Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 32E76C0032 for ; Wed, 11 Oct 2023 23:48:11 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 09BD5401A1 for ; Wed, 11 Oct 2023 23:48:11 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 09BD5401A1 X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 37zR8Mrz9tEd for ; Wed, 11 Oct 2023 23:48:09 +0000 (UTC) Received: from cerulean.erisian.com.au (azure.erisian.com.au [172.104.61.193]) by smtp2.osuosl.org (Postfix) with ESMTPS id EE3C5400EA for ; Wed, 11 Oct 2023 23:48:08 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org EE3C5400EA Received: from aj@azure.erisian.com.au by cerulean.erisian.com.au with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qqivq-00043h-Nr; Thu, 12 Oct 2023 09:48:05 +1000 Received: by email (sSMTP sendmail emulation); Thu, 12 Oct 2023 09:47:58 +1000 Date: Thu, 12 Oct 2023 09:47:58 +1000 From: Anthony Towns To: Andrew Chow , Bitcoin Protocol Discussion Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam_score: -0.0 X-Spam_bar: / Subject: Re: [bitcoin-dev] Proposed BIP for MuSig2 PSBT Fields X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Oct 2023 23:48:11 -0000 On Tue, Oct 10, 2023 at 10:28:37PM +0000, Andrew Chow via bitcoin-dev wrote: > I've written up a BIP draft for MuSig2 PSBT fields. It can be viewed at > https://github.com/achow101/bips/blob/musig2-psbt/bip-musig2-psbt.mediawiki. I was hoping to see adaptor signature support in this; but it seems that's also missing from BIP 327? Though libsecp256k1-zkp has implemented it: https://github.com/BlockstreamResearch/secp256k1-zkp/blob/master/include/secp256k1_musig.h (adaptor arg to process_nonce; adapt, and extract_adaptor functions) https://github.com/BlockstreamResearch/secp256k1-zkp/blob/master/src/modules/musig/musig.md#atomic-swaps I would have expected the change here to support this to be: * an additional field to specify the adaptor, PSBT_IN_MUSIG2_PUB_ADAPTOR (optional, 33B compressed pubkey, 32B-hash-or-omitted), that signers have to take into account * an additional field to specify the adaptor secret, PSBT_IN_MUSIG2_PRIV_ADAPTOR (32B), added by a Signer role * PartialSigAgg should check if PUB_ADAPTOR is present, and if so, incorporate the value from PSBT_IN_MUSIG2_PRIV_ADAPTOR, failing if that isn't present (Note that when using adaptor signatures, signers who don't know the adaptor secret will want to ensure that the partial signatures provided by signers who do/might know the secret are valid. But that depends on the protocol, and isn't something that can be automated at the PSBT level, I think) Seems like it would be nice to have that specified asap, so that it can be supported by all signers? FWIW, "participant" is typoed a bunch ("particpant") and the tables are hard to read: you might consider putting the description as a separate row? eg: https://github.com/ajtowns/bips/blob/202310-table/bip-musig2-psbt.mediawiki Cheers, aj