was thinking it might be possible to create a protocol for signatures where some bounded elliptic curve parameters are in the script, allowing the efficient verification of a broad range of elliptic curves schnorr signatures... rather than a fixed curve
has anyone proposed this sort of thing before? seems like it could allow higher bitness, broad hsm compatibility, and a "decentralization and competitiveness" of security parameters for different environments would be useful to me, but not sure how many people care about this
_______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
