Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 93985C0001 for ; Sat, 15 May 2021 20:35:53 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 75A1240482 for ; Sat, 15 May 2021 20:35:53 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LOAVgEAp49dz for ; Sat, 15 May 2021 20:35:52 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) by smtp4.osuosl.org (Postfix) with ESMTPS id 0B2C44047D for ; Sat, 15 May 2021 20:35:51 +0000 (UTC) Received: by mail-ej1-x634.google.com with SMTP id l1so3443971ejb.6 for ; Sat, 15 May 2021 13:35:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pSLj67+ZAyiPOZLPS4OysCIWh7TMF/dLX3SDmtIASEg=; b=kA//1C27fczBIztgE2ImByOxPGCyNsdC/he9D5fEvnxTgkk3JOQuxkRcqVq/cecpwx j+ocigAhjVjZh7vLt+VUd9PbrhhVduDimej3n3PoA9eygVHXxpDyAS4za4PLoOhDFrSJ XO4LLf7ezbWU/HZnUzG8Z3OIVQtSqWYp7EAW2R+g7/MG8xDtTxAocU69Y9brAXtF0ZVP TP485a5gT3YMX21bd3heX2O6WFaygiNlXv5flfKPCdcKQGnEWBbE9dp1wYe3aQ/1pvpo JSEn+5DShacSJOV/mQ0p2pTyu6U9DRQ4GtO44MwBpVL4qT6EtvdZUpdWZm3lypfT2j+2 7Vcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pSLj67+ZAyiPOZLPS4OysCIWh7TMF/dLX3SDmtIASEg=; b=fDYhg4UkLqyuH75QO9dM2Qcqdmt2dG2qt4HVywyHMLFt0gBTLvxLjVpUH/Dmi4Mi8s CjQxFA0tLVNkwXvtKjEKX1LCtDPlfRZTLPvJcEa7lX0V/37QlXvi+ENrIE4ZTeEa37gp Suayu0dilMGbsN7nCfMnG+DWwwEVqSIUT/x5nMwD8KYbRPnDDgw3rkReN55kFC9RnRlO GeOLuKHjWMies9xEqNqFCAKAW0xDnMEEgL9SExcA4MAkGc4VgHBcylXCWkS8+IbzJjRh jEFn75KxTcIK/Qh6tg6n67mETlSLUb0AkKx4NftTrZqX6+6m3flO/gIivIQEZMX388rC 7+hw== X-Gm-Message-State: AOAM532LMZ5gk3ZnKWUCd6pIwAnJEeROP97QB63nNp+ZMTzFaFqOJc63 N4tFulARwWZv0sGA4j3yMACGHGPrTbDHi1lj8nyliHjThG8= X-Google-Smtp-Source: ABdhPJwfem+eMNzzb1q10TAjgTxB1uLFnzGxYBk/kb3KP4P2YtArGu7MN9PBh18QVG55/EcyuCnIiVZKSUYyvSTP5sw= X-Received: by 2002:a17:906:2ed0:: with SMTP id s16mr28840014eji.543.1621110950185; Sat, 15 May 2021 13:35:50 -0700 (PDT) MIME-Version: 1.0 References: <131606955-6366ea10aec2eec765339d72e7c936ab@pmq5v.m5r2.onet> <13a8be987fc22ecc6284de4b84ef5310f2cd420c.camel@timruffing.de> In-Reply-To: <13a8be987fc22ecc6284de4b84ef5310f2cd420c.camel@timruffing.de> From: Ruben Somsen Date: Sat, 15 May 2021 22:35:37 +0200 Message-ID: To: vjudeu@gazeta.pl Content-Type: multipart/alternative; boundary="00000000000053ccf905c2644e29" X-Mailman-Approved-At: Sat, 15 May 2021 20:36:14 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Sum of the keys attack on taproot X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 May 2021 20:35:53 -0000 --00000000000053ccf905c2644e29 Content-Type: text/plain; charset="UTF-8" What Tim said is right. To add to that, you may also wish to read about MuSig: https://blockstream.com/2018/01/23/en-musig-key-aggregation-schnorr-signatures/ Cheers, Ruben On Sat, May 15, 2021 at 10:32 PM Tim Ruffing via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > On Sat, 2021-05-15 at 12:21 +0200, vjudeu via bitcoin-dev wrote: > > > > All that is needed is producing a signature matching the sum of the > > public keys used in taproot, which is "(a+b-a)*G", > > This is simply not true. > > Taproot does not enable this, or any other form of "cross-input > aggregation", i.e., spending multiple UTXOs with a single signature. > > > Tim > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --00000000000053ccf905c2644e29 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
What Tim said is right. To add to that, you may also wish = to read about MuSig:

=
Cheers,
Ruben

On Sat, May 15, 2021 at 10:32 PM Tim Ruff= ing via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
On Sat, 2021-05-15 at 12:21 +020= 0, vjudeu via bitcoin-dev wrote:


>=C2=A0 All that is needed is producing a signature matching the sum of = the
> public keys used in taproot, which is "(a+b-a)*G",=C2=A0

This is simply not true.

Taproot does not enable this, or any other form of "cross-input
aggregation", i.e., spending multiple UTXOs with a single signature.= =C2=A0


Tim

_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--00000000000053ccf905c2644e29--