Replying to Avatar fiatjaf

Taproot removed the differentiator byte (I have no idea how it's called) from pubkeys and Nostr copied that.

Turns out that makes stuff like MuSig2 more cumbersome because you can't easily check if two npubs combined yield a third npub without knowing if the npubs are 02 or 03, even or odd.

But fear no more, `nak key combine`, when given any set of pubkeys, even if they don't have the aforementioned 02/03 byte, now outputs all possible combinations between the two keys so you can use your eyes and spot the correct one.

How bad is this idea?
Avatar
tegila.js 1y ago

Haha, it was done to enable signature aggregation aka Schnorr signatures to combine multiple signatures into one single proof.

https://medium.com/badger-blockchain/schnorr-signatures-following-in-the-steps-of-segwit-a4c515c02e22

Had seen long threads talking about the implications in removing the sign bit but had to record some of them.

Reply to this note

Please Login to reply.

Discussion

Avatar
waxwing 1y ago

Schnorr sig aggregation would have worked fine with the old serialization.