Thread - Nostr Hypermedia

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ me@mleku.dev 3 months ago

segwit enabled a cheap spam vector. taproot also opened up a vulnerability. i don't think segwit was intentional but i was in the schnorrr signatures camp back in those days. IMO segwit needs to be deprecated and people encouraged to move their UTXOs to taproot. taproot still hasn't achieved full penetration yet, but the benefits of taproot are manifold, not the least of which being full channel open privacy and improved coinjoin transaction sizes since multisigs only take one combined signature for potentially hundreds of signers. taproot also was unnecessarily complicated on the API side. simply using taproot signatures (schnorr) is obfuscated by the API, because of the "tweak" thing. that tweaking is for smart contract sub-addresses. but you can perfectly well use taproot as a simple HD keychain as well, since tweaking and HD path derivation is much the same type of thing

↑ Parent

Replies (2)

epsql epsql@nsec.app 3 months ago

What about P2TR addresses exposing the public key? Wouldn't that be quantum vulnerable?

2 replies ↓

SatsAndSports 3 months ago

Thanks @mleku for giving an answer with some details, and @epsql for raising the quantum-resistance point about TR While witnesses have a discount, normal monetary transactions also benefit from the same discount as they also use the witness What concretely could be done differently? Maybe the discount should apply only to small witnesses, so that larger - potentially spammy - witnesses pay more? (It's too late to include this change to the discount rules, as it's a consensus change, but I'm just curious to discuss these issues to learn more)

1 replies ↓