On 3/25/25 4:16 AM, Sjors Provoost wrote:
Matt Corallo wrote:
In that scenario you'd need to use a NUMS point for the key path. Or maybe
that's unsafe, in which case we'd need a new Taproot version without key path
support (or BIP360). That's also not a difficult soft fork, but now again you
have something that only a small set of users will want to use.
A NUMS point does not suffice unless we explicitly soft-fork out spending from
that NUMS point (which is, of course, doable).
This could be a solution to the sequencing conundrum that I tried to explain.
Along with the first PCQ scheme for tapscript (script path), we could have a
soft that disables one or more NUMS points. The latter has zero effect under
the current cryptographic assumptions, so it's not confiscatory.
That way people can start using the scheme without having to worry about
whether the community decides to freeze key path spending in time. They'll
still worry about the market value of their coins, but not about whether
they're going to be the first victim (or the umpteenth victim while everyone is
in denial and blames them for poor key management).
Mmm, yea, fair enough, that seems perfectly reasonable to include.
Matt
--
You received this message because you are subscribed to the Google Groups "Bitcoin
Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/bitcoindev/1c7817fa-6451-4256-b8ce-ddca45abbf52%40mattcorallo.com.
