I’m at present learning Taproot and see its advantages concerning the utility of Schnorr Signature scheme, i.e. key aggregation. I simply understood that there are 2 spending paths of pay-to-taproot (P2TR), the important thing path, which in lots of instances takes benefit of the chance to mixture signatures. Then the choice spending path: script path. There's additionally the benefit of getting the identical deal with size, which makes, single sig, MuSig or different sophisticated addresses indistinguishable. Higher for privateness.
BIP-0360 proposes the implementation of pay-to-merkle root (P2MR), which is using solely the script path, primarily. And it was completed because of P2TR being susceptible to lengthy publicity assault.
screenshot from BIP-0360
Bummer!
So, how can we reap the benefits of using Schnorr signature scheme shifting ahead? How about those that don't truly use MuSig2 and different complexities, making a single sig pockets deal with solely? Are they only higher off avoiding P2TR then? Are there builders working to nonetheless implement Schnorr signature scheme for single key wallets, in a means much less susceptible to the lengthy publicity assault highlighted by BIP-0360?
submitted by /u/Bitcoinbakamo [comments]
Source link
