Thanks a lot David for the suggestion and pointers, that's a really interesting solution. I will dive into that in-depth, it could be very useful for many layer-2 constructions.
Thanks ZmnSCPxj as well for the quick feedback and the `OP_CAT` construction, a lot of cool tricks coming up once (if?) we have such tools in the future ;) Le mar. 17 déc. 2019 à 16:14, ZmnSCPxj <zmnsc...@protonmail.com> a écrit : > Good morning David, t-bast, and all, > > > > I'm not aware of any way to currently force single-show signatures in > > Bitcoin, so this is pretty theoretical. Also, single-show signatures > > add a lot of fragility to any setup and make useful features like RBF > > fee bumping unavailable. > > With `OP_CAT`, we can enforce that a particular `R` is used, which allows > to implement single-show signatures. > > # Assuming signatures are the concatenation of (R,s) > <R> OP_SWAP OP_CAT <ACINQ> OP_CHECKSIG > > The above would then feed `s` only on the witness stack. > > Regards, > ZmnSCPxj >
_______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
