Oh 100%.
Good work!
If the attacker has the xpub then it's definitely much easier and it should be possible in one sig. Your aglo looks right. You can also do it in a single address reuse.
https://x.com/LLFOURN/status/1733992948294181299
The reason we thought this attack was notable and worth disclosing is that it doesn't depend whatsoever on the user's behavior or precautions (i.e. not giving out xpubs).
Discussion
No replies yet.