messagingengine.com header.s=fm2 header.b=L9Ou89SZ; spf=pass
(google.com: domain of pete@petertodd.org designates 103.168.172.152 as
permitted sender) smtp.mailfrom=pete@petertodd.org
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)
--qq1aX4FXbpeNWI67
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
On Wed, Oct 01, 2025 at 07:24:50AM -0700, waxwing/ AdamISZ wrote:
> Hi all,
>
> https://github.com/AdamISZ/schnorr-unembeddability/
>
> Here I'm analyzing whether the following statement is true: "if you can
> embed data into a (P, R, s) tuple (Schnorr pubkey and signature, BIP340
> style), without grinding or using a sidechannel to "inform" the reader, you
> must be leaking your private key".
>
> See the abstract for a slightly more fleshed out context.
>
> I'm curious about the case of P, R, s published in utxos to prevent usage
> of utxos as data. I think this answers in the half-affirmative: you can
> only embed data by leaking the privkey so that it (can) immediately fall
> out of the utxo set.
>
> (To emphasize, this is different to the earlier observations (including by
> me!) that just say it is *possible* to leak data by leaking the private
> key; here I'm trying to prove that there is *no other way*).
You can probably use timelock encryption to ensure that the leak of the private
key only happens in the future, after the funds are recovered by the owner in a
subsequent transaction.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/aN_OlgvB-Co1BL19%40petertodd.org.
--qq1aX4FXbpeNWI67
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmjfzpcACgkQLly11TVR
LzdPKQ/7B9YF8eVl+9mknfuZqocTJT2hks/hisRx6J2ZyoHs8cJMFpsoAkQGGsvM
JeDGKz3t6RkkFENwUTZOYdw0LQTlKsy2TI9zZQG7rO8/wRch3MTr59O2GkPxk4fi
SXLqBXP2OGVfU/c051WMCJ5/An0oT4LNKzWOXGRPpkhftZUD3rjyZaCEe1+nK5yR
kuLjhl75/3oRVRdaAwxdiVuvMRz4c/fEoImSTVpJVK51JcuTdrChwZNBsArJSUZQ
JQ6nujSeRD3mEM58+vlmOKxMUkeB7R+lh2OnyTv7sgGrTEhkHsDR3gV5IvkFrYXq
rmrnCvPi48iWPL0m+bm4NmCGnZqPwcdxYXSBVnolpUzt4tA8d5OyxFI2xvIFtzCi
FjCFT3Ek+1apUDFjV4CLp5GXkdItiWnPwOwhY3GKfP4aa2KWXLHAFRY6QzrP+h+i
l+xf0Yh2hE0kTNyqu6lhxMeo4tWE1G0FgfgzrqoJYb+P/xDCex23oXx7PBUdHfXg
7QTNIMCFT8z+MVHHBct761DiS+y8NDW4XCwIKo0LGeGZPCHKYcKw4tQXIbUXrOtW
hYtj0upungN1U911QR/1FGxz3+cwx+UzTD80Rdd6VTXKpLX9kR+L+R2msce5DPv8
8hyQGWA6jGONK5xY0H3dY5HuUrm5iGawOK/tz/TzNUpk7h4mNUg=
=ZQuz
-----END PGP SIGNATURE-----
--qq1aX4FXbpeNWI67--
|
