Good morning Robin et al,
It strikes me that it may be possible to Scriptless Script BitVM, replacing
hashes and preimages with points and scalars.
For example, equivocation of bit commitments could be done by having the prover
put a slashable fund behind a pubkey `P` (which is a point).
This s
Good morning list,
I have been thinking further on this with regards to BitVM.
By my initial analyses, it seems that BitVM *cannot* be used to improve this
idea.
What we want is to be able to restrict the actuary to only signing for a
particular spend exactly once.
The mechanism proposed in th
