Good morning aj,
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On March 21, 2018 7:21 PM, Anthony Towns <a...@erisian.com.au> wrote: > On Wed, Mar 21, 2018 at 03:53:59AM -0400, ZmnSCPxj wrote: > > > Good morning aj, > > Good evening Zeeman! > > [pulled from the bottom of your mail] > > > This way, rather than gathering signatures, we gather public keys for > > aggregate signature checking. > > Sorry, I probably didn't explain it well (or at all): during the script, > > you're collecting public keys and messages (ie, BIP 143 style digests) > > which then go into the signing/verification algorithm to produce/check > > the signature. Yes, I think this is indeed what OP_CHECK_AGG_SIG really does. What I propose is that we have two places where we aggregate public keys: one at the script level, and one at the transaction level. OP_ADD_AGG_PUBKEY adds to the script-level aggregate, then OP_CHECK_AGG_SIG adds the script-level aggregate to the transaction-level aggregate. Unfortunately it will not work since transaction-level aggregate (which is actually what gets checked) is different between pre-fork and post-fork nodes. It looks like signature aggregation is difficult to reconcile with script... Regards, ZmnSCPxj _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev