Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-01-19 | Add rationale on security assumptions | Pieter Wuille | |
2020-01-19 | Add an informal summary of the design | Pieter Wuille | |
2020-01-19 | Improve and restructure motivation and design | Pieter Wuille | |
2020-01-19 | bip-taproot: example from diagram | Matthew Zipkin | |
2020-01-19 | Update bip-schnorr.mediawiki | Pieter Wuille | |
Co-Authored-By: Tim Ruffing <crypto@timruffing.de> | |||
2020-01-19 | Linearity makes sign-for-sum-of-keys easier, not possible entirely. | Pieter Wuille | |
I'm sure it's possible to construct a complex MPC that can sign for the sum of keys under ECDSA as well. | |||
2020-01-19 | Update bip-schnorr.mediawiki | Tim Ruffing | |
2020-01-19 | Mention that we don't change the hash function | Tim Ruffing | |
2020-01-19 | Completely specified | Pieter Wuille | |
2020-01-19 | Low-S ECDSA is non-malleable under nonstandard assumptions | Pieter Wuille | |
2020-01-19 | Replace private key with secret key | Jonas Nick | |
2020-01-19 | Clarify why we don't want short hashes | Tim Ruffing | |
This is supposed to supersede https://github.com/sipa/bips/pull/158. I tried to say this carefully. I don't think that multiparty signing is in general broken with short hashes. For example the attack in #158 could be avoided by letting everybody not only commit to the nonce but also to the message. It's just that using a collision-resistant hash just eliminates the problem entirely... | |||
2020-01-19 | Fix reference formatting | Hennadii Stepanov | |
2020-01-19 | Typo: script signature max bytes unhashed are 247 | Orfeas Stefanos Thyfronitis Litos | |
2020-01-19 | Typo: max bytes hashed for sig is 210 | Orfeas Stefanos Thyfronitis Litos | |
2020-01-19 | Replace BIP66 link with BIP146 | Orfeas Stefanos Thyfronitis Litos | |
BIP66 does not mention the inherent ECDSA malleability, but BIP146 does | |||
2020-01-19 | fix singular/plural ambiguity | stefanwouldgo | |
2020-01-19 | Replace signing with signature before validation | Orfeas Stefanos Thyfronitis Litos | |
2020-01-19 | Link to proof sketch of security of implicit Y | Orfeas Stefanos Thyfronitis Litos | |
Thanks to @ajtowns for providing the link | |||
2020-01-19 | Mention that miners could malleate signatures | Orfeas Stefanos Thyfronitis Litos | |
2020-01-19 | Mention hash_type malleability would change wtxid | Orfeas Litos | |
2020-01-19 | Clarify bip-taproot digest difference to bip143 regarding sub-hashes | Jonas Nick | |
2020-01-19 | Improve clarity of footnotes for lift_x | Jonas Nick | |
2020-01-19 | Replace references to Euler's criterion with Legendre symbol in bip-schnorr | Jonas Nick | |
2020-01-19 | Fix bip-schnorr footnote 7 by specifying that we're referring to P's y ↵ | Jonas Nick | |
coordinate and not some undefined 'x' | |||
2020-01-19 | Fix @jonasnick's comment | Kalle Rosenbaum | |
2020-01-19 | Nits | Kalle Rosenbaum | |
2020-01-19 | Replace "both are not" with "neither is" | Orfeas Litos | |
2020-01-19 | Update bip-tapscript.mediawiki | andrewtoth | |
2020-01-19 | Add missing closing parenthesis and comma | andrewtoth | |
2020-01-19 | Fix paragraph naming and typo | Hennadii Stepanov | |
2020-01-19 | Rephrase "previous design choice" to "list above" | Orfeas Stefanos Thyfronitis Litos | |
2020-01-19 | grammar typo fix: inserted "be" | stefanwouldgo | |
2020-01-19 | Rename is_y_square to is_negated in taproot signing | Jonas Nick | |
2020-01-19 | Add missing dots that denote multiplication | Dmitry Petukhov | |
Throughout the document, elliptic curve multiplication is denoted with dots, as in `d'⋅G` as opposed to `d'G`. This is not the case in one place in the 'Default Signing' section, and one place in 'Adaptor Signatures' section Missing dots are added for consistency. | |||
2020-01-19 | Add missing quote | Orfeas Stefanos Thyfronitis Litos | |
2020-01-19 | Fix typo in schnorr, footnote 2 | Orfeas Stefanos Thyfronitis Litos | |
2020-01-19 | make clear it's script branch | Max Hillebrand | |
In this context we are talking about the script branch, not the Merkle tree branch, right? If so, then this should clear things up a little. | |||
2020-01-19 | tapscript: fix minor typo | Thomas Kerin | |
2020-01-19 | bip-taproot: clarify bip-schnorr reference code | Jon Atack | |
- update the paragraph in question to more clearly convey that the helper functions, and not the Python3 example code, are from the bip-schnorr reference code - add a link to the reference code in https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr/reference.py | |||
2020-01-19 | Add links to unlinked BIPs | Orfeas Stefanos Thyfronitis Litos | |
Only first mention of each BIP is made into a link | |||
2020-01-19 | Add clarification of semantics of 0x00 hash type | Adam Gibson | |
2020-01-19 | G refers to secp256k1 base point rather generator | Hennadii Stepanov | |
2020-01-19 | FIX: BIPs should be specified as lowercase to match filenames | Anthony | |
2020-01-19 | ADD: Require Schnorr and Taproot BIPs for Tapscript | Anthony | |
https://github.com/sipa/bips/pull/135#issuecomment-552754867 | |||
2020-01-19 | ADD: Require Schnorr BIP for Taproot | Anthony | |
Per https://github.com/bitcoin/bips/blob/master/bip-0001.mediawiki: "BIPs may have a Requires header, indicating the BIP numbers that this BIP depends on" | |||
2020-01-19 | tweak 211 bytes text | Dev Random | |
2020-01-19 | clarify 211 hash bytes and non-reuse of keys | Devrandom | |
2020-01-19 | remind reader where [:] is defined | Gregory Sanders | |
in addition to `point`. This caused confusion for one reader who expected inclusive at end of range. | |||
2020-01-19 | Replace R with P in taproot_tweak_seckey | Orfeas Stefanos Thyfronitis Litos | |